Re: [PATCH v5 0/3] livepatch: introduce atomic replace

[Miroslav Benes <mbenes@suse.cz>]

> IMHO, it might be easier to run just the callbacks from
> the new patch. In reality, the author should always know
> what it might be replacing and what needs to be done.

I agree. I don't see a good solution to the problem. Imagine a crazy 
situation in which someone would like to patch the entry code. Callbacks 
would be non-empty, because of the need to write to MSR and IDT. Then 
there might be an atomic replace cumulative patch. You don't want to run 
callbacks of the previous patches, because that would make the system 
vulnerable again. On the other hand, callbacks in the replace patch could 
do what is necessary.

It is not only entry patching of course. I think it is valid everytime you 
need to write a value to a global system variable of some sort.
 
> By other words, it might be much easier to handle all
> situations in a single script in the new patch. Alternative
> would be doing crazy hacks to prevent the older scripts from
> destroying what we would like to keep. We would need to
> keep in mind interactions between the scripts and
> the order in which they are called.

Crazy, yes.

> Or do you plan to use cumulative patches to simply
> get rid of any other "random" livepatches with something
> completely different? In this case, it might be much more
> safe to disable the older patches a normal way.
> 
> I would suggest to just document the current behavior.
> We should create Documentation/livepatch/cummulative-patches.txt
> anyway.

Agreed.

Regards,
Miroslav