lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 21 Nov 2008 21:34:43 +0530
From:	Balbir Singh <balbir@...ux.vnet.ibm.com>
To:	ananth@...ibm.com
CC:	Nikanth Karthikesan <knikanth@...e.de>,
	linux-kernel@...r.kernel.org, davem@...emloft.net,
	mhiramat@...hat.com, contact@...lice.com, jbarnold@...lice.com,
	tabbott@...lice.com, wdaher@...lice.com, andersk@...lice.com
Subject: Re: [RFC] kreplace: Rebootless kernel updates

Ananth N Mavinakayanahalli wrote:
> On Fri, Nov 21, 2008 at 05:20:25PM +0530, Nikanth Karthikesan wrote:
>> This RFC patch adds support for limited form of rebootless kernel patching 
>> even without building the entire kernel.
>>
>> When looking for a shortcut to avoid the rebuild/reboot cycle when hacking the  
>> kernel - the ksplice[1] was posted. This patch extends kprobes to do something 
>> similar, which would require even lesser time to _experiment_ with the running 
>> kernel. 
> 
> There have been other implementations of this feature, I am sure quite a
> few people would have objections to having this as part of the kernel :-)
> 

I had a patch for x86 a long time ago in 2005, but I never posted it :(

>> This small patch extends jprobes so that the jprobe's handler is executed but 
>> skips executing the actual function. But this has its own limitations such as 
>> Cannot access symbols not exported for modules (ofcourse hacks like 
>> pointers[2] can be used.), problems related to return values[3], etc... This 
>> is currently a x86_64 only _hack_.
> 
> There are many other issues too... How do you enforce correct usage of this
> infrastrucutre? What prevents people from overriding core-kernel
> functions with their own?
> 

Yes and we need to be careful about licensing, tainting the kernel with such an
implementation.

> Kprobes themselves provide enough ammunition to users to shoot themselves
> in the foot, but this is way more dangerous than that.
> ...
> 

Undoubtedly, but a good warning is the best way to keep people warned about
running such code :) It is a useful thing to have and to run, but running it
would take more guts than anything else.



-- 
	Balbir
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ