lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20160318105249.GO22171@pathway.suse.cz>
Date:	Fri, 18 Mar 2016 11:52:49 +0100
From:	Petr Mladek <pmladek@...e.com>
To:	Torsten Duwe <duwe@....de>
Cc:	Balbir Singh <bsingharora@...il.com>,
	Jiri Kosina <jikos@...nel.org>,
	Michael Ellerman <mpe@...erman.id.au>, linuxppc-dev@...abs.org,
	jeyu@...hat.com, linux-kernel@...r.kernel.org, rostedt@...dmis.org,
	kamalesh@...ux.vnet.ibm.com, live-patching@...r.kernel.org,
	mbenes@...e.cz
Subject: Re: [v3,1/8] powerpc: Create a helper for getting the kernel toc
 value

On Thu 2016-03-17 16:59:28, Torsten Duwe wrote:
> On Thu, Mar 17, 2016 at 10:58:42AM +1100, Balbir Singh wrote:
> > 
> > To be honest I think my v6 works well, but I don't have complete confidence
> > due to the lack of proper testing. livepatch samples plus some others I wrote
> > and I one Petr wrote all work (calling patched from within patched),
> 
> I have outlined a failure scenario for you as a reply to v6 ;)
> 
> Question to all: would it be feasible to limit the size of a single module's
> .text + TOC to let's say 8MB, and place modules at 10MB granularity? Then it
> would be unambiguous: exactly iff the high 40 bits of (TOC-LR) are zero, both
> belong to the same module.

We need to be careful about any limit. I did a quick check of the size
of modules on my system and there is one 13MB big:

13737713        ./3.12.44-52.18-default/extra/fglrx.ko

Another problem is security. If we align the modules too much, it
might make the life easier for the bad guys. Well, we do not need
to put the modules at the very beginning of the assigned slot.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ