Hi, > > > Additionally, in our production environment, we need to ensure that > > > there are no non atomic replace livepatches in use. For instance, some > > > system administrators might still build livepatches outside of our CI > > > system. Detecting whether a single livepatch is atomic replace or not > > > is not easy. To simplify this, we propose adding a new sysfs attribute > > > to facilitate this check. > > > > > > BTW, perhaps we could introduce a new sysctl setting to forcefully > > > forbid all non atomic replace livepatches? > > > > I like it. This looks like the most reliable solution. Would it > > solve your problem. > > > > Alternative solution would be to forbid installing non-replace > > livepatches when there is already installed a livepatch with > > the atomic replace. I could imagine that we enforce this for > > everyone (without sysctl knob). Would this work for you? > > Perhaps we can add this sysctl knob as follows? > > kernel.livepatch.forbid_non_atomic_replace: > 0 - Allow non atomic replace livepatch. (Default behavior) > 1 - Completely forbid non atomic replace livepatch. > 2 - Forbid non atomic replace livepatch only if there is already > an atomic replace livepatch running. I would be more comfortable if such policies were implemented in the userspace. It would allow for more flexibility when it comes to different use cases. The kernel may provide necessary information (sysfs attributes, modinfo flag) for that of course. Miroslav
