lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 11 Apr 2017 13:07:48 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Josh Poimboeuf <jpoimboe@...hat.com>,
        Miroslav Benes <mbenes@...e.cz>
Cc:     Jessica Yu <jeyu@...hat.com>, Jiri Kosina <jikos@...nel.org>,
        linux-kernel@...r.kernel.org, live-patching@...r.kernel.org,
        Petr Mladek <pmladek@...e.com>
Subject: [PATCH] livepatch: Cancel transition a safe way for immediate patches

klp_init_transition() does not set func->transition for immediate patches.
Then klp_ftrace_handler() could use the new code immediately. As a result,
it is not safe to put the livepatch module in klp_cancel_transition().

This patch reverts most of the last minute changes klp_cancel_transition().
It keeps the warning about a misuse because it still makes sense.

Signed-off-by: Petr Mladek <pmladek@...e.com>
---
Hi,

I am afraid that Mirek was not right in the mail
https://lkml.kernel.org/r/alpine.LSU.2.20.1702161504020.16310@pobox.suse.cz
IMHO, it is not safe to put the module when the immediate
patch cannot be applied.

Best Regards,
Petr

 kernel/livepatch/transition.c | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/kernel/livepatch/transition.c b/kernel/livepatch/transition.c
index 2de09e0c4e5c..adc0cc64aa4b 100644
--- a/kernel/livepatch/transition.c
+++ b/kernel/livepatch/transition.c
@@ -120,31 +120,11 @@ static void klp_complete_transition(void)
  */
 void klp_cancel_transition(void)
 {
-	struct klp_patch *patch = klp_transition_patch;
-	struct klp_object *obj;
-	struct klp_func *func;
-	bool immediate_func = false;
-
 	if (WARN_ON_ONCE(klp_target_state != KLP_PATCHED))
 		return;
 
 	klp_target_state = KLP_UNPATCHED;
 	klp_complete_transition();
-
-	/*
-	 * In the enable error path, even immediate patches can be safely
-	 * removed because the transition hasn't been started yet.
-	 *
-	 * klp_complete_transition() doesn't have a module_put() for immediate
-	 * patches, so do it here.
-	 */
-	klp_for_each_object(patch, obj)
-		klp_for_each_func(obj, func)
-			if (func->immediate)
-				immediate_func = true;
-
-	if (patch->immediate || immediate_func)
-		module_put(patch->mod);
 }
 
 /*
-- 
1.8.5.6

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ