lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5473325B.7070609@hitachi.com>
Date:	Mon, 24 Nov 2014 22:27:55 +0900
From:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Seth Jennings <sjenning@...hat.com>,
	Josh Poimboeuf <jpoimboe@...hat.com>,
	Jiri Kosina <jkosina@...e.cz>,
	Vojtech Pavlik <vojtech@...e.cz>,
	Steven Rostedt <rostedt@...dmis.org>,
	Petr Mladek <pmladek@...e.cz>, Miroslav Benes <mbenes@...e.cz>,
	Christoph Hellwig <hch@...radead.org>,
	Greg KH <gregkh@...uxfoundation.org>,
	Andy Lutomirski <luto@...capital.net>,
	live-patching@...r.kernel.org, x86@...nel.org, kpatch@...hat.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCHv3 2/3] kernel: add support for live patching

(2014/11/24 20:13), Thomas Gleixner wrote:
> On Thu, 20 Nov 2014, Seth Jennings wrote:
>> This commit introduces code for the live patching core.  It implements
>> an ftrace-based mechanism and kernel interface for doing live patching
>> of kernel and kernel module functions.
>>
>> It represents the greatest common functionality set between kpatch and
>> kgraft and can accept patches built using either method.
>>
>> This first version does not implement any consistency mechanism that
>> ensures that old and new code do not run together.  In practice, ~90% of
>> CVEs are safe to apply in this way, since they simply add a conditional
>> check.  However, any function change that can not execute safely with
>> the old version of the function can _not_ be safely applied in this
>> version.
> 
> To be honest this sounds frightening.
> 

I see. This is just a minimal one. We'll add several consistency
mechanisms :).

> How is determined whether a change can be applied w/o a consistency
> mechanism or not?

I guess the following cases are possible to be applied.
- the code itself ensures consistency (e.g. in a critical section)
or,
- the patch just changes one place (e.g. add an if branch) and
  only depends on the local context (e.g. local variables), and
  doesn't called in a loop, so that old- and new-version of the
  function can co-exist.

Thank you,

> 
> Thanks,
> 
> 	tglx
> 
> 


-- 
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Research Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@...achi.com


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ