| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Dec 2015 11:59:53 -0600 From: Josh Poimboeuf <jpoimboe@...hat.com> To: Chris J Arges <chris.j.arges@...onical.com> Cc: live-patching@...r.kernel.org, linux-kernel@...r.kernel.org, jikos@...nel.org, pmladek@...e.com, mbenes@...e.cz, jeyu@...hat.com Subject: Re: [PATCH 0/3 v9] livepatch: disambiguate symbols with the same name On Tue, Dec 01, 2015 at 08:40:53PM -0600, Chris J Arges wrote: > Currently, patching objects with duplicate symbol names fail because the > creation of the sysfs function directory collides with the previous > attempt. Appending old_addr to the function name is problematic as it > reveals the address of the function being patch to a normal user. Using > the symbol's occurrence in kallsyms to postfix the function name in the > sysfs directory solves the issue of having consistent unique names and > ensuring that the address is not exposed to a normal user. > > In addition, using the symbol position as the user's method to disambiguate > symbols instead of addr allows for disambiguating symbols in modules as > well for both function addresses and for relocs. This also simplifies much > of the code. Special handling for kASLR is no longer needed and can be > removed. The klp_find_verify_func_addr function can be replaced by > klp_find_object_symbol, and klp_verify_vmlinux_symbol and its callback can > be removed completely. > > The following set of patches use symbol positioning instead of old > addresses to disambiguate symbols that have the same name in a given > object. This is necessary in order to be able to patch symbols with the > same name within the same object. This requires modifications to the > klp_func and klp_reloc structures to add an additional element. In addition > the scheme used for the func directory in sysfs is modified to append the > symbols occurrence in kallsyms. > > In addition, I've tested this patchset against a modified kpatch. I > modified the kpatch livepatch scaffolding to set lreloc->sympos = 0, and > lfunc->old_sympos to the nth occurrence of the symbol for that object in > kallsyms. I was able to patch the same test patch as described here: > https://github.com/dynup/kpatch/issues/493 > I've also tested this with sample livepatch code to test if the various > old_sympos values work for unique and duplicate functions. > > v9: > - use mod->name instead of mod->obj->name for klp_find_object_symbol in > klp_write_object_relocations > - rebase on current master > - tested with kpatch For the series: Acked-by: Josh Poimboeuf <jpoimboe@...hat.com> -- Josh -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists