We previously proposed a BPF+livepatch method to enable rapid experimentation with new kernel features without interrupting production workloads:
https://lore.kernel.org/live-patching/[email protected]/ In the resulting discussion, Song and Petr suggested adding a "replace set" to support scenarios where specific livepatches can be selectively replaced or skipped. This patch introduces 'replace_set' to provide finer-grained control over livepatch management. The core rules and behaviors of a replace_set are defined as follows: - Livepatches sharing the same replace_set can mutually replace each other. - Only one livepatch within a given replace_set can be active at a time. - Livepatches belonging to different replace_sets can coexist on the system. - Livepatches in different replace_sets are prohibited from modifying the same function. - Livepatches in different replace_sets cannot use the same state ID. Additionally, this design deprecates the traditional non-atomic-replace model. Previously, setting 'replace' to 0 was the only way to keep certain livepatches persistent on the system, forcing developers to disable atomic replacement entirely. With the introduction of replace_set, developers now have a selective option to keep specific livepatches persistent while maintaining atomic replacement capabilities elsewhere. At present, KLP state, shadow variables, and callbacks are not integrated with the new replace_set mechanism in this patchset. Support for these features is deferred until Petr's klp-state-transfer infrastructure is completed and merged: https://github.com/pmladek/linux/tree/klp-state-transfer-v1-iter12 v2->v3: - Address the feedback from Sachiko AI - Fix the pre-existing NULL pointer dereference issue - Move klp_find_func into core.h - Don't deprecate stack_order completely v2: https://lore.kernel.org/live-patching/[email protected]/ v1->v2: - Incorporate feedback from Petr: - Initialize replace_set to 0 by default - Improve documentation - Enforce that livepatches in different replace_sets cannot use the same state->id. - Enforce that livepatches in different replace_sets cannot modify the same function. - Ensure consistent capitalization and naming usage of KLP_REPLACE_SET. - Incorporate feedback from Sachiko AI: - Skip the klp_transition patch during klp_force_transition(). v1 (RFC): https://lore.kernel.org/live-patching/[email protected]/ Yafang Shao (7): livepatch: Fix NULL pointer dereference in klp_find_func() livepatch: Move klp_find_func() into core.h livepatch: Support scoped atomic replace using replace_set livepatch: Deprecate stack_order selftests/livepatch: Update tests for replace_set selftests/livepatch: Add test for state ID conflict across replace_sets selftests/livepatch: Add test for function conflict across replace_sets .../ABI/removed/sysfs-kernel-livepatch | 9 + .../ABI/testing/sysfs-kernel-livepatch | 14 +- .../livepatch/cumulative-patches.rst | 23 ++- Documentation/livepatch/livepatch.rst | 21 ++- include/linux/livepatch.h | 5 +- kernel/livepatch/core.c | 65 ++----- kernel/livepatch/core.h | 21 +++ kernel/livepatch/state.c | 51 ++++-- kernel/livepatch/transition.c | 11 +- scripts/livepatch/init.c | 6 +- scripts/livepatch/klp-build | 16 +- .../selftests/livepatch/test-callbacks.sh | 33 ++-- .../selftests/livepatch/test-livepatch.sh | 159 +++++++---------- .../testing/selftests/livepatch/test-state.sh | 34 ++++ .../testing/selftests/livepatch/test-sysfs.sh | 91 ++-------- .../selftests/livepatch/test_modules/Makefile | 2 + .../test_modules/test_klp_atomic_replace.c | 10 +- .../test_modules/test_klp_atomic_replace2.c | 55 ++++++ .../test_modules/test_klp_callbacks_demo.c | 6 + .../test_modules/test_klp_callbacks_demo2.c | 10 +- .../test_modules/test_klp_livepatch.c | 6 + .../livepatch/test_modules/test_klp_state.c | 4 +- .../livepatch/test_modules/test_klp_state2.c | 4 +- .../livepatch/test_modules/test_klp_state4.c | 163 ++++++++++++++++++ 24 files changed, 507 insertions(+), 312 deletions(-) create mode 100644 Documentation/ABI/removed/sysfs-kernel-livepatch create mode 100644 tools/testing/selftests/livepatch/test_modules/test_klp_atomic_replace2.c create mode 100644 tools/testing/selftests/livepatch/test_modules/test_klp_state4.c -- 2.52.0
