lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 15 Feb 2016 17:27:35 -0600
From:	Josh Poimboeuf <jpoimboe@...hat.com>
To:	Jiri Kosina <jikos@...nel.org>
Cc:	Rusty Russell <rusty@...tcorp.com.au>,
	Jessica Yu <jeyu@...hat.com>,
	Seth Jennings <sjenning@...hat.com>,
	Vojtech Pavlik <vojtech@...e.com>,
	Miroslav Benes <mbenes@...e.cz>,
	Petr Mladek <pmladek@...e.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Ingo Molnar <mingo@...hat.com>, live-patching@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 4/4] livepatch/module: remove livepatch module notifier

On Sun, Feb 14, 2016 at 11:59:00PM +0100, Jiri Kosina wrote:
> On Wed, 10 Feb 2016, Jiri Kosina wrote:
> 
> > > > Remove the livepatch module notifier in favor of directly enabling and
> > > > disabling patches to modules in the module loader. Hard-coding the
> > > > function calls ensures that ftrace_module_enable() is run before
> > > > klp_module_coming() during module load, and that klp_module_going() is
> > > > run before ftrace_release_mod() during module unload. This way, ftrace
> > > > and livepatch code is run in the correct order during the module
> > > > load/unload sequence without dependence on the module notifier call chain.
> > > >
> > > > This fixes a notifier ordering issue in which the ftrace module notifier
> > > > (and hence ftrace_module_enable()) for coming modules was being called
> > > > after klp_module_notify(), which caused livepatch modules to initialize
> > > > incorrectly.
> > > 
> > > Without a Fixes: line, it's not absolutely clear whether this needs
> > > CC:stable, needs to go to Linus now, or can wait for the next merge
> > > window.
> > > 
> > > I *think* you want all four merged this merge window, and 3 and 4 are
> > > required to fix a regression introduced since 4.4...
> > 
> > Your understanding is correct; #3 and #4 are needed to fix a 4.4 
> > regression. It makes sense for the whole lot go to together, but for #1 
> > and #2 I absolutely need your Ack before I take it to my tree, as I don't 
> > want to be merging this behind your back.
> > 
> > Once you Ack #1 and #2, I plan to take this to Linus immediately so that 
> > we avoid doing these changes as very last minute.
> 
> Rusty, friendly ping? :)
> 
> I know that this is quite tight timing, but I'd like to have the 4.4 
> regression fixed, and we are quite late in the -rc phase already.

So I think the commit causing the regression is 5156dca34a3e, which
occurred in the 4.5 cycle, *not* in 4.4.

Also it's my understanding that only the third patch ("remove ftrace
module notifier") is needed to fix the regression, and the other patches
are just general improvements.  So if needed I think we can just rebase
that patch (which already has Rusty's ack I believe) and send it to
Linus now.

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ