| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Mar 2015 16:45:12 +0100 From: Petr Mladek <pmladek@...e.cz> To: Seth Jennings <sjenning@...hat.com>, Josh Poimboeuf <jpoimboe@...hat.com>, Jiri Kosina <jkosina@...e.cz>, Rusty Russell <rusty@...tcorp.com.au> Cc: Miroslav Benes <mbenes@...e.cz>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, mingo@...nel.org, mathieu.desnoyers@...icios.com, oleg@...hat.com, paulmck@...ux.vnet.ibm.com, live-patching@...r.kernel.org, linux-kernel@...r.kernel.org, andi@...stfloor.org, rostedt@...dmis.org, tglx@...utronix.de, Petr Mladek <pmladek@...e.cz> Subject: [PATCH v2 0/2] livepatch/module: Avoid races between modules and live patches There is a notifier that handles live patches for coming and going modules. It takes klp_mutex lock to avoid races with coming and going patches. Unfortunately, there are some possible races in the current implementation. The problem is that we do not keep the klp_mutex lock all the time when the module is being added or removed. All the problems should get fixed by the two patches. Some of the problems will be visible only after we add a more complex consistency model and start supporting semantics changes in patched functions. But I would like to fix it already now. We will need it anyway. IMHO, the current solution is more elegant than any temporary hacks. The patchset with consistency model will be complex enough. Let's solve some problems even before. Thanks a lot Josh for pointing out that module_ftrace_init() is called in MODULE_STALE_UNFORMED. It inspired me for the other solution of coming modules. Changes in v2: + split fix for coming and going modules + call klp_module_init() directly instead of using a handler + check if mod is not NULL when checking the module state + use the boolean flag only for going handler Petr Mladek (2): livepatch/module: Apply patch when loaded module is unformed livepatch/module: Correctly handle going modules include/linux/livepatch.h | 10 ++++ include/linux/module.h | 4 ++ kernel/livepatch/core.c | 124 +++++++++++++++++++++++++++++++++++----------- kernel/module.c | 9 ++++ 4 files changed, 119 insertions(+), 28 deletions(-) -- 1.8.5.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists