On Thu, Nov 29, 2018 at 10:44:23AM +0100, Petr Mladek wrote:
> The code for freeing livepatch structures is a bit scattered and tricky:
>
> + direct calls to klp_free_*_limited() and kobject_put() are
> used to release partially initialized objects
>
> + klp_free_patch() removes the patch from the public list
> and releases all objects except for patch->kobj
>
> + object_put(&patch->kobj) and the related wait_for_completion()
> are called directly outside klp_mutex; this code is duplicated;
>
> Now, we are going to remove the registration stage to simplify the API
> and the code. This would require handling more situations in
> klp_enable_patch() error paths.
>
> More importantly, we are going to add a feature called atomic replace.
> It will need to dynamically create func and object structures. We will
> want to reuse the existing init() and free() functions. This would
> create even more error path scenarios.
>
> [*] We need our own flag. Note that kobject_put() cannot be called safely
> when kobj.state_initialized is set. This flag is true when kobject_add()
> part failed. And it is never cleared.
> [*] We need our own flag. Note that kobject_put() cannot be called safely
> when kobj.state_initialized is set. This flag is true when kobject_add()
> part failed. And it is never cleared.
> This patch implements a more clever free functions:
^^^^^^^^^^^^^
re-wording suggestions: "simpler", "clearer", "more straightforward"
>
> + checks kobj_alive flag instead of @limit[*]
>
> + initializes patch->list early so that the check for empty list
> always works
>
> + The action(s) that has to be done outside klp_mutex are done
> in separate klp_free_patch_finish() function. It waits only
> when patch->kobj was really released via the _start() part.
>
> The patch does not change the existing behavior.
>
> [*] We need our own flag. Note that kobject_put() cannot be called safely
> when kobj.state_initialized is set. This flag is true when kobject_add()
> part failed. And it is never cleared.
Isn't kobj.state_initialized also true in the ordinary kobject_put() case
where kobject_add() succeeded?
If so, this note could be modified slightly:
(minimal change)
[*] We need our own flag. Note that kobject_put() cannot be called safely
just because kobj.state_initialized is set. This flag is even true when kobject_add()
part failed. And it is never cleared.
-- or --
(rewording)
[*] We need our own flag to track that the kobject was successfully
added to the hierarchy. Note that kobj.state_initialized only
indicates that kobject has been initialized, not whether is has been
added (and needs to be removed on cleanup).
>
> Signed-off-by: Petr Mladek <pmladek@xxxxxxxx>
> Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Cc: Miroslav Benes <mbenes@xxxxxxx>
> Cc: Jessica Yu <jeyu@xxxxxxxxxx>
> Cc: Jiri Kosina <jikos@xxxxxxxxxx>
> Cc: Jason Baron <jbaron@xxxxxxxxxx>
> ---
Acked-by: Joe Lawrence <joe.lawrence@xxxxxxxxxx>
>
> [ ... snip ... ]
>
> +static int klp_init_patch(struct klp_patch *patch)
> +{
> + struct klp_object *obj;
> + int ret;
> +
> + mutex_lock(&klp_mutex);
> +
> + ret = klp_init_patch_before_free(patch);
> if (ret) {
> mutex_unlock(&klp_mutex);
> return ret;
> }
>
I believe klp_init_patch_before_free() accumulates more responsibilities
later in the patchset, but I'll ask here: does it really need the
klp_mutex since it looks to be operating only on the klp_patch, its
objects and functions?
-- Joe
