kpatch-build: enable option -R|--replace to build replace klp#1183
kpatch-build: enable option -R|--replace to build replace klp#1183sm00th merged 4 commits intodynup:masterfrom
Conversation
kmod/patch/livepatch-patch-hook.c
Outdated
| # define HAVE_SIMPLE_ENABLE | ||
| #endif | ||
|
|
||
| /* TODO: check RHEL_RELEASE_CODE for KLP_REPLACE*/ |
There was a problem hiding this comment.
Atomic replace was backported to rhel-8's kernel-4.18.0-147.3.el8. It was never backported to rhel-7.
There was a problem hiding this comment.
I think we can do rhel_kernel_version_gte 4.18.0-147.el8 in kpatch-build. But I am not sure how to check it here. Is RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(8, 0) sufficient?
There was a problem hiding this comment.
For the .c code, we can use RHEL_RELEASE_CODE(8, 2) since atomic replace support was only added in 8.2 GA kernels onward.
For the kpatch-build code, we could have used rhel_kernel_version_gte 4.18.0-147.3.el8 (the trailing .3 would have been important), but if the kmod code can only check RHEL release numbers, then let's match these two checks. So then it would be rhel_kernel_version_gte 4.18.0-193.el8 as -193 was the 8.2 GA kernel.
kpatch-build/kpatch-build
Outdated
| if [[ "$KLP_REPLACE" -eq 1 ]] ; then | ||
| sed -i 's/lpatch->replace = false/lpatch->replace = true/g' "$TEMPDIR/patch/livepatch-patch-hook.c" | ||
| fi | ||
|
|
There was a problem hiding this comment.
I don't know how I feel about this approach -- in a way, atomic replace and other features that directly affect the klp_patch object are more than just build options, they may change the way the kpatch is coded. I wonder if we should try to move this in the kpatch itself somehow? This might be too difficult to implement (how to check that said feature is supported, etc.) but I ask in case others have any good ideas.
There was a problem hiding this comment.
With current klp_patch->replace design, which unloads all loaded patch with the new patch, I think the decision to use replace or not is done at kpatch-build time. Therefore, we don't need much flexibility in kpatch. (I may have missed some meaningful scenarios, though. )
There was a problem hiding this comment.
Right, the question I have is whether --replace might tempt somebody to use the same input patch without the flag. If klp_patch->replace behavior is encoded in the kpatch itself, then the kpatch author be responsible for doing so. That is to say, the patch author wrote it in the style for atomic replace and expects it to be built that way.
There was a problem hiding this comment.
Song - for your kpatch infrastructure, would you be intending to build all kpatches with atomic replace? I ask, as maybe another way to look at this is to default all kpatches as klp->replace where available. Just curious what your use case is.
There was a problem hiding this comment.
In our use cases, I would like to build all kpatches with atomic replace. Each host will have at most one kpatch load at anytime. I think this would give fewer confusions.
|
@joe-lawrence How does this version look to you? Do we need more work (in kpatch?) to move forward here? Thanks! |
|
Since cumulative updates are the recommended and standard practice, I'd vote to make Also, instead of the in-place 'sed' of the .c file, how about putting the default boolean value in a macro: Then kpatch-build can change the default if needed by passing the -D option to gcc. Also, I think some update to the patch author guide document is needed, with respect to callbacks. There's a subtle difference between replace and non-replace. With replace, a cumulative update will call the prior patch's pre-unpatch callback which could have an unintended effect if the patch author isn't careful. Maybe we should consider adding a new pre-replace callback. |
If we use replace as default, shall we add -N|--non-replace? Any better name for this option? Personally, I still think non-replace should be the default (considering the pre-unpatch pre-replace issue).
Yes, this is better. Let me fix it.
Let me also take a look at documentation and pre-replace. Thanks! |
Version 1.0 sounds good to me 🥳 Unless you want to reserve that for eventual kpatch.ko support removal.
Agreed. A
Yeah, it could definitely use an update here. The kernel docs on cumulative-patches provide a good summary of callback behavior under atomic replace. I think the major difference is that that only the new cumulative callbacks will ever be called. See the atomic replace test in the test-callbacks selftest for example. So I'm not sure if a pre-replace callback is needed, unless we wanted to introduce a change in this behavior upstream (no old callbacks run, except this special one). I think the new cumulative patch's pre-patch callback should fit most use cases, or am I missing something? |
kpatch.ko is already deprecated and, IIRC, broken with new kernels anyway, so its eventual removal may be a non-event.
Sounds good to me. Another possibility would be a positively-worded option (
I guess I was wrong in thinking that the previous patch's pre-unpatch callback gets called. So forget my pre-replace callback idea. |
|
I updated the PR with
Please let me know your thoughts on this. Thanks! |
|
@joe-lawrence @jpoimboe Could you please share your feedbacks on this version? Thanks! |
jpoimboe
left a comment
jpoimboe
left a comment
There was a problem hiding this comment.
Thinking about it again, the '-N' bothers me, since it stands for "non" it can mean disabling anything. Can we change to '-R'?
I'd prefer not to print the "Disabling replace for KLP" message as we try to keep the kpatch-build output down to a bare minimum.
Otherwise it's looking good to me.
liu-song-6
force-pushed
the
replace
branch
2 times, most recently
from
7ac9227 to
218daa9
Compare
kpatch-build/kpatch-build
Outdated
| echo "WARNING: Use of kpatch core module (kpatch.ko) is deprecated! There may be bugs!" >&2 | ||
|
|
||
| if [[ "$KLP_REPLACE" -eq 1 ]] ; then | ||
| die "kpatch core module (kpatch.ko) does not support replace, please add -N|--non-replace" |
|
Sorry on getting back to this one @liu-song-6 , swamped with work items at the moment. I just want to pop in to say that changing default kpatch-build to atomic replace breaks the integration tests when they run for all the older (unsupported) kernels. We could 1) only use atomic replace default if the target kernel supports it. I think that would be confusing. or 2 ) copy that Also, a really small nit: I think your editor automatically clears any trailing whitespace from the files that were edited. Not a big deal, but the diff stat would be cleaner without all those edits. |
joe-lawrence
left a comment
joe-lawrence
left a comment
There was a problem hiding this comment.
@liu-song-6 : looks mostly good, I think updating the manpage and the integration test script should be all that's left
liu-song-6
force-pushed
the
replace
branch
2 times, most recently
from
296956d to
1b9c551
Compare
doc/patch-author-guide.md
Outdated
| return task; | ||
| } | ||
|
|
There was a problem hiding this comment.
These whitespace changes are still scattered throughout the PR. Is there a way to omit them so they don't add unrelated changes?
There was a problem hiding this comment.
It requires some manual work. But yeah, I can get rid of them.
test/integration/kpatch-test
Outdated
| elif kernel_version_gte 5.1.0 ; then | ||
| SUPPORT_KLP_REPLACE=1 | ||
| fi | ||
|
|
There was a problem hiding this comment.
Was there a reason not to copy kpatch-build's support_klp_replace() and associated functions? If it's only a few more net LOC, but if it matches exactly, hopefully it will be easier to keep synchronized when any updates are needed.
Since 5.1 kernel, klp_patch supports a "replace" option, which does atomic replace of cumulative patches. Enable building such patch by default. If replace behavior is not desired, the user can use -R|--non-replace option to disable it. Signed-off-by: Song Liu <song@kernel.org>
Add documentation about kpatch-build enables livepatch "replace" flag by default, and provides -R|--non-replace option to disable the flag. Signed-off-by: Song Liu <song@kernel.org>
Signed-off-by: Song Liu <song@kernel.org>
For redhat kernel < 4.18.0-193.el8 or non-redhat kernel version < 5.1, add -R to $KPATCHBUILD_OPTS. Signed-off-by: Song Liu <song@kernel.org>
|
Looks good, @liu-song-6 , thanks for working on this one! |
4 participants
Since 5.1 kernel, klp_patch supports a "replace" option, which does atomic
replace of cumulative patches. Enable building such patch with an option.
Signed-off-by: Song Liu song@kernel.org