| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Feb 2016 22:08:15 -0500
From: Jessica Yu <jeyu@...hat.com>
To: Josh Poimboeuf <jpoimboe@...hat.com>,
Seth Jennings <sjenning@...hat.com>,
Jiri Kosina <jikos@...nel.org>,
Vojtech Pavlik <vojtech@...e.com>,
Miroslav Benes <mbenes@...e.cz>,
Rusty Russell <rusty@...tcorp.com.au>,
Steven Rostedt <rostedt@...dmis.org>,
Ingo Molnar <mingo@...hat.com>
Cc: live-patching@...r.kernel.org, linux-kernel@...r.kernel.org,
Jessica Yu <jeyu@...hat.com>
Subject: [PATCH v3 0/2] Fix ordering of ftrace/livepatch calls on module load and unload
As explained here [1], livepatch modules are failing to initialize properly
because the ftrace coming module notifier (which calls
ftrace_module_enable()) runs *after* the livepatch module notifier (which
enables the patch(es)). Thus livepatch attempts to apply patches to
modules before ftrace_module_enable() is even called for the corresponding
module(s). As a result, patch modules break. Ftrace code must run before
livepatch on module load, and the reverse is true on module unload.
For ftrace and livepatch, order of initialization (plus exit/cleanup code) is
important for loading and unloading modules, and using module notifiers to
perform this work is not ideal since it is not always clear what gets called
when. In this patchset, dependence on the module notifier call chain is removed
in favor of hard coding the corresponding function calls in the module loader.
This promotes better code visibility and ensures that ftrace and livepatch code
get called in the correct order on patch module load and unload.
Tested the changes with a test livepatch module that patches 9p and nilfs2,
and verified that the issue described in [1] is fixed.
Patches are based on linux-next.
v1 can be found here -
https://lkml.kernel.org/g/1454049827-3726-1-git-send-email-jeyu@redhat.com
v2 can be found here -
https://lkml.kernel.org/g/1454375856-27757-1-git-send-email-jeyu@redhat.com
v3:
- Fix incorrect comments
- Rename klp_module_{enable,disable} to klp_module_{coming,going}
- Remove externs from livepatch.h
- Fix error handling in kernel/module.c
v2:
- Instead of splitting the ftrace and livepatch notifiers into coming + going
notifiers and adjusting their priorities, remove ftrace and livepatch notifiers
completely and hard-code the necessary function calls in the module loader.
[1] http://lkml.kernel.org/g/20160128204033.GA32131@packer-debian-8-amd64.digitalocean.com
Jessica Yu (2):
ftrace/module: remove ftrace module notifier
livepatch/module: remove livepatch module notifier
include/linux/ftrace.h | 6 +-
include/linux/livepatch.h | 9 +++
kernel/livepatch/core.c | 153 +++++++++++++++++++++++-----------------------
kernel/module.c | 24 +++++++-
kernel/trace/ftrace.c | 36 +----------
5 files changed, 112 insertions(+), 116 deletions(-)
--
2.4.3
Powered by blists - more mailing lists