[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20140615065731.GB20028@gmail.com>
Date: Sun, 15 Jun 2014 08:57:31 +0200
From: Ingo Molnar <mingo@...nel.org>
To: Pavel Machek <pavel@....cz>
Cc: David Lang <david@...g.hm>, Josh Poimboeuf <jpoimboe@...hat.com>,
Frederic Weisbecker <fweisbec@...il.com>,
Seth Jennings <sjenning@...hat.com>,
Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
Steven Rostedt <rostedt@...dmis.org>,
Ingo Molnar <mingo@...hat.com>, Jiri Slaby <jslaby@...e.cz>,
linux-kernel@...r.kernel.org,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [RFC PATCH 0/2] kpatch: dynamic kernel patching
* Pavel Machek <pavel@....cz> wrote:
> Hi!
>
> > > in terms of hit-patching kernels you are correct.
> > >
> > > but that's a far cry from what it sounded like you were demanding
> > > (that it must handle any kernel patch)
> >
> > No, I was not demanding that at all, my suggestion was:
> >
> > > My claim is that if a patch is correct/safe in the old fashioned
> > > way, then a fundamental principle is that a live patching
> > > subsystem must either safely apply, or safely reject the live
> > > patching attempt, independently from any user input.
> >
> > Note the 'if'. It could start simple and stupid, and only allow
> > cases where we know the patch must be trivially safe (because it
> > does not do much in terms of disturbing globally visible state).
> > That needs some tooling help, but apparently tooling help is in
> > place already.
>
> Actually, even if patch is very trivial, it will be difficult to
> determine if it is safe. Consider adding error check:
>
> int
> do_something(void)
> {
> #if 0
> if (1)
> return -1;
> #endif
> return 0;
> }
>
> void
> main(void)
> {
> if (do_something())
> printf("error happened\n");
> }
>
> Imagine changing that #if 0 to #if 1. But gcc at -O3 already
> optimized out the error message. So... do we compile whole second
> kernel and compare the binaries? I think I seen remark "don't try to
> do binary compares" somewhere...
Fair enough.
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists