lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Jun 2017 11:37:25 -0400
From:   Joe Lawrence <joe.lawrence@...hat.com>
To:     live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Josh Poimboeuf <jpoimboe@...hat.com>, Jessica Yu <jeyu@...hat.com>,
        Jiri Kosina <jikos@...nel.org>,
        Miroslav Benes <mbenes@...e.cz>, Petr Mladek <pmladek@...e.com>
Subject: [PATCH v2 0/2] livepatch: add shadow variable API

This is v2 of the shadow variable implementation patchset, incorporating
much of the feedback from the first version:

v2:
  - squashed the Documentation patch with the API implementation patch

  - converted API parameter/return documentation to docbook style comments
    in the .c implementation

  - converted the klp_shadow string descriptor to an unsigned long

  - combined shadow data and klp_shadow structure to one allocation

  - adopted kfree_rcu() suggestion

  - added klp_shadow_get_or_create() to the API to help avoid racing
    klp_shadow_get + klp_shadow_attach() instances

  - added klp_shadow_detach_all() to the API to cleanup a set of
    <*, num> shadow variables

  - created a new set of sample modules to demonstrate the API:
    - a buggy module
    - fix 1 to plug a memory leak in newly allocate data structures
    - fix 2 to add functionality to in-flight data structures

The sample modules are contrived to demonstrate the shadow variable API.
Instead of patching already in-tree code, I created a simple module to
avoid any kallsyms workarounds.  That said, the description and
demonstration debug printing could stand further refinement.  IMHO, the
code is easier to follow than the periodic kernel messages logged.
Suggestions welcome.

Joe Lawrence (2):
  livepatch: introduce shadow variable API
  livepatch: add shadow variable sample programs

 Documentation/livepatch/shadow-vars.txt   | 156 +++++++++++++
 include/linux/livepatch.h                 |   8 +
 kernel/livepatch/Makefile                 |   2 +-
 kernel/livepatch/shadow.c                 | 257 ++++++++++++++++++++++
 samples/Kconfig                           |   5 +-
 samples/livepatch/Makefile                |   3 +
 samples/livepatch/livepatch-shadow-fix1.c | 160 ++++++++++++++
 samples/livepatch/livepatch-shadow-fix2.c | 157 +++++++++++++
 samples/livepatch/livepatch-shadow-mod.c  | 353 ++++++++++++++++++++++++++++++
 9 files changed, 1097 insertions(+), 4 deletions(-)
 create mode 100644 Documentation/livepatch/shadow-vars.txt
 create mode 100644 kernel/livepatch/shadow.c
 create mode 100644 samples/livepatch/livepatch-shadow-fix1.c
 create mode 100644 samples/livepatch/livepatch-shadow-fix2.c
 create mode 100644 samples/livepatch/livepatch-shadow-mod.c

-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ