Re: [PATCH][v6][RFC] livepatch/ppc: Enable livepatching on powerpc

From: Petr Mladek
Date: Wed Mar 09 2016 - 07:56:52 EST


On Wed 2016-03-09 12:16:47, Torsten Duwe wrote:
> On Wed, Mar 09, 2016 at 11:13:05AM +0100, Jiri Kosina wrote:
> > On Wed, 9 Mar 2016, Torsten Duwe wrote:
> > > was my first choice. Arguments on the stack? I thought we'll deal with them
> > > once we get there (e.g. _really_ need to patch a varargs function or one
> > > with a silly signature).
> >
> > Well, the problem is, once such need arises, it's too late already.
>
> No, not if it's documented.
>
> > You need to be able to patch the kernels which are already out there,
> > running on machines potentially for ages once all of a sudden there is a
> > CVE for >8args / varargs function.
>
> Then you'd need a solution like I sent out yesterday, with a pre-prologue
> caller that pops the extra frame, so the replacement can be more straight-
> forward. Or you can just deal with the shifted offsets in the replacement.
>
> I'll try to demonstrate the alternative. That would then be required for
> _all_ replacement functions. Or can the live patching framework differentiate
> and tell ftrace_caller whether to place a stack frame or not?
>
> Miroslav? Petr? Can we have 2 sorts of replacement functions?

I personally prefer to keep most functions without any special hack,
especially when it is needed only for one architecture. If a hack is
needed for "corner cases" and it is documented then, IMHO, we could
live with it for some time. We test all patches anyway, so.

But I could not speak for the LivePatching maintainers whose are Josh
and Jiri.

Best Regards,
Petr