On Wed, 9 Jan 2019, Petr Mladek wrote: > The atomic replace and cumulative patches were introduced as a more secure > way to handle dependent patches. They simplify the logic: > > + Any new cumulative patch is supposed to take over shadow variables > and changes made by callbacks from previous livepatches. > > + All replaced patches are discarded and the modules can be unloaded. > As a result, there is only one scenario when a cumulative livepatch > gets disabled. > > The different handling of "normal" and cumulative patches might cause > confusion. It would make sense to keep only one mode. On the other hand, > it would be rude to enforce using the cumulative livepatches even for > trivial and independent (hot) fixes. > > However, the stack of patches is not really necessary any longer. > The patch ordering was never clearly visible via the sysfs interface. > Also the "normal" patches need a lot of caution anyway. > > Note that the list of enabled patches is still necessary but the ordering > is not longer enforced. > > Otherwise, the code is ready to disable livepatches in an random order. > Namely, klp_check_stack_func() always looks for the function from > the livepatch that is being disabled. klp_func structures are just > removed from the related func_stack. Finally, the ftrace handlers > is removed only when the func_stack becomes empty. > > Signed-off-by: Petr Mladek <[email protected]>
Acked-by: Miroslav Benes <[email protected]> Miroslav
