lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 4 Feb 2016 11:43:57 +0100 (CET)
From:	Jiri Kosina <jikos@...nel.org>
To:	Jessica Yu <jeyu@...hat.com>
cc:	Josh Poimboeuf <jpoimboe@...hat.com>,
	Seth Jennings <sjenning@...hat.com>,
	Vojtech Pavlik <vojtech@...e.com>,
	Miroslav Benes <mbenes@...e.cz>,
	Rusty Russell <rusty@...tcorp.com.au>,
	Steven Rostedt <rostedt@...dmis.org>,
	Ingo Molnar <mingo@...hat.com>, live-patching@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 0/2] Fix ordering of ftrace/livepatch calls on module
 load and unload

On Mon, 1 Feb 2016, Jessica Yu wrote:

> As explained here [1], livepatch modules are failing to initialize properly
> because the ftrace coming module notifier (which calls
> ftrace_module_enable()) runs *after* the livepatch module notifier (which
> enables the patch(es)). Thus livepatch attempts to apply patches to
> modules before ftrace_module_enable() is even called for the corresponding
> module(s). As a result, patch modules break. Ftrace code must run before
> livepatch on module load, and the reverse is true on module unload.
> 
> For ftrace and livepatch, order of initialization (plus exit/cleanup code)
> is important for loading and unloading modules, and using module notifiers
> to perform this work is not ideal since it is not always clear what gets
> called when. In this patchset, dependence on the module notifier call chain
> is removed in favor of hard coding the corresponding function calls in the
> module loader. This promotes better code visibility and ensures that ftrace
> and livepatch code get called in the correct order on patch module load and
> unload.
> 
> Tested the changes with a test livepatch module that patches 9p and nilfs2,
> and verified that the issue described in [1] is fixed.
> 
> Patches are based on linux-next.
> 
> v1 can be found here -
> http://lkml.kernel.org/g/1454049827-3726-1-git-send-email-jeyu@redhat.com
> 
> v2:
> - Instead of splitting the ftrace and livepatch notifiers into coming + going
>   notifiers and adjusting their priorities, remove ftrace and livepatch notifiers
>   completely and hard-code the necessary function calls in the module loader.
> 
> [1] http://lkml.kernel.org/g/20160128204033.GA32131@packer-debian-8-amd64.digitalocean.com
> 
> 
> Jessica Yu (2):
>   ftrace/module: remove ftrace module notifier
>   livepatch/module: remove livepatch module notifier
> 
>  include/linux/ftrace.h    |   6 +-
>  include/linux/livepatch.h |   9 +++
>  kernel/livepatch/core.c   | 144 ++++++++++++++++++++++------------------------
>  kernel/module.c           |  12 ++++
>  kernel/trace/ftrace.c     |  36 +-----------

Steven, Rusty, what is your word on this please?

These two patches should be merged together, and I'd like to have the 
module patching issue Jessica discovered fixed for 4.5 still. IOW, if you 
Ack the parts relevant to you (ftrace and module), I'd be willing to take 
it to Linus through my tree.

Thanks,

-- 
Jiri Kosina
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ