From: Petr Mladek <pmladek@suse•com>
To: Miroslav Benes <mbenes@suse•cz>
Cc: jpoimboe@redhat•com, jeyu@kernel•org, jikos@kernel•org,
lpechacek@suse•cz, pavel@ucw•cz, live-patching@vger•kernel.org,
linux-kernel@vger•kernel.org, Oleg Nesterov <oleg@redhat•com>,
Michael Ellerman <mpe@ellerman•id.au>,
Thomas Gleixner <tglx@linutronix•de>,
Ingo Molnar <mingo@redhat•com>, "H. Peter Anvin" <hpa@zytor•com>,
Andy Lutomirski <luto@kernel•org>,
linuxppc-dev@lists•ozlabs.org, x86@kernel•org
Subject: Re: [PATCH v3 1/2] livepatch: send a fake signal to all blocking tasks
Date: Wed, 1 Nov 2017 16:13:55 +0100 [thread overview]
Message-ID: <20171101151355.GG20040@pathway.suse.cz> (raw)
In-Reply-To: <20171031114853.841-2-mbenes@suse.cz>
On Tue 2017-10-31 12:48:52, Miroslav Benes wrote:
> Live patching consistency model is of LEAVE_PATCHED_SET and
> SWITCH_THREAD. This means that all tasks in the system have to be marked
> one by one as safe to call a new patched function. Safe means when a
> task is not (sleeping) in a set of patched functions. That is, no
> patched function is on the task's stack. Another clearly safe place is
> the boundary between kernel and userspace. The patching waits for all
> tasks to get outside of the patched set or to cross the boundary. The
> transition is completed afterwards.
>
> The problem is that a task can block the transition for quite a long
> time, if not forever. It could sleep in a set of patched functions, for
> example. Luckily we can force the task to leave the set by sending it a
> fake signal, that is a signal with no data in signal pending structures
> (no handler, no sign of proper signal delivered). Suspend/freezer use
> this to freeze the tasks as well. The task gets TIF_SIGPENDING set and
> is woken up (if it has been sleeping in the kernel before) or kicked by
> rescheduling IPI (if it was running on other CPU). This causes the task
> to go to kernel/userspace boundary where the signal would be handled and
> the task would be marked as safe in terms of live patching.
>
> diff --git a/kernel/livepatch/transition.c b/kernel/livepatch/transition.c
> index b004a1fb6032..6700d3b22615 100644
> --- a/kernel/livepatch/transition.c
> +++ b/kernel/livepatch/transition.c
> @@ -577,3 +577,43 @@ void klp_copy_process(struct task_struct *child)
>
> /* TIF_PATCH_PENDING gets copied in setup_thread_stack() */
> }
> +
> +/*
> + * Sends a fake signal to all non-kthread tasks with TIF_PATCH_PENDING set.
> + * Kthreads with TIF_PATCH_PENDING set are woken up. Only admin can request this
> + * action currently.
> + */
> +void klp_force_signals(void)
> +{
> + struct task_struct *g, *task;
> +
> + pr_notice("signaling remaining tasks\n");
> +
> + read_lock(&tasklist_lock);
> + for_each_process_thread(g, task) {
> + if (!klp_patch_pending(task))
> + continue;
> +
> + /*
> + * There is a small race here. We could see TIF_PATCH_PENDING
> + * set and decide to wake up a kthread or send a fake signal.
> + * Meanwhile the task could migrate itself and the action
> + * would be meaningless. It is not serious though.
> + */
> + if (task->flags & PF_KTHREAD) {
> + /*
> + * Wake up a kthread which still has not been migrated.
> + */
> + wake_up_process(task);
I have just noticed that freezer used wake_up_state(p, TASK_INTERRUPTIBLE);
IMHO, we should do so as well.
wake_up_process() wakes also tasks in TASK_UNINTERRUPTIBLE state.
These might not be ready for an unexpected wakeup. For example,
see concat_dev_erase() in drivers/mtd/mtdcontact.c.
With this change, feel free to use
Reviewed-by: Petr Mladek <pmladek@suse•com>
Best Regards,
Petr
next prev parent reply other threads:[~2017-11-01 15:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20171031114853.841-1-mbenes@suse.cz>
2017-10-31 11:48 ` [PATCH v3 1/2] livepatch: send a fake signal to all blocking tasks Miroslav Benes
2017-11-01 15:06 ` Miroslav Benes
2017-11-01 15:13 ` Petr Mladek [this message]
2017-11-01 16:43 ` Oleg Nesterov
2017-11-02 10:36 ` Miroslav Benes
2017-11-02 14:08 ` Oleg Nesterov
2017-11-02 13:09 ` Josh Poimboeuf
2017-11-03 8:02 ` Miroslav Benes
2017-11-03 12:57 ` Josh Poimboeuf
2017-11-02 13:32 ` Josh Poimboeuf
2017-11-03 8:06 ` Miroslav Benes
2017-11-06 11:08 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171101151355.GG20040@pathway.suse.cz \
--to=pmladek@suse$(echo .)com \
--cc=hpa@zytor$(echo .)com \
--cc=jeyu@kernel$(echo .)org \
--cc=jikos@kernel$(echo .)org \
--cc=jpoimboe@redhat$(echo .)com \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
--cc=live-patching@vger$(echo .)kernel.org \
--cc=lpechacek@suse$(echo .)cz \
--cc=luto@kernel$(echo .)org \
--cc=mbenes@suse$(echo .)cz \
--cc=mingo@redhat$(echo .)com \
--cc=mpe@ellerman$(echo .)id.au \
--cc=oleg@redhat$(echo .)com \
--cc=pavel@ucw$(echo .)cz \
--cc=tglx@linutronix$(echo .)de \
--cc=x86@kernel$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox