Re: [PATCH v4 00/10] klp-convert livepatch build tooling

From: Libor Pechacek
Date: Fri Jun 14 2019 - 12:42:26 EST


On Fri 14-06-19 10:20:09, Joe Lawrence wrote:
> On 6/14/19 4:34 AM, Petr Mladek wrote:
[...]
> > Anyway, I am curious about one thing. I saw:
> >
> > function __load_mod() {
> > local mod="$1"; shift
> >
> > local msg="% modprobe $mod $*"
> > log "${msg%% }"
> > ret=$(modprobe "$mod" "$@" 2>&1)
> > if [[ "$ret" != "" ]]; then
> > die "$ret"
> > fi
> >
> > # Wait for module in sysfs ...
> > loop_until '[[ -e "/sys/module/$mod" ]]' ||
> > die "failed to load module $mod"
> > }
> >
> > Is the waiting for sysfs really necessary here?
> >
> > Note that it is /sys/module and not /sys/kernel/livepatch/.
>
> I can't remember if that was just paranoid-protective-bash coding or
> actually required. Libor provided great feedback on the initial patch
> series that introduced the self-tests, perhaps he remembers.

I don't recall analyzing this spot in detail but looking at it now I don't see
anything wrong with it. While the check is likely superfluous, I'm not against
keeping it in place.

> > My understanding is that modprobe waits until the module succesfully
> > loaded. mod_sysfs_setup() is called before the module init callback.
> > Therefore the sysfs interface should be read before modprobe returns.
> > Do I miss something?
> >
> > If it works different way then there might be some races because
> > mod_sysfs_setup() is called before the module is alive.
>
> All of this is called from a single bash script function, so in a call stack
> fashion, something like this would occur when loading a livepatch module:
>
> [ mod_sysfs_setup() ]
> modprobe waits for: .init complete, MODULE_STATE_LIVE
> __load_mod() waits for: /sys/module/$mod
> load_lp_nowait() waits for: /sys/kernel/livepatch/$mod
> load_lp() waits for: /sys/kernel/livepatch/$mod/transition = 0
> test-script.sh
>
> So I would think that by calling modprobe, we ensure that the module code is
> ready to go. The /sys/module/$mod check might be redundant as you say, but
> because modprobe completed, we should be safe, no?
>
> The only "nowait" function we have is load_lp_nowait(), which would let us
> march onward before the livepatch transition may have completed.

And even that one is waiting for the live patch module name appear under
/sys/kernel/livepatch/. This is IMHO acceptable level of paranoia.

Libor
--
Libor Pechacek
SUSE Labs