hook unload function doesn't run when module is replaced

[jpoimboe]

To recreate:

kpatch load kpatch-macro-hooks.ko
kpatch replace kpatch-meminfo-string.ko <-- first patch's hook unload doesn't run

I don't see a straightforward way to fix this without a little bit of redesign. I wonder if we should just get rid of "kpatch replace", because of all the complexity it adds to the code. Is it really important to have an atomic replace for upgrading cumulative modules, vs just doing kpatch unload old.ko; kpatch load new.ko?

[sjenning]

I've never really been a fan of it myself. Unless you have an exploit running continuously on the machine trying to get into the gap between the unload and load, I can't see how an atomic replace adds anything. It would also simplify the core module code to which is an advantage for getting upstream. 👍

[jpoimboe]

Unless you have an exploit running continuously on the machine trying to get into the gap between the unload and load

Yeah. It's unlikely, but it is possible, and a small security risk. Which is why I'm kind of on the fence about this one.

Eventually maybe it won't be an issue if we can figure out how to do incremental patching properly.

[jpoimboe]

Instead of kpatch replace you can just load a new patch which is a superset of the previous patch. So I think an atomic replace isn't really necessary. I think we should remove it.