On Sun, Jun 07, 2026 at 09:16:52PM +0800, Yafang Shao wrote: > We previously proposed a BPF+livepatch method to enable rapid > experimentation with new kernel features without interrupting production > workloads: > > > https://lore.kernel.org/live-patching/[email protected]/ > > In the resulting discussion, Song and Petr suggested adding a "replace set" > to support scenarios where specific livepatches can be selectively replaced > or skipped. > > This patch introduces 'replace_set' to provide finer-grained control over > livepatch management. The core rules and behaviors of a replace_set are > defined as follows: > - Livepatches sharing the same replace_set can mutually replace each > other. > - Only one livepatch within a given replace_set can be active at a time. > - Livepatches belonging to different replace_sets can coexist on the > system. > - Livepatches in different replace_sets are prohibited from modifying the > same function. > - Livepatches in different replace_sets cannot use the same state ID. > > Additionally, this design deprecates the traditional non-atomic-replace > model. Previously, setting 'replace' to 0 was the only way to keep > certain livepatches persistent on the system, forcing developers to > disable atomic replacement entirely. With the introduction of replace_set, > developers now have a selective option to keep specific livepatches > persistent while maintaining atomic replacement capabilities elsewhere. > > At present, KLP state, shadow variables, and callbacks are not integrated > with the new replace_set mechanism in this patchset. Support for these > features is deferred until Petr's klp-state-transfer infrastructure is > completed and merged: > > https://github.com/pmladek/linux/tree/klp-state-transfer-v1-iter12 > > v2->v3: > - Address the feedback from Sachiko AI > - Fix the pre-existing NULL pointer dereference issue > - Move klp_find_func into core.h > - Don't deprecate stack_order completely > > v2: > https://lore.kernel.org/live-patching/[email protected]/ > > v1->v2: > - Incorporate feedback from Petr: > - Initialize replace_set to 0 by default > - Improve documentation > - Enforce that livepatches in different replace_sets cannot use the same > state->id. > - Enforce that livepatches in different replace_sets cannot modify the > same function. > - Ensure consistent capitalization and naming usage of KLP_REPLACE_SET. > - Incorporate feedback from Sachiko AI: > - Skip the klp_transition patch during klp_force_transition(). > > v1 (RFC): > https://lore.kernel.org/live-patching/[email protected]/ > > Yafang Shao (7): > livepatch: Fix NULL pointer dereference in klp_find_func() > livepatch: Move klp_find_func() into core.h > livepatch: Support scoped atomic replace using replace_set > livepatch: Deprecate stack_order > selftests/livepatch: Update tests for replace_set > selftests/livepatch: Add test for state ID conflict across > replace_sets > selftests/livepatch: Add test for function conflict across > replace_sets > > .../ABI/removed/sysfs-kernel-livepatch | 9 + > .../ABI/testing/sysfs-kernel-livepatch | 14 +- > .../livepatch/cumulative-patches.rst | 23 ++- > Documentation/livepatch/livepatch.rst | 21 ++- > include/linux/livepatch.h | 5 +- > kernel/livepatch/core.c | 65 ++----- > kernel/livepatch/core.h | 21 +++ > kernel/livepatch/state.c | 51 ++++-- > kernel/livepatch/transition.c | 11 +- > scripts/livepatch/init.c | 6 +- > scripts/livepatch/klp-build | 16 +- > .../selftests/livepatch/test-callbacks.sh | 33 ++-- > .../selftests/livepatch/test-livepatch.sh | 159 +++++++---------- > .../testing/selftests/livepatch/test-state.sh | 34 ++++ > .../testing/selftests/livepatch/test-sysfs.sh | 91 ++-------- > .../selftests/livepatch/test_modules/Makefile | 2 + > .../test_modules/test_klp_atomic_replace.c | 10 +- > .../test_modules/test_klp_atomic_replace2.c | 55 ++++++ > .../test_modules/test_klp_callbacks_demo.c | 6 + > .../test_modules/test_klp_callbacks_demo2.c | 10 +- > .../test_modules/test_klp_livepatch.c | 6 + > .../livepatch/test_modules/test_klp_state.c | 4 +- > .../livepatch/test_modules/test_klp_state2.c | 4 +- > .../livepatch/test_modules/test_klp_state4.c | 163 ++++++++++++++++++ > 24 files changed, 507 insertions(+), 312 deletions(-) > create mode 100644 Documentation/ABI/removed/sysfs-kernel-livepatch > create mode 100644 > tools/testing/selftests/livepatch/test_modules/test_klp_atomic_replace2.c > create mode 100644 > tools/testing/selftests/livepatch/test_modules/test_klp_state4.c > > -- > 2.52.0 >
Hi Yafang, Thanks for implementing this. Supporting both replace and non-replace style patches has always been a headache for me when reading through the code, or worse, actual end user cases. A few minor nitpicks: After applying the series, Documentation/livepatch/system-state.rst still references the old non-replace model. Section 2 states that "Non-cumulative livepatches are allowed to touch already modified system states," which is no longer true. The introductions in both system-state.rst and cumulative-patches.rst also frame atomic replace as opt-in. Petr's proposed documentation rewrites cover some of this, but system-state.rst section 2 needs updating as well. See also my replies to specific patches/replies, mainly around the supercedes feature discussion. -- Joe
