All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] livepatch: Cancel transition a safe way for immediate patches
@ 2017-04-11 11:07 Petr Mladek
  2017-04-11 11:31 ` Miroslav Benes
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Petr Mladek @ 2017-04-11 11:07 UTC (permalink / raw)
  To: Josh Poimboeuf, Miroslav Benes
  Cc: Jessica Yu, Jiri Kosina, linux-kernel, live-patching, Petr Mladek

klp_init_transition() does not set func->transition for immediate patches.
Then klp_ftrace_handler() could use the new code immediately. As a result,
it is not safe to put the livepatch module in klp_cancel_transition().

This patch reverts most of the last minute changes klp_cancel_transition().
It keeps the warning about a misuse because it still makes sense.

Signed-off-by: Petr Mladek <pmladek@suse.com>
---
Hi,

I am afraid that Mirek was not right in the mail
https://lkml.kernel.org/r/alpine.LSU.2.20.1702161504020.16310@pobox.suse.cz
IMHO, it is not safe to put the module when the immediate
patch cannot be applied.

Best Regards,
Petr

 kernel/livepatch/transition.c | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/kernel/livepatch/transition.c b/kernel/livepatch/transition.c
index 2de09e0c4e5c..adc0cc64aa4b 100644
--- a/kernel/livepatch/transition.c
+++ b/kernel/livepatch/transition.c
@@ -120,31 +120,11 @@ static void klp_complete_transition(void)
  */
 void klp_cancel_transition(void)
 {
-	struct klp_patch *patch = klp_transition_patch;
-	struct klp_object *obj;
-	struct klp_func *func;
-	bool immediate_func = false;
-
 	if (WARN_ON_ONCE(klp_target_state != KLP_PATCHED))
 		return;
 
 	klp_target_state = KLP_UNPATCHED;
 	klp_complete_transition();
-
-	/*
-	 * In the enable error path, even immediate patches can be safely
-	 * removed because the transition hasn't been started yet.
-	 *
-	 * klp_complete_transition() doesn't have a module_put() for immediate
-	 * patches, so do it here.
-	 */
-	klp_for_each_object(patch, obj)
-		klp_for_each_func(obj, func)
-			if (func->immediate)
-				immediate_func = true;
-
-	if (patch->immediate || immediate_func)
-		module_put(patch->mod);
 }
 
 /*
-- 
1.8.5.6

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] livepatch: Cancel transition a safe way for immediate patches
  2017-04-11 11:07 [PATCH] livepatch: Cancel transition a safe way for immediate patches Petr Mladek
@ 2017-04-11 11:31 ` Miroslav Benes
  2017-04-11 15:10 ` Josh Poimboeuf
  2017-04-11 18:55 ` Jiri Kosina
  2 siblings, 0 replies; 4+ messages in thread
From: Miroslav Benes @ 2017-04-11 11:31 UTC (permalink / raw)
  To: Petr Mladek
  Cc: Josh Poimboeuf, Jessica Yu, Jiri Kosina, linux-kernel, live-patching

On Tue, 11 Apr 2017, Petr Mladek wrote:

> klp_init_transition() does not set func->transition for immediate patches.
> Then klp_ftrace_handler() could use the new code immediately. As a result,
> it is not safe to put the livepatch module in klp_cancel_transition().
> 
> This patch reverts most of the last minute changes klp_cancel_transition().
> It keeps the warning about a misuse because it still makes sense.
> 
> Signed-off-by: Petr Mladek <pmladek@suse.com>
> ---
> Hi,
> 
> I am afraid that Mirek was not right in the mail
> https://lkml.kernel.org/r/alpine.LSU.2.20.1702161504020.16310@pobox.suse.cz
> IMHO, it is not safe to put the module when the immediate
> patch cannot be applied.
> 
> Best Regards,
> Petr

You're right, Petr. Thanks for fixing my fault.

If needed, we could still follow the idea - set func->transition even for 
immediate patches/funcs. But for now, removing the code is the best.

Acked-by: Miroslav Benes <mbenes@suse.cz>

Jiri, this (obviously) needs to go to 4.12 with the patch set...

Miroslav
 
>  kernel/livepatch/transition.c | 20 --------------------
>  1 file changed, 20 deletions(-)
> 
> diff --git a/kernel/livepatch/transition.c b/kernel/livepatch/transition.c
> index 2de09e0c4e5c..adc0cc64aa4b 100644
> --- a/kernel/livepatch/transition.c
> +++ b/kernel/livepatch/transition.c
> @@ -120,31 +120,11 @@ static void klp_complete_transition(void)
>   */
>  void klp_cancel_transition(void)
>  {
> -	struct klp_patch *patch = klp_transition_patch;
> -	struct klp_object *obj;
> -	struct klp_func *func;
> -	bool immediate_func = false;
> -
>  	if (WARN_ON_ONCE(klp_target_state != KLP_PATCHED))
>  		return;
>  
>  	klp_target_state = KLP_UNPATCHED;
>  	klp_complete_transition();
> -
> -	/*
> -	 * In the enable error path, even immediate patches can be safely
> -	 * removed because the transition hasn't been started yet.
> -	 *
> -	 * klp_complete_transition() doesn't have a module_put() for immediate
> -	 * patches, so do it here.
> -	 */
> -	klp_for_each_object(patch, obj)
> -		klp_for_each_func(obj, func)
> -			if (func->immediate)
> -				immediate_func = true;
> -
> -	if (patch->immediate || immediate_func)
> -		module_put(patch->mod);
>  }
>  
>  /*
> -- 
> 1.8.5.6
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] livepatch: Cancel transition a safe way for immediate patches
  2017-04-11 11:07 [PATCH] livepatch: Cancel transition a safe way for immediate patches Petr Mladek
  2017-04-11 11:31 ` Miroslav Benes
@ 2017-04-11 15:10 ` Josh Poimboeuf
  2017-04-11 18:55 ` Jiri Kosina
  2 siblings, 0 replies; 4+ messages in thread
From: Josh Poimboeuf @ 2017-04-11 15:10 UTC (permalink / raw)
  To: Petr Mladek
  Cc: Miroslav Benes, Jessica Yu, Jiri Kosina, linux-kernel, live-patching

On Tue, Apr 11, 2017 at 01:07:48PM +0200, Petr Mladek wrote:
> klp_init_transition() does not set func->transition for immediate patches.
> Then klp_ftrace_handler() could use the new code immediately. As a result,
> it is not safe to put the livepatch module in klp_cancel_transition().
> 
> This patch reverts most of the last minute changes klp_cancel_transition().
> It keeps the warning about a misuse because it still makes sense.
> 
> Signed-off-by: Petr Mladek <pmladek@suse.com>

Good catch Petr, thanks!

Fixes: 3ec24776bfd0 ("livepatch: allow removal of a disabled patch")
Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>

-- 
Josh

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] livepatch: Cancel transition a safe way for immediate patches
  2017-04-11 11:07 [PATCH] livepatch: Cancel transition a safe way for immediate patches Petr Mladek
  2017-04-11 11:31 ` Miroslav Benes
  2017-04-11 15:10 ` Josh Poimboeuf
@ 2017-04-11 18:55 ` Jiri Kosina
  2 siblings, 0 replies; 4+ messages in thread
From: Jiri Kosina @ 2017-04-11 18:55 UTC (permalink / raw)
  To: Petr Mladek
  Cc: Josh Poimboeuf, Miroslav Benes, Jessica Yu, linux-kernel, live-patching

On Tue, 11 Apr 2017, Petr Mladek wrote:

> klp_init_transition() does not set func->transition for immediate patches.
> Then klp_ftrace_handler() could use the new code immediately. As a result,
> it is not safe to put the livepatch module in klp_cancel_transition().
> 
> This patch reverts most of the last minute changes klp_cancel_transition().
> It keeps the warning about a misuse because it still makes sense.
> 
> Signed-off-by: Petr Mladek <pmladek@suse.com>
> ---
> Hi,
> 
> I am afraid that Mirek was not right in the mail
> https://lkml.kernel.org/r/alpine.LSU.2.20.1702161504020.16310@pobox.suse.cz
> IMHO, it is not safe to put the module when the immediate
> patch cannot be applied.

That's a very good catch indeed, thanks. Applied.

-- 
Jiri Kosina
SUSE Labs

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-04-11 18:55 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-11 11:07 [PATCH] livepatch: Cancel transition a safe way for immediate patches Petr Mladek
2017-04-11 11:31 ` Miroslav Benes
2017-04-11 15:10 ` Josh Poimboeuf
2017-04-11 18:55 ` Jiri Kosina

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.