Re: [PATCH v3] livepatch: Prevent to apply the patch once coming module notifier fails

From: Petr Mladek
Date: Mon May 18 2015 - 11:33:20 EST

On Mon 2015-05-18 21:00:57, Minfei Huang wrote:
> On 05/18/15 at 02:08pm, Petr Mladek wrote:
> > On Wed 2015-05-13 09:14:15, Josh Poimboeuf wrote:
> > > On Tue, May 12, 2015 at 10:04:44PM +0800, Minfei Huang wrote:
> > > > @@ -883,7 +883,7 @@ int klp_register_patch(struct klp_patch *patch)
> > > > }
> > > > EXPORT_SYMBOL_GPL(klp_register_patch);
> > > >
> > > > -static void klp_module_notify_coming(struct klp_patch *patch,
> > > > +static int klp_module_notify_coming(struct klp_patch *patch,
> > > > struct klp_object *obj)
> > > > {
> > > > struct module *pmod = patch->mod;
> > > > @@ -891,22 +891,24 @@ static void klp_module_notify_coming(struct klp_patch *patch,
> > > > int ret;
> > > >
> > > > ret = klp_init_object_loaded(patch, obj);
> > > > - if (ret)
> > > > - goto err;
> > > > + if (ret) {
> > > > + pr_warn("failed to initialize the patch '%s' (%d)\n",
> > > > + pmod->name, ret);
> > > > + goto out;
> > > > + }
> > >
> > > Can you change it to:
> > >
> > > "failed to initialize the patch '%s' for module '%s' (%d)\n" ?
> > >
> > > That would make it more consistent with the other error message and
> > > identify the failing module.
> > >
> > > Also, the indentation should be fixed on the second pr_warn() line.
> > >
> > > >
> > > > if (patch->state == KLP_DISABLED)
> > > > - return;
> > > > + goto out;
> > > >
> > > > pr_notice("applying patch '%s' to loading module '%s'\n",
> > > > pmod->name, mod->name);
> > > >
> > > > ret = klp_enable_object(obj);
> > > > - if (!ret)
> > > > - return;
> > > > -
> > > > -err:
> > > > - pr_warn("failed to apply patch '%s' to module '%s' (%d)\n",
> > > > - pmod->name, mod->name, ret);
> > > > + if (ret)
> > > > + pr_warn("failed to apply patch '%s' to module '%s' (%d)\n",
> > > > + pmod->name, mod->name, ret);
> > >
> > > Bad indentation here too.
> > >
> > > > @@ -930,6 +932,7 @@ disabled:
> > > > static int klp_module_notify(struct notifier_block *nb, unsigned long action,
> > > > void *data)
> > > > {
> > > > + int ret;
> > > > struct module *mod = data;
> > > > struct klp_patch *patch;
> > > > struct klp_object *obj;
> > > > @@ -955,7 +958,13 @@ static int klp_module_notify(struct notifier_block *nb, unsigned long action,
> > > >
> > > > if (action == MODULE_STATE_COMING) {
> > > > obj->mod = mod;
> > > > - klp_module_notify_coming(patch, obj);
> > > > + ret = klp_module_notify_coming(patch, obj);
> > > > + if (ret) {
> > > > + obj->mod = NULL;
> > > > + pr_warn("patch '%s' is dead, remove it "
> > > > + "or re-install the module '%s'\n",
> > > > + patch->mod->name, obj->name);
> > > > + }
> > >
> > > The patch isn't necessarily dead, since it might also include previously
> > > enabled changes for vmlinux or other modules. It can actually be a
> > > dangerous condition if there's a mismatch between old code in the module
> > > and new code elsewhere. How about something like:
> > >
> > > "patch '%s' is in an inconsistent state!\n"
> >
> > It must not be dangerous, otherwise the patch could not get applied
> > immediately.
>
> But kernel is in dangerous situation that the patch may corrupt it
> later. So it is appropriate to notify the user.

How exactly could the patch corrupt the system? Could you please give
an example?

> >
> > I would omit this message completely. It would just duplicate the
> > warning printed by klp_module_notify_coming().
> >
>
> This error message aims to tell this fact that this patch is in an
> inconsistent state. If someone do not notify this error, it is fine,
> because the inconsistent patch does not have change to be applied to the
> kernel.

But there is already printed a warning from
klp_module_notify_coming(). I wonder why we need one more here.

> >
> > > Also, there's no need to split up the string literal into two lines.
> > > It's ok for a line to have more than 80 columns in that case.
> >
> > I suggest to run ./scripts/chechpatch.pl before you send any patch.
> > It would catch the indentation problems, split of the string, ...
>
> I have used the script checkpatch.pl to verify the patch. And it passed
> for the checking. About the indentation problems, it may be caused by
> the sepcified vimrc file.

I get the following warning on your patch:

--- cut ---
$> ./scripts/checkpatch.pl /prace/klp-module-notify-error-v3-iter1.patch
WARNING: quoted string split across lines
#181: FILE: kernel/livepatch/core.c:965:
+ pr_warn("patch '%s' is dead, remove it "
+ "or re-install the module '%s'\n",

total: 0 errors, 1 warnings, 62 lines checked

/prace/klp-module-notify-error-v3-iter1.patch has style problems, please review.

If any of these errors are false positives, please report
them to the maintainer, see CHECKPATCH in MAINTAINERS.
--- cut ---

BTW: I do not see the problems with indentation.

Best Regards,
Petr
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/