On Wed, 22 Jan 2020, Josh Poimboeuf wrote: > On Wed, Jan 22, 2020 at 11:09:56AM +0100, Miroslav Benes wrote: > > > > > > > At this point, I only see downsides of -flive-patching, at least until > > > > > we actually have real upstream code which needs it. > > > > > > > > Can you explain this? The option makes GCC to avoid optimizations which > > > > are difficult to detect and would make live patching unsafe. I consider it > > > > useful as it is, so if you shared the other downsides and what you meant > > > > by real upstream code, we could discuss it. > > > > > > Only SLES needs it right? Why inflict it on other livepatch users? By > > > "real upstream code" I mean there's no (documented) way to create live > > > patches using the method which relies on this flag. So I don't see any > > > upstream benefits for having it enabled. > > > > I'd put it differently. SLES and upstream need it, RHEL does not need it. > > Or anyone using kpatch-build. > > I'm confused about why you think upstream needs it. > > Is all the tooling available somewhere? Is there documentation > available which describes how to build patches using that method from > start to finish? Are there actual users other than SUSE? > > BTW, kpatch-build has a *lot* of users other than RHEL. All its tooling > and documentation are available on Github. > > > It is perfectly fine to prepare live patches just from the source code > > using upstream live patching infrastructure. > > Do you mean the dangerous method used by the livepatch sample code which > completely ignores interprocedural optimizations? I wouldn't call that > perfectly fine. > > > After all, SLES is nothing else than upstream here. We were creating live > > patches manually for quite a long time and only recently we have been > > using Nicolai's klp-ccp automation (https://github.com/SUSE/klp-ccp). > > > > So, everyone using upstream directly relies on the flag, which seems to be > > a clear benefit to me. Reverting the patch would be a step back. > > Who exactly is "everyone using upstream"? > > >From what I can tell, kpatch-build is the only known way (to those > outside of SUSE) to make safe patches for an upstream kernel. And it > doesn't need this flag and the problems associated with it: performance, > LTO incompatibility, clang incompatibility (I think?), the GCC dead code > issue. I don't think we have something special at SUSE not generally available... ...and I don't think it is really important to discuss that and replying to the above, because there is a legitimate use case which relies on the flag. We decided to support different use cases right at the beginning. I understand it currently complicates things for objtool, but objtool is sensitive to GCC code generation by definition. "Issues" appear with every new GCC version. I see no difference here and luckily it is not so difficult to fix it. I am happy to help with acting on those objtool warning reports you mentioned in the other email. Just Cc me where appropriate. We will take a look. Regards Miroslav
