Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp1739829ybg; Sat, 19 Oct 2019 01:28:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqzHAieBeODqJZlwnOf+mxXfmHEVwrreWXfCaq0IhrbBjQSLIukvSciomUfQLw37V1niZgZK X-Received: by 2002:a17:906:6bcd:: with SMTP id t13mr1726238ejs.231.1571473700307; Sat, 19 Oct 2019 01:28:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571473700; cv=none; d=google.com; s=arc-20160816; b=G/48U77mhkTGnE5erzuUtvLVMQ8mUDUvTxxOoI52CN4MvzZt988072TMJnAtYBWy9G cMT3eOoLOartP4BqCcICxIpmo+Fkd+UbfaXLW2FwIgTar5tBZUGnpzNySvxnJbRxKYCQ DbAfBv8kEC6FVXj19KI/n3OTjYIpUD5ZHK3T9j42/66TcltQj+QEWEl/WmpH0eSOcHOk ZHqqtJaxpXv0JYx07w1wByxAS5KzLmuI8nttCPZP7RmwKGB+JJhc1NyehKZ8ac1n3exs 5Rg2rmyh3Pn1Rtywk1vPHKH7ZsIUe8RjjQjLhM/TC+PSf0S1ZzzqJahtRDtKcJcp/gdI U+3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=Q55WtF23+SQvgV1QFXscuE/FNZ/UzNBqhkjlCNTvPQw=; b=DFpXSnQbpfLGBgU4FJfdzXBg6xuL64uTtFl1UT11lWEv1lWBxKMyOxCDgdOjCZ5Rmz ng0+eOZfZvXjnGgAOhkyWFNhImuzdLqtm9Jpy+6wITkejtvjBV/t7pYfiY/59tPaU0Y/ Ri7EDNvWS/n8PUPzHBu4dDVsi9B+ww8oIqPH/l/0lWBS3+VHImcAkFlfYMz8YKOp2kDE AM/Sed21Q/80sQctphPvpyPykSHO35BYt/TWticA6calD/Agkd2ioXlM9Rubigh+p+Y7 b0cXfA7gQHKBpKomVMKYwPz4dVQm/Yi1pr7VavsUEpZ+RgQNMw6AHl9k969fb42yoOuO PAAA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z19si4760228ejr.244.2019.10.19.01.27.57; Sat, 19 Oct 2019 01:28:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2410418AbfJRNlC (ORCPT + 99 others); Fri, 18 Oct 2019 09:41:02 -0400 Received: from mx2.suse.de ([195.135.220.15]:40414 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728150AbfJRNlC (ORCPT ); Fri, 18 Oct 2019 09:41:02 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 0FBAFB1D4; Fri, 18 Oct 2019 13:41:00 +0000 (UTC) Date: Fri, 18 Oct 2019 15:40:58 +0200 From: Petr Mladek To: Jessica Yu Cc: Miroslav Benes , Peter Zijlstra , Steven Rostedt , Joe Lawrence , x86@kernel.org, linux-kernel@vger.kernel.org, mhiramat@kernel.org, bristot@redhat.com, jbaron@akamai.com, torvalds@linux-foundation.org, tglx@linutronix.de, mingo@kernel.org, namit@vmware.com, hpa@zytor.com, luto@kernel.org, ard.biesheuvel@linaro.org, jpoimboe@redhat.com, live-patching@vger.kernel.org Subject: Re: [PATCH v3 5/6] x86/ftrace: Use text_poke() Message-ID: <20191018134058.7zyls4746wpa7jy5@pathway.suse.cz> References: <20191015135634.GK2328@hirez.programming.kicks-ass.net> <88bab814-ea24-ece9-2bc0-7a1e10a62f12@redhat.com> <20191015153120.GA21580@linux-8ccs> <7e9c7dd1-809e-f130-26a3-3d3328477437@redhat.com> <20191015182705.1aeec284@gandalf.local.home> <20191016074951.GM2328@hirez.programming.kicks-ass.net> <20191018130342.GA4625@linux-8ccs> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191018130342.GA4625@linux-8ccs> User-Agent: NeoMutt/20170912 (1.9.0) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri 2019-10-18 15:03:42, Jessica Yu wrote: > +++ Miroslav Benes [16/10/19 15:29 +0200]: > > On Wed, 16 Oct 2019, Miroslav Benes wrote: > > Thinking about it more... crazy idea. I think we could leverage these new > > ELF .text per vmlinux/module sections for the reinvention I was talking > > about. If we teach module loader to relocate (and apply alternatives and > > so on, everything in arch-specific module_finalize()) not the whole module > > in case of live patch modules, but separate ELF .text sections, it could > > solve the issue with late module patching we have. It is a variation on > > Steven's idea. When live patch module is loaded, only its section for > > present modules would be processed. Then whenever a to-be-patched module > > is loaded, its .text section in all present patch module would be > > processed. > > > > The upside is that almost no work would be required on patch modules > > creation side. The downside is that klp_modinfo must stay. Module loader > > needs to be hacked a lot in both cases. So it remains to be seen which > > idea is easier to implement. > > > > Jessica, do you think it would be feasible? > > I think that does sound feasible. I'm trying to visualize how that > would look. I guess there would need to be various livepatching hooks > called during the different stages (apply_relocate_add(), > module_finalize(), module_enable_ro/x()). > > So maybe something like the following? > > When a livepatch module loads: > apply_relocate_add() > klp hook: apply .klp.rela.$objname relocations *only* for > already loaded modules > module_finalize() > klp hook: apply .klp.arch.$objname changes for already loaded modules > module_enable_ro() > klp hook: only enable ro/x for .klp.text.$objname for already > loaded modules Just for record. We should also set ro for the not-yet used .klp.text.$objname at this stage so that it can't be modified easily "by accident". > When a to-be-patched module loads: > apply_relocate_add() > klp hook: for each patch module that patches the coming > module, apply .klp.rela.$objname relocations for this object > module_finalize() > klp hook: for each patch module that patches the coming > module, apply .klp.arch.$objname changes for this object > module_enable_ro() > klp hook: for each patch module, apply ro/x permissions for > .klp.text.$objname for this object > > Then, in klp_module_coming, we only need to do the callbacks and > enable the patch, and get rid of the module_disable_ro->apply > relocs->module_enable_ro block. > > Does that sound like what you had in mind or am I totally off? Makes sense to me. Well, I wonder if it is really any better from what we have now. We would still need special delayed handling for the module-specific elf sections. Also we still would not need to clear the modifications in these sections when the livepatched object gets unloaded. I am afraid that the real difference might come when we split the livepatch into per-livepatched object modules. This would move the complexity to another parts of the code ;-) I am unable to say what approach is easier and more safe to maintain at the moment. Best Regards, Petr