From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753377AbdGUImZ (ORCPT ); Fri, 21 Jul 2017 04:42:25 -0400 Received: from mx2.suse.de ([195.135.220.15]:59642 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750745AbdGUImY (ORCPT ); Fri, 21 Jul 2017 04:42:24 -0400 Date: Fri, 21 Jul 2017 10:42:22 +0200 From: Petr Mladek To: Joe Lawrence Cc: Miroslav Benes , live-patching@vger.kernel.org, linux-kernel@vger.kernel.org, Josh Poimboeuf , Jessica Yu , Jiri Kosina Subject: Re: [PATCH v2 1/2] livepatch: introduce shadow variable API Message-ID: <20170721084221.GA26370@pathway.suse.cz> References: <1498664247-12296-1-git-send-email-joe.lawrence@redhat.com> <1498664247-12296-2-git-send-email-joe.lawrence@redhat.com> <20170718202107.3hsptpdspr26snxc@redhat.com> <164836e1-2d33-ec32-46ac-d6360f671b17@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <164836e1-2d33-ec32-46ac-d6360f671b17@redhat.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu 2017-07-20 11:48:41, Joe Lawrence wrote: > On 07/20/2017 10:45 AM, Miroslav Benes wrote: > > > >>>>> + * > >>>>> + * Note: allocates @new_size space for shadow variable data and copies > >>>>> + * @new_size bytes from @new_data into the shadow varaible's own @new_data > >>>>> + * space. If @new_data is NULL, @new_size is still allocated, but no > >>>>> + * copy is performed. > >>>> > >>>> I must say I'm not entirely happy with this. I don't know if this is what > >>>> Petr had in mind (I'm sure he'll get to the patch set soon). Calling > >>>> memcpy instead of a simple assignment in v1 seems worse. > >>> > >>> This change was a bit of a experiment on my part in reaction to > >>> adding klp_shadow_get_or_attach(). > >>> > >>> I like the simplicity of v1's pointer assignment -- in fact, moving all > >>> allocation responsiblity (klp_shadow meta-data and data[] area) out to > >>> the caller is doable, though implementing klp_shadow_get_or_attach() and > >>> and klp_shadow_detach_all() complicates matters, for example, adding an > >>> alloc/release callback. I originally attempted this for v2, but turned > >>> back when the API and implementation grew complicated. If the memcpy > >>> and gfp_flag restrictions are too ugly, I can try revisting that > >>> approach. Ideas welcome :) > >> > >> Well, I didn't like callbacks either :). And no, I do not have a better > >> idea. I still need to think about it. > > > > Done and I agree that memcpy approach is not so bad after all :). So I'm > > fine with it. > > I looked at it again this morning and a "pass-your-own" allocation API > always comes back to adding callbacks and other complications :( In the > end, most callers will be shadowing pointers and not entire structures, > so I think the copy isn't too bad. I agree. > On a related note, if we keep the allocations and memcpy, how about I > shift around the attach/get calls like so: > > __klp_shadow_attach > set shadow variable member values > memcpy > add to hash > > klp_shadow_attach > alloc new shadow var > lock > call __klp_shadow_attach with new alloc > unlock > > klp_shadow_get_or_attach > be optimistic, call klp_shadow_get (if found, return it) > be pessimistic, alloc new shadow var > lock > call klp_shadow_get again > if unlikely found > kfree unneeded alloc > else > call __klp_shadow_attach with new alloc > unlock > return whichever shadow var we used I would really suggest that klp_shadow_attach() prevents adding duplicates. We should make the API as safe as possible. Catching unexpected duplicate could safe people a lot of headaches. Please read more on this in my review https://lkml.kernel.org/r/20170718124500.GF3393@pathway.suse.cz Best Regards, Petr