lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 30 Jan 2018 17:11:30 -0500
From:   Jason Baron <jbaron@...mai.com>
To:     Joe Lawrence <joe.lawrence@...hat.com>,
        Evgenii Shatokhin <eshatokhin@...tuozzo.com>,
        Petr Mladek <pmladek@...e.com>
Cc:     linux-kernel@...r.kernel.org, live-patching@...r.kernel.org,
        jpoimboe@...hat.com, jeyu@...nel.org, jikos@...nel.org,
        mbenes@...e.cz
Subject: Re: [PATCH v5 0/3] livepatch: introduce atomic replace



On 01/30/2018 02:24 PM, Joe Lawrence wrote:
> On 01/30/2018 01:19 PM, Jason Baron wrote:
>> [ ... snip ... ]
>>
>> Our main interest in 'atomic replace' is simply to make sure that
>> cumulative patches work as expected in that they 'replace' any prior
>> patches. We have an interest primarily in being able to apply patches
>> from the stable trees via livepatch. I think the current situation with
>> respect to 'replace' and callbacks is fine for us as well, but could
>> change based on more experience with livepatch.
> 
> Well the callback implementation was based somewhat on theoretical
> usage..  it was inspired by the kpatch macros that you talk about below,
> in which we had a few specific use-cases.  Converting (un)patch
> notifiers to the livepatch model presented additional callback
> locations, and as such we ended up with pre-patch, post-patch,
> pre-unpatch and post-unpatch callbacks.  Hopefully we'll get a better
> idea of their worth as we gain experience using them.  At this point in
> time I would suggest keeping it as simple and safe as possible.  :)
> 
>> As an aside I was just wondering how you are making use of the callbacks
>> using the tool you mentioned (that is based on kpatch)? I see in the
>> upstream kpatch that there are hooks such as: 'KPATCH_LOAD_HOOK(fn)' and
>> 'KPATCH_UNLOAD_HOOK(fn)'. However, these are specific to 'kpatch' (as
>> opposed to livepatch), and I do not see these sort of macros for the
>> recently introduced livepatch callbacks. It seems it would be easy
>> enough to add similar hooks for the livepatch callbacks. I was thinking
>> of writing such a patch, but was wondering if there was an existing
>> solution?
> 
> I've got a work in progress PR for this very feature:
> https://github.com/dynup/kpatch/pull/780
> 
> Evgenii has already provided some helpful feedback. Another set of
> eyes/testing would be appreciated!

Cool - this would be a nice feature to add. I've added some comments at
the above link.

Thanks,

-Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ