lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BLU436-SMTP63896F784C18EDEB62C62594E60@phx.gbl>
Date:	Tue, 14 Apr 2015 08:17:52 +0800
From:	Minfei Huang <minfei.huang@...mail.com>
To:	Josh Poimboeuf <jpoimboe@...hat.com>
CC:	Petr Mladek <pmladek@...e.cz>, sjenning@...hat.com,
	jkosina@...e.cz, vojtech@...e.cz, live-patching@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] livepatch: Add a new function to verify the address
 and name match for extra module

On 04/13/15 at 05:58P, Josh Poimboeuf wrote:
> On Mon, Apr 13, 2015 at 06:37:10PM +0800, Minfei Huang wrote:
> > For my patches, I think it is used by the persion which will compose the
> > patch individually, not for the manufactor. 
> > 
> > Yes, Verifying extra function address is more useless in general, due to
> > the changable address on different system.
> > 
> > IMO, we shall do our best to make livepatch more robust.
> 
> IIUC, to use this, you'd have to load the module first, manually look up
> the module function's address, and _then_ build the patch for the
> running system.  And the resulting patch wouldn't work on other systems.
> 
> Do you have concrete plans to use it this way?
> 
> Just trying to understand if this is needed for a real world usage
> scenario.

For some companies(like cloud computing company), they will compose
their own module to improve the performance.

Once there is some bug for the own module, they cannt restart to reload
the fixed-module. So it seems that livepatch is the best way to fix this
issue.

Before livepatch being integrated in kernel, we usually use ksplice to
patch the patch.

What the above scenario I met is in my previous work. 

For now, livepatch cannt patch the patch for extra module, once the
function name is larger than 127.

Thanks
Minfei

> 
> -- 
> Josh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ