lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Oct 2018 16:54:56 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Miroslav Benes <mbenes@...e.cz>
Cc:     Jiri Kosina <jikos@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Jason Baron <jbaron@...mai.com>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        Jessica Yu <jeyu@...nel.org>,
        Evgenii Shatokhin <eshatokhin@...tuozzo.com>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v12 06/12] livepatch: Simplify API by removing
 registration step

On Mon 2018-10-15 18:01:43, Miroslav Benes wrote:
> On Fri, 12 Oct 2018, Petr Mladek wrote:
> 
> > On Wed 2018-09-05 11:34:06, Miroslav Benes wrote:
> > > On Tue, 28 Aug 2018, Petr Mladek wrote:
> > > > Also the API and logic is much easier. It is enough to call
> > > > klp_enable_patch() in module_init() call. The patch patch can be disabled
> > > > by writing '0' into /sys/kernel/livepatch/<patch>/enabled. Then the module
> > > > can be removed once the transition finishes and sysfs interface is freed.
> > > 
> > > I think it would be good to discuss our sysfs interface here as well.
> > > 
> > > Writing '1' to enabled attribute now makes sense only when you need to 
> > > reverse an unpatching transition. Writing '0' means "disable" or a 
> > > reversion again.
> > > 
> > > Wouldn't be better to split it to two different attributes? Something like 
> > > "disable" and "reverse"? It could be more intuitive.
> > > 
> > > Maybe we'd also find out that even patch->enabled member is not useful 
> > > anymore in such case.
> > 
> > I though about this as well. I kept "enabled" because:
> > 
> >   + It keeps the public interface the same as before. Most people
> >     would not notice any change in the behavior except maybe that
> >     the interface disappears when the patch gets disabled.
> 
> Well our sysfs interface is still in a testing phase as far as ABI is 
> involved. Moreover, each live patch is bound to its base kernel by 
> definition anyway. So we can change this without remorse, I think.
>  
> >   + The reverse operation makes most sense when the transition
> >     cannot get finished. In theory, it might be problem to
> >     finish even the reversed one. People might want to
> >     reverse once again and force it. Then "reverse" file
> >     might be confusing. They might not know in which direction
> >     they do the reverse.
> 
> I still think it would be better to have a less confusing interface and it 
> would outweigh the second remark.

OK, what about having just "disable" in sysfs. I agree that it makes
much more sense than "enable" now.

It might be used also for the reverse operation the same way as
"enable" was used before. I think that standalone "reverse" might
be confusing when we allow to reverse the operation in both
directions.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ