| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Mar 2018 12:58:13 +0100
From: Petr Mladek <pmladek@...e.com>
To: Joe Lawrence <joe.lawrence@...hat.com>
Cc: live-patching@...r.kernel.org, linux-kernel@...r.kernel.org,
Josh Poimboeuf <jpoimboe@...hat.com>,
Jessica Yu <jeyu@...nel.org>, Jiri Kosina <jikos@...nel.org>,
Miroslav Benes <mbenes@...e.cz>,
Jason Baron <jbaron@...mai.com>,
Evgenii Shatokhin <eshatokhin@...tuozzo.com>
Subject: Re: [PATCH v0 3/3] livepatch: update documentation for shadow
variables
On Fri 2018-02-23 16:33:50, Joe Lawrence wrote:
> Update livepatch shadow variable documentation with respect to new
> atomic replace / cumulative patch functionality.
>
> Signed-off-by: Joe Lawrence <joe.lawrence@...hat.com>
> ---
> Documentation/livepatch/shadow-vars.txt | 24 ++++++++++++++++++++++++
> 1 file changed, 24 insertions(+)
>
> diff --git a/Documentation/livepatch/shadow-vars.txt b/Documentation/livepatch/shadow-vars.txt
> index 89c66634d600..9a2754cf551c 100644
> --- a/Documentation/livepatch/shadow-vars.txt
> +++ b/Documentation/livepatch/shadow-vars.txt
> @@ -179,6 +179,30 @@ doesn't matter what data value the shadow variable holds, its existence
> suggests how to handle the parent object.
>
>
> +Use in cumulative patches
> +-------------------------
> +
> +Cumulative livepatches provide a "one-stop" module containing all active
> +livepatch code.
I would remove the above sentence. I had troubles to parse and
understand it. I think that the sentence below is better descriptive
and enough :-)
+ A cumulative patch disables and replaces any previously
> +loaded livepatch. Shadow variable lifetimes should be carefully
> +considered when loading cumulative livepatches:
> +
> +- If shadow variables lifetimes are specific to livepatch module
> + versions, it may make sense to free them when the corresponding
> + livepatch module is unloaded.
> +
> +- If shadow variable instances may be safely handled across cumulative
> + livepatch module versions, then it may make sense to free them from
> + unpatch callbacks. When a cumulative patch replaces an existing
> + livepatch, only the cumulative patch's callbacks will be executed.
> + This means that new cumulative livepatches may be loaded while
> + deprecated / disabled livepatches may be unloaded without clearing
> + existing shadow variables.
> +
> +See Documentation/livepatch/callbacks.txt and cumulative.txt for more
s/cumulative.txt/cumulative-patches.txt/
Best Regards,
Petr
Powered by blists - more mailing lists