1 files changed, 94 insertions, 186 deletions

diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index e77c5017ae0c..bd41b03a72d5 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -45,7 +45,11 @@
  */
 DEFINE_MUTEX(klp_mutex);
 
-/* Registered patches */
+/*
+ * Actively used patches: enabled or in transition. Note that replaced
+ * or disabled patches are not listed even though the related kernel
+ * module still can be loaded.
+ */
 LIST_HEAD(klp_patches);
 
 static struct kobject *klp_root_kobj;
@@ -83,17 +87,6 @@ static void klp_find_object_module(struct klp_object *obj)
         mutex_unlock(&module_mutex);
 }
 
-static bool klp_is_patch_registered(struct klp_patch *patch)
-{
-        struct klp_patch *mypatch;
-
-        list_for_each_entry(mypatch, &klp_patches, list)
-                if (mypatch == patch)
-                        return true;
-
-        return false;
-}
-
 static bool klp_initialized(void)
 {
         return !!klp_root_kobj;
@@ -292,7 +285,6 @@ static int klp_write_object_relocations(struct module *pmod,
  * /sys/kernel/livepatch/<patch>/<object>/<function,sympos>
  */
 static int __klp_disable_patch(struct klp_patch *patch);
-static int __klp_enable_patch(struct klp_patch *patch);
 
 static ssize_t enabled_store(struct kobject *kobj, struct kobj_attribute *attr,
                              const char *buf, size_t count)
@@ -309,40 +301,32 @@ static ssize_t enabled_store(struct kobject *kobj, struct kobj_attribute *attr,
 
         mutex_lock(&klp_mutex);
 
-        if (!klp_is_patch_registered(patch)) {
-                /*
-                 * Module with the patch could either disappear meanwhile or is
-                 * not properly initialized yet.
-                 */
-                ret = -EINVAL;
-                goto err;
-        }
-
         if (patch->enabled == enabled) {
                 /* already in requested state */
                 ret = -EINVAL;
-                goto err;
+                goto out;
         }
 
-        if (patch == klp_transition_patch) {
+        /*
+         * Allow to reverse a pending transition in both ways. It might be
+         * necessary to complete the transition without forcing and breaking
+         * the system integrity.
+         *
+         * Do not allow to re-enable a disabled patch.
+         */
+        if (patch == klp_transition_patch)
                 klp_reverse_transition();
-        } else if (enabled) {
-                ret = __klp_enable_patch(patch);
-                if (ret)
-                        goto err;
-        } else {
+        else if (!enabled)
                 ret = __klp_disable_patch(patch);
-                if (ret)
-                        goto err;
-        }
+        else
+                ret = -EINVAL;
 
+out:
         mutex_unlock(&klp_mutex);
 
+        if (ret)
+                return ret;
         return count;
-
-err:
-        mutex_unlock(&klp_mutex);
-        return ret;
 }
 
 static ssize_t enabled_show(struct kobject *kobj,
@@ -508,7 +492,7 @@ static void klp_free_objects(struct klp_patch *patch)
  * The operation must be completed by calling klp_free_patch_finish()
  * outside klp_mutex.
  */
-static void klp_free_patch_start(struct klp_patch *patch)
+void klp_free_patch_start(struct klp_patch *patch)
 {
         if (!list_empty(&patch->list))
                 list_del(&patch->list);
@@ -536,6 +520,23 @@ static void klp_free_patch_finish(struct klp_patch *patch)
                 kobject_put(&patch->kobj);
                 wait_for_completion(&patch->finish);
         }
+
+        /* Put the module after the last access to struct klp_patch. */
+        if (!patch->forced)
+                module_put(patch->mod);
+}
+
+/*
+ * The livepatch might be freed from sysfs interface created by the patch.
+ * This work allows to wait until the interface is destroyed in a separate
+ * context.
+ */
+static void klp_free_patch_work_fn(struct work_struct *work)
+{
+        struct klp_patch *patch =
+                container_of(work, struct klp_patch, free_work);
+
+        klp_free_patch_finish(patch);
 }
 
 static int klp_init_func(struct klp_object *obj, struct klp_func *func)
@@ -661,6 +662,7 @@ static int klp_init_patch_early(struct klp_patch *patch)
         patch->kobj_added = false;
         patch->enabled = false;
         patch->forced = false;
+        INIT_WORK(&patch->free_work, klp_free_patch_work_fn);
         init_completion(&patch->finish);
 
         klp_for_each_object(patch, obj) {
@@ -673,6 +675,9 @@ static int klp_init_patch_early(struct klp_patch *patch)
                         func->kobj_added = false;
         }
 
+        if (!try_module_get(patch->mod))
+                return -ENODEV;
+
         return 0;
 }
 
@@ -681,115 +686,22 @@ static int klp_init_patch(struct klp_patch *patch)
         struct klp_object *obj;
         int ret;
 
-        mutex_lock(&klp_mutex);
-
-        ret = klp_init_patch_early(patch);
-        if (ret) {
-                mutex_unlock(&klp_mutex);
-                return ret;
-        }
-
         ret = kobject_init_and_add(&patch->kobj, &klp_ktype_patch,
                                    klp_root_kobj, "%s", patch->mod->name);
-        if (ret) {
-                mutex_unlock(&klp_mutex);
+        if (ret)
                 return ret;
-        }
         patch->kobj_added = true;
 
         klp_for_each_object(patch, obj) {
                 ret = klp_init_object(patch, obj);
                 if (ret)
-                        goto free;
+                        return ret;
         }
 
         list_add_tail(&patch->list, &klp_patches);
 
-        mutex_unlock(&klp_mutex);
-
-        return 0;
-
-free:
-        klp_free_patch_start(patch);
-
-        mutex_unlock(&klp_mutex);
-
-        klp_free_patch_finish(patch);
-
-        return ret;
-}
-
-/**
- * klp_unregister_patch() - unregisters a patch
- * @patch:      Disabled patch to be unregistered
- *
- * Frees the data structures and removes the sysfs interface.
- *
- * Return: 0 on success, otherwise error
- */
-int klp_unregister_patch(struct klp_patch *patch)
-{
-        int ret;
-
-        mutex_lock(&klp_mutex);
-
-        if (!klp_is_patch_registered(patch)) {
-                ret = -EINVAL;
-                goto err;
-        }
-
-        if (patch->enabled) {
-                ret = -EBUSY;
-                goto err;
-        }
-
-        klp_free_patch_start(patch);
-
-        mutex_unlock(&klp_mutex);
-
-        klp_free_patch_finish(patch);
-
         return 0;
-err:
-        mutex_unlock(&klp_mutex);
-        return ret;
-}
-EXPORT_SYMBOL_GPL(klp_unregister_patch);
-
-/**
- * klp_register_patch() - registers a patch
- * @patch:      Patch to be registered
- *
- * Initializes the data structure associated with the patch and
- * creates the sysfs interface.
- *
- * There is no need to take the reference on the patch module here. It is done
- * later when the patch is enabled.
- *
- * Return: 0 on success, otherwise error
- */
-int klp_register_patch(struct klp_patch *patch)
-{
-        if (!patch || !patch->mod)
-                return -EINVAL;
-
-        if (!is_livepatch_module(patch->mod)) {
-                pr_err("module %s is not marked as a livepatch module\n",
-                       patch->mod->name);
-                return -EINVAL;
-        }
-
-        if (!klp_initialized())
-                return -ENODEV;
-
-        if (!klp_have_reliable_stack()) {
-                pr_err("This architecture doesn't have support for the livepatch consistency model.\n");
-                return -ENOSYS;
-        }
-
-        return klp_init_patch(patch);
 }
-EXPORT_SYMBOL_GPL(klp_register_patch);
 
 static int __klp_disable_patch(struct klp_patch *patch)
 {
@@ -802,8 +714,7 @@ static int __klp_disable_patch(struct klp_patch *patch)
                 return -EBUSY;
 
         /* enforce stacking: only the last enabled patch can be disabled */
-        if (!list_is_last(&patch->list, &klp_patches) &&
-            list_next_entry(patch, list)->enabled)
+        if (!list_is_last(&patch->list, &klp_patches))
                 return -EBUSY;
 
         klp_init_transition(patch, KLP_UNPATCHED);
@@ -822,44 +733,12 @@ static int __klp_disable_patch(struct klp_patch *patch)
         smp_wmb();
 
         klp_start_transition();
-        klp_try_complete_transition();
         patch->enabled = false;
+        klp_try_complete_transition();
 
         return 0;
 }
 
-/**
- * klp_disable_patch() - disables a registered patch
- * @patch:      The registered, enabled patch to be disabled
- *
- * Unregisters the patched functions from ftrace.
- *
- * Return: 0 on success, otherwise error
- */
-int klp_disable_patch(struct klp_patch *patch)
-{
-        int ret;
-
-        mutex_lock(&klp_mutex);
-
-        if (!klp_is_patch_registered(patch)) {
-                ret = -EINVAL;
-                goto err;
-        }
-
-        if (!patch->enabled) {
-                ret = -EINVAL;
-                goto err;
-        }
-
-        ret = __klp_disable_patch(patch);
-
-err:
-        mutex_unlock(&klp_mutex);
-        return ret;
-}
-EXPORT_SYMBOL_GPL(klp_disable_patch);
-
 static int __klp_enable_patch(struct klp_patch *patch)
 {
         struct klp_object *obj;
@@ -871,17 +750,8 @@ static int __klp_enable_patch(struct klp_patch *patch)
         if (WARN_ON(patch->enabled))
                 return -EINVAL;
 
-        /* enforce stacking: only the first disabled patch can be enabled */
-        if (patch->list.prev != &klp_patches &&
-            !list_prev_entry(patch, list)->enabled)
-                return -EBUSY;
-
-        /*
-         * A reference is taken on the patch module to prevent it from being
-         * unloaded.
-         */
-        if (!try_module_get(patch->mod))
-                return -ENODEV;
+        if (!patch->kobj_added)
+                return -EINVAL;
 
         pr_notice("enabling patch '%s'\n", patch->mod->name);
 
@@ -916,8 +786,8 @@ static int __klp_enable_patch(struct klp_patch *patch)
         }
 
         klp_start_transition();
-        klp_try_complete_transition();
         patch->enabled = true;
+        klp_try_complete_transition();
 
         return 0;
 err:
@@ -928,11 +798,15 @@ err:
 }
 
 /**
- * klp_enable_patch() - enables a registered patch
- * @patch:      The registered, disabled patch to be enabled
+ * klp_enable_patch() - enable the livepatch
+ * @patch:      patch to be enabled
  *
- * Performs the needed symbol lookups and code relocations,
- * then registers the patched functions with ftrace.
+ * Initializes the data structure associated with the patch, creates the sysfs
+ * interface, performs the needed symbol lookups and code relocations,
+ * registers the patched functions with ftrace.
+ *
+ * This function is supposed to be called from the livepatch module_init()
+ * callback.
  *
  * Return: 0 on success, otherwise error
  */
@@ -940,17 +814,51 @@ int klp_enable_patch(struct klp_patch *patch)
 {
         int ret;
 
+        if (!patch || !patch->mod)
+                return -EINVAL;
+
+        if (!is_livepatch_module(patch->mod)) {
+                pr_err("module %s is not marked as a livepatch module\n",
+                       patch->mod->name);
+                return -EINVAL;
+        }
+
+        if (!klp_initialized())
+                return -ENODEV;
+
+        if (!klp_have_reliable_stack()) {
+                pr_err("This architecture doesn't have support for the livepatch consistency model.\n");
+                return -ENOSYS;
+        }
+
+
         mutex_lock(&klp_mutex);
 
-        if (!klp_is_patch_registered(patch)) {
-                ret = -EINVAL;
-                goto err;
+        ret = klp_init_patch_early(patch);
+        if (ret) {
+                mutex_unlock(&klp_mutex);
+                return ret;
         }
 
+        ret = klp_init_patch(patch);
+        if (ret)
+                goto err;
+
         ret = __klp_enable_patch(patch);
+        if (ret)
+                goto err;
+
+        mutex_unlock(&klp_mutex);
+
+        return 0;
 
 err:
+        klp_free_patch_start(patch);
+
         mutex_unlock(&klp_mutex);
+
+        klp_free_patch_finish(patch);
+
         return ret;
 }
 EXPORT_SYMBOL_GPL(klp_enable_patch);