Re: [PATCH] livepatch: introduce klp_func called interface
From: Joe Lawrence
Date: Fri May 31 2024 - 15:18:06 EST
On Tue, May 21, 2024 at 08:34:46AM +0200, Miroslav Benes wrote:
> Hello,
>
> On Mon, 20 May 2024, zhang warden wrote:
>
> >
> >
> > > On May 20, 2024, at 14:46, Miroslav Benes <mbenes@xxxxxxx> wrote:
> > >
> > > Hi,
> > >
> > > On Mon, 20 May 2024, Wardenjohn wrote:
> > >
> > >> Livepatch module usually used to modify kernel functions.
> > >> If the patched function have bug, it may cause serious result
> > >> such as kernel crash.
> > >>
> > >> This is a kobject attribute of klp_func. Sysfs interface named
> > >> "called" is introduced to livepatch which will be set as true
> > >> if the patched function is called.
> > >>
> > >> /sys/kernel/livepatch/<patch>/<object>/<function,sympos>/called
> > >>
> > >> This value "called" is quite necessary for kernel stability
> > >> assurance for livepatching module of a running system.
> > >> Testing process is important before a livepatch module apply to
> > >> a production system. With this interface, testing process can
> > >> easily find out which function is successfully called.
> > >> Any testing process can make sure they have successfully cover
> > >> all the patched function that changed with the help of this interface.
> > >
> > > Even easier is to use the existing tracing infrastructure in the kernel
> > > (ftrace for example) to track the new function. You can obtain much more
> > > information with that than the new attribute provides.
> > >
> > > Regards,
> > > Miroslav
> > Hi Miroslav
> >
> > First, in most cases, testing process is should be automated, which make
> > using existing tracing infrastructure inconvenient.
>
> could you elaborate, please? We use ftrace exactly for this purpose and
> our testing process is also more or less automated.
>
> > Second, livepatch is
> > already use ftrace for functional replacement, I don’t think it is a
> > good choice of using kernel tracing tool to trace a patched function.
>
> Why?
>
> > At last, this attribute can be thought of as a state of a livepatch
> > function. It is a state, like the "patched" "transition" state of a
> > klp_patch. Adding this state will not break the state consistency of
> > livepatch.
>
> Yes, but the information you get is limited compared to what is available
> now. You would obtain the information that a patched function was called
> but ftrace could also give you the context and more.
>
> It would not hurt to add a new attribute per se but I am wondering about
> the reason and its usage. Once we have it, the commit message should be
> improved based on that.
>
I agree with Miroslav about using ftrace, or Dan in the other thread
about using gcov if even more granular coverage is needed.
Admittedly, I would have to go find documentation to remember how to do
either, but at least I'd be using well-tested facilities designed for
this exact purpose.
Adding these attributes to livepatch sysfs would be expedient and
probably easier for us to use, but imposes a recurring burden on us to
maintain and test (where is the documentation and kselftest for this new
interface?). Or, we could let the other tools handle all of that for
us.
Perhaps if someone already has an off-the-shelf script that is using
ftrace to monitor livepatched code, it could be donated to
Documentation/livepatch/? I can ask our QE folks if they have something
like this.
Regards,
--
Joe