| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2015 13:39:55 +0100 From: Petr Mladek <pmladek@...e.cz> To: Ingo Molnar <mingo@...nel.org> Cc: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, "David S. Miller" <davem@...emloft.net>, Anil S Keshavamurthy <anil.s.keshavamurthy@...el.com>, Ananth NMavinakayanahalli <ananth@...ibm.com>, Frederic Weisbecker <fweisbec@...il.com>, Steven Rostedt <rostedt@...dmis.org>, Ingo Molnar <mingo@...hat.com>, Jiri Kosina <jkosina@...e.cz>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v3] kprobes: Disable Kprobe when ftrace arming fails On Mon 2015-03-23 11:33:27, Ingo Molnar wrote: > > * Petr Mladek <pmladek@...e.cz> wrote: > > > On Mon 2015-03-23 09:54:26, Ingo Molnar wrote: > > > > > > * Petr Mladek <pmladek@...e.cz> wrote: > > > > > > > arm_kprobe_ftrace() could fail, especially after introducing ftrace > > > > IPMODIFY flag and LifePatching. But this situation is not properly > > > > handled. > > > > > > s/LifePatching/LivePatching? > > > > Great catch! This is well hidden typo. Please, find the fixed version > > below. > > > > > > > Why not fix live patching to still allow kprobes that worked before? > > > > Yup, Kretprobes would work out of box. Masami is working on removing > > the conflict there. > > > > Jprobes are doable but the solution would be rather complicated. > > LivePatching would need to tell Jprobe the right address where to > > continue (according to the universe). We currently solve this by > > wth is a 'universe' in this context? We use the term "universe" to define whether the system or task uses original or patched functions. It is especially important for patches that modify semantic of functions. They need more complex consistency model. It defines when it is safe time for the system or task to start using the new functions (switch to the new universe). In theory, different tasks might be in more universes if more patches are being applied. In practice, we deal with only two universes. The trick is that we allow to add new patch only when the whole system has switched to the previous one. Note that the current implementation does not support changes in the function semantic. Therefore it is safe to start using the new function immediately. It does not need any coordination. > > the conflict. I am not sure if a better solution is worth the effort. > > IMHO, LivePatch users won't want to have Kprobes on a production > > system all the time. They could use Kprobe or attach Jprobe to the > > new version of the function when needed. > > So please outline the current usage limitations, why those limitations > are in place and how you see they should be fixed/addressed. Good point, we should add some info under Documentation/ > > Below is the patch with the fixed typo. > > So the typo is totally immaterial compared to the above fundamental > patch-coordination problems between live patching, ftrace and kprobes > ... This patch makes sense even without live patching and IPMODIFY. The ftrace operation might have failed even before and deserved some sensible handling. And yes, the coordination between live patching and kprobes has to be improved. Masami and me are working on it. Best Regards, Petr -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists