[kpatch] Preparing a patch - pitfalls
Evgenii Shatokhin
eshatokhin at odin.com
Mon Sep 28 13:59:17 UTC 2015
25.09.2015 21:51, Evgenii Shatokhin пишет:
> Hi,
>
> In the presentation about using Kpatch in RHEL 7, Seth Jennings mentions
> the following:
>
> "The patches in the upstream kernel to fix CVEs are not designed to be
> applied at runtime. There are certain pitfalls that need to be checked
> for when generating a live patch."
>
> Could you elaborate? What are these pitfalls that should be checked for
> when preparing a Kpatch-based patch? What kind of analysis should be done?
I suppose, one of these pitfalls related to the handling of global data,
discussed in this ML some time ago. The changes in such data are not
detected and require workarounds. Stumbled upon this when trying to make
a Kpatch-based patch from
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30927520dbae297182990bb21d08762bcc35ce1d.
Any other pitfalls to consider?
Regards,
Evgenii
More information about the kpatch
mailing list