lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170724150407.jyb33ux2f5iyetvq@treble>
Date:   Mon, 24 Jul 2017 10:04:07 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Joe Lawrence <joe.lawrence@...hat.com>
Cc:     Petr Mladek <pmladek@...e.com>, live-patching@...r.kernel.org,
        linux-kernel@...r.kernel.org, Jessica Yu <jeyu@...hat.com>,
        Jiri Kosina <jikos@...nel.org>, Miroslav Benes <mbenes@...e.cz>
Subject: Re: [PATCH v2 1/2] livepatch: introduce shadow variable API

On Fri, Jul 21, 2017 at 09:55:59AM -0400, Joe Lawrence wrote:
> >>> I would do WARN() in klp_shadow_attach() when the variable
> >>> already existed are return NULL. Of course it might be inoncent
> >>> duplication. But it might mean that someone else is using another
> >>> variable of the same name but with different content. klp_shadow_get()
> >>> would then return the same variable for two different purposes.
> >>> Then the whole system might end like a glass on a stony floor.
> >>
> >> What do you think of expanding the API to include each the cases
> >> outlined above?   Something like:
> >>
> >>   1 - klp_attach = allocate and add a unique <obj, id> to the hash,
> >>                    duplicates return NULL and a WARN
> > 
> > Sounds good.
> > 
> >>   2 - klp_get_or_attach = return <obj, id> if it already exists,
> >>                           otherwise allocate a new one
> > 
> > Sounds good.
> > 
> >>   3 - klp_get_or_update = update and return <obj, id> if it already
> >>                           exists, otherwise allocate a new one
> > 
> > I am not sure where this behavior would make sense. See below.
> > 
> > 
> >> IMHO, I think cases 1 and 3 are most intuitive, so maybe case 2 should
> >> be dropped.  Since you suggested adding klp_get_or_attach(), what do you
> >> think?
> > 
> > I do not agree. Let's look at the example with the missing lock.
> > The patch adds the lock if it did not exist. Then the lock can
> > be used to synchronize all further operations.
> > 
> > klp_get_or_update() would always replace the existing lock
> > with a freshly initialized one. We would loss the information
> > if it was locked or not.
> 
> Ah good point, perhaps we have two situations here:
> 
>   A - A shadow variable that's pointing to some object, like a lock,
>       where the original object is required.  (Your example above.)
> 
>   B - A shadow variable that's storing the data itself.  In other words,
>       instead of attaching a pointer, the whole object was attached:
> 
>         void patched_function()
>         {
>            ...
>            klp_get_or_attach(obj, id, &jiffies, sizeof(jiffies), ...)
>            ...
> 
>       in which case the caller is only interested in pushing in the
>       latest version of jiffies.
> 
> For these I suggest klp_get_or_attach() for case A and
> klp_get_or_update() for case B.

klp_get_or_update() doesn't actually 'get', because even if it does, it
gets updated first.  I think a more precise name would be
klp_update_or_attach().

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ