lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1430742009-5895-1-git-send-email-jslaby@suse.cz>
Date:	Mon,  4 May 2015 14:20:09 +0200
From:	Jiri Slaby <jslaby@...e.cz>
To:	live-patching@...r.kernel.org
Cc:	jpoimboe@...hat.com, sjenning@...hat.com, jkosina@...e.cz,
	vojtech@...e.cz, mingo@...hat.com, linux-kernel@...r.kernel.org,
	Jiri Slaby <jslaby@...e.cz>
Subject: [RFC kgr on klp 0/9] kGraft on the top of KLP

Hello,

this is a patchset which teaches the Kernel Live Patching to be
consistent when patching with the use of the kGraft approach [1].
Besides helpers, the set adds support for consistency models,
implements the kGraft consistency model, and finally allows for
sending signals to complete the patching process quickly (but still
safely).

Currently we have only two consistency models:
* none
* kGraft

None is the one which was present before the patchset and that one
indeed guarantees no consistency at all. LEAVE_FUNCTION and
SWITCH_FUNCTION as was described earlier [2]. kGraft is based on the
well-known RCU principle and every process is converted to the patched
world on its own, safely. kGraft is LEAVE_KERNEL and SWITCH_THREAD.

Signal "broadcasting" is added in the last patch of the series and is
based on the previous public discussions [3].

As usual, see the respective patches for more details about a
particular patch.

Since the KLP supports x86_64 and s390 currently, the same holds for
this patchset. It was tested on both of these arch's.

Thanks go to Petr Mladek, Mirek Benes, Jiri Kosina, and others, who
worked hard to improved the set much. 

[1] https://lkml.org/lkml/2014/6/25/284
[2] https://lkml.org/lkml/2014/11/7/354
[3] https://lkml.org/lkml/2015/2/21/119

Jiri Slaby (7):
  livepatch: introduce patch/func-walking helpers
  livepatch: add klp_*_to_patch helpers
  livepatch: add kgr infrastructure
  livepatch: teach klp about consistency models
  livepatch: do not allow failure while really patching
  livepatch: propagate the patch status to functions
  livepatch: add kgraft-like patching

Miroslav Benes (2):
  livepatch: make kobject in klp_object statically allocated
  livepatch: send a fake signal to all tasks

 arch/s390/include/asm/thread_info.h  |   2 +
 arch/s390/kernel/Makefile            |   1 +
 arch/s390/kernel/entry.S             |  11 ++
 arch/s390/kernel/livepatch.c         |  14 ++
 arch/x86/include/asm/thread_info.h   |  11 +-
 arch/x86/kernel/ptrace.c             |   7 +
 arch/x86/kernel/signal.c             |   5 +
 fs/proc/base.c                       |  14 ++
 include/linux/livepatch.h            |  81 +++++++++-
 include/linux/sched.h                |  28 ++++
 kernel/livepatch/Makefile            |   2 +-
 kernel/livepatch/cmodel-kgraft.c     | 204 +++++++++++++++++++++++++
 kernel/livepatch/cmodel-simple.c     |  39 +++++
 kernel/livepatch/core.c              | 284 +++++++++++++++++++++++++++--------
 kernel/signal.c                      |   3 +-
 samples/livepatch/livepatch-sample.c |   1 +
 16 files changed, 638 insertions(+), 69 deletions(-)
 create mode 100644 arch/s390/kernel/livepatch.c
 create mode 100644 kernel/livepatch/cmodel-kgraft.c
 create mode 100644 kernel/livepatch/cmodel-simple.c

-- 
2.3.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ