Re: [PATCH 1/2] livepatch: Send a fake signal periodically

From: Miroslav Benes
Date: Wed Jun 06 2018 - 03:49:56 EST

Next message: Naga Sureshkumar Relli: "[LINUX PATCH v9 1/4] Devicetree: Add pl353 smc controller devicetree binding information"
Previous message: Andy Shevchenko: "Re: [PATCH v8 7/8] lib: Add module to simulate atomic sections for testing preemptoff tracers"
In reply to: Josh Poimboeuf: "Re: [PATCH 1/2] livepatch: Send a fake signal periodically"
Next in thread: Miroslav Benes: "[PATCH 2/2] livepatch: Remove signal sysfs attribute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 5 Jun 2018, Josh Poimboeuf wrote:

> On Tue, Jun 05, 2018 at 09:17:52AM +0200, Miroslav Benes wrote:
> > On Mon, 4 Jun 2018, Josh Poimboeuf wrote:
> >
> > > On Mon, Jun 04, 2018 at 04:16:35PM +0200, Miroslav Benes wrote:
> > > > An administrator may send a fake signal to all remaining blocking tasks
> > > > of a running transition by writing to
> > > > /sys/kernel/livepatch/<patch>/signal attribute. Let's do it
> > > > automatically after 10 seconds. The timeout is chosen deliberately. It
> > > > gives the tasks enough time to transition themselves.
> > > >
> > > > Theoretically, sending it once should be more than enough. Better be safe
> > > > than sorry, so send it periodically.
> > >
> > > This is the part I don't understand. Why do it periodically?
> >
> > I met (rare!) cases when doing it once was not enough due to a race and
> > the signal was missed. However involved testcases were really artificial.
> >
> > > Instead, might it make sense to just send the signals once, and if that
> > > doesn't work, reverse the transition? Then we could make patching a
> > > synchronous operation. But then, it might be remotely possible that the
> > > reverse operation also stalls (e.g., on a kthread). So, maybe it's best
> > > to just leave all these controls in the hands of the user.
> >
> > And there is 'force' option...
> >
> > So given all this, I'd call klp_send_signals() once and then leave it up
> > to the user. Would that work for you?
>
> Well, I don't know. Since the patching process will already need to be
> managed by user space, what's the benefit of having the kernel doing
> only this part of it?

I'm not sure about 'will already need to be managed by user space' part.
Sending the fake signal would unblock transition in certain cases "for
free". No user interaction is really needed and we can do it
automatically. That's why I find it beneficial.

If it does not help, then the user must decide what to do next. Reversion
or force. That's up to them.

Miroslav

Next message: Naga Sureshkumar Relli: "[LINUX PATCH v9 1/4] Devicetree: Add pl353 smc controller devicetree binding information"
Previous message: Andy Shevchenko: "Re: [PATCH v8 7/8] lib: Add module to simulate atomic sections for testing preemptoff tracers"
In reply to: Josh Poimboeuf: "Re: [PATCH 1/2] livepatch: Send a fake signal periodically"
Next in thread: Miroslav Benes: "[PATCH 2/2] livepatch: Remove signal sysfs attribute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]