| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Nov 2015 08:29:27 -0600 From: Chris J Arges <chris.j.arges@...onical.com> To: Jiri Kosina <jikos@...nel.org> Cc: live-patching@...r.kernel.org, jpoimboe@...hat.com, sjenning@...hat.com, Vojtech Pavlik <vojtech@...e.com>, pmladek@...e.com, jeyu@...hat.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/3 v7] livepatch: add old_sympos as disambiguator field to klp_func On 11/16/2015 03:59 PM, Jiri Kosina wrote: > On Mon, 16 Nov 2015, Chris J Arges wrote: > >> In cases of duplicate symbols, old_sympos will be used to disambiguate >> instead of old_addr. By default old_sympos will be 0, and patching will >> only succeed if the symbol is unique. Specifying a positive value will >> ensure that occurrence of the symbol in kallsyms for the patched object >> will be used for patching if it is valid. >> >> In addition, make old_addr an internal structure field not to be specified >> by the user. Finally, remove klp_find_verify_func_addr as it can be >> replaced by klp_find_object_symbol directly. >> >> Support for symbol position disambiguation for relocations is added in the >> next patch in this series. > > Chris, > > I am sorry to repeat myself, but the changelog is quite verbose with > respect to "what is being done", but it doesn't contain any information > whatsoever with respect to "why is this an improvement over current > state", IOW why we are changing the status quo at all. > > This absolutely has to be present in the changelog. > > Thanks, > Jiri, Ok, I had put this in the cover letter which I thought was ok as well. I'll copy those parts into this commit message as well. Here is the text below. Let me know if this is sufficient. " Currently, patching objects with duplicate symbol names fail because the creation of the sysfs function directory collides with the previous attempt. Appending old_addr to the function name is problematic as it reveals the address of the function being patched to a normal user. Using the symbol's occurrence in kallsyms to postfix the function name in the sysfs directory solves the issue of having consistent unique names and ensuring that the address is not exposed to a normal user. In addition, using the symbol position as the user's method to disambiguate symbols instead of addr allows for disambiguating symbols in modules as well for both function addresses and for relocs. This also simplifies much of the code. Special handling for kASLR is no longer needed and can be removed. The klp_find_verify_func_addr function can be replaced by klp_find_object_symbol, and klp_verify_vmlinux_symbol and its callback can be removed completely. " --chris -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists