From: Joe Lawrence <joe.lawrence@redhat.com>
To: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
live-patching@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Randy Dunlap <rdunlap@infradead.org>
Subject: Re: [PATCH] Revert "kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled"
Date: Mon, 20 Jul 2020 07:47:43 -0400 [thread overview]
Message-ID: <940c041f-84e8-337b-ae98-1086119ddf9a@redhat.com> (raw)
In-Reply-To: <9c53c755-a497-25f0-40ae-7e435be3269b@linux.vnet.ibm.com>
On 7/20/20 4:50 AM, Kamalesh Babulal wrote:
> On 20/07/20 9:05 am, Joe Lawrence wrote:
>> On 7/17/20 2:29 PM, Josh Poimboeuf wrote:
>>> Use of the new -flive-patching flag was introduced with the following
>>> commit:
>>>
>>> 43bd3a95c98e ("kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled")
>>>
>>> This flag has several drawbacks:
>>>
>>> [ ... snip ... ]
>>>
>>> - While there *is* a distro which relies on this flag for their distro
>>> livepatch module builds, there's not a publicly documented way to
>>> create safe livepatch modules with it. Its use seems to be based on
>>> tribal knowledge. It serves no benefit to those who don't know how to
>>> use it.
>>>
>>> (In fact, I believe the current livepatch documentation and samples
>>> are misleading and dangerous, and should be corrected. Or at least
>>> amended with a disclaimer. But I don't feel qualified to make such
>>> changes.)
>>
>> FWIW, I'm not exactly qualified to document source-based creation either, however I have written a few of the samples and obviously the kselftest modules.
>>
>> The samples should certainly include a disclaimer (ie, they are only for API demonstration purposes!) and eventually it would be great if the kselftest modules could guarantee their safety as well. I don't know quite yet how we can automate that, but perhaps some kind of post-build sanity check could verify that they are in fact patching what they intend to patch.
>>
>> As for a more general, long-form warning about optimizations, I grabbed Miroslav's LPC slides from a few years back and poked around at some IPA-optimized disassembly... Here are my notes that attempt to capture some common cases:
>>
>> http://file.bos.redhat.com/~jolawren/klp-compiler-notes/livepatch/compiler-considerations.html
>
> Hi Joe,
>
> The notes link you shared is not accessible.
>
Oops, lets try that again:
http://people.redhat.com/~jolawren/klp-compiler-notes/livepatch/compiler-considerations.html
-- Joe
next prev parent reply other threads:[~2020-07-20 11:47 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-17 18:29 [PATCH] Revert "kbuild: use -flive-patching when CONFIG_LIVEPATCH is enabled" Josh Poimboeuf
2020-07-20 3:35 ` Joe Lawrence
2020-07-20 8:50 ` Kamalesh Babulal
2020-07-20 11:47 ` Joe Lawrence [this message]
2020-07-21 11:27 ` Miroslav Benes
2020-07-21 11:17 ` Miroslav Benes
2020-08-06 9:24 ` Petr Mladek
2020-09-01 17:24 ` Josh Poimboeuf
2020-09-03 10:02 ` Petr Mladek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=940c041f-84e8-337b-ae98-1086119ddf9a@redhat.com \
--to=joe.lawrence@redhat.com \
--cc=jpoimboe@redhat.com \
--cc=kamalesh@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.