lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181214142409.sths2pkn7o7xdt2t@treble>
Date:   Fri, 14 Dec 2018 08:24:09 -0600
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Petr Mladek <pmladek@...e.com>
Cc:     Joe Lawrence <joe.lawrence@...hat.com>,
        Miroslav Benes <mbenes@...e.cz>,
        Jiri Kosina <jikos@...nel.org>,
        Jason Baron <jbaron@...mai.com>,
        Evgenii Shatokhin <eshatokhin@...tuozzo.com>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v14 05/11] livepatch: Simplify API by removing
 registration step

On Fri, Dec 14, 2018 at 10:40:16AM +0100, Petr Mladek wrote:
> On Thu 2018-12-13 16:29:59, Josh Poimboeuf wrote:
> > On Thu, Dec 06, 2018 at 09:36:06AM -0500, Joe Lawrence wrote:
> > > On 12/06/2018 05:14 AM, Petr Mladek wrote:
> > > > On Thu 2018-12-06 10:23:40, Miroslav Benes wrote:
> > > >> On Thu, 6 Dec 2018, Petr Mladek wrote:
> > > >>
> > > >>> On Wed 2018-12-05 14:32:53, Joe Lawrence wrote:
> > > >>>>> diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> > > >>>>> index 972520144713..e01dfa3b58d2 100644
> > > >>>>> --- a/kernel/livepatch/core.c
> > > >>>>> +++ b/kernel/livepatch/core.c
> > > >>>>> @@ -45,7 +45,7 @@
> > > >>>>>   */
> > > >>>>>  DEFINE_MUTEX(klp_mutex);
> > > >>>>>  
> > > >>>>> -/* Registered patches */
> > > >>>>> +/* Actively used patches. */
> > > >>>>>  LIST_HEAD(klp_patches);
> > > >>>>
> > > >>>> By itself, this comment makes me wonder if there are un-active and/or
> > > >>>> un-used patches that I need to worry about.  After this patchset,
> > > >>>> klp_patches will include patches that have been enabled and those that
> > > >>>> have been replaced, but the replacement transition is still in progress.  
> > > >>>>
> > > >>>> If that sounds accurate, how about adding to the comment:
> > > >>>>
> > > >>>> /* Actively used patches: enabled or replaced and awaiting transition */
> > > >>>
> > > >>> The replaced patches are not in the list. This is why I used the word
> > > >>> "actively".
> > > >>
> > > 
> > > After writing out my suggestion I realized that's why you chose
> > > "actively" and almost erased my comment.  I think the extra text would
> > > help a fresh reader of the code, so ...
> > > 
> > > >> The replaced patches are removed in klp_discard_replaced_patches(), which 
> > > >> is called from klp_complete_transition(). Joe is right. The patches are in 
> > > >> the list if a transition is still in progress.
> > > > 
> > > > These are patches that are being replaced. The replaced (after the
> > > >  transition finishes) are not in the list.
> > > > 
> > > > By other word, Joe's text could be understand that replaced patches
> > > > will never get removed from the list.
> > > >
> > > > So, is the text below acceptable?
> > > > 
> > > > /*
> > > >  * Actively used patches: enabled or in transition. Note that replaced
> > > >  * or disabled patches are not listed even though the related kernel
> > > >  * module still can be loaded.
> > > >  */
> > > 
> > > Yes this works and is more accurate than my original suggestion.
> > 
> > >From my perspective, no comment is needed at all, and _any_ comment just
> > serves to add confusion -- including the above one.  But maybe that's
> > because I already know that disabled and replace patches get discarded.
> 
> Exactly. If I saw this code for the first time, I would find this
> comment useful.
> 
> I often miss these top-level descriptions because they help to
> get the picture about the code design.
> 
> Finally, the usage of the list has similar complexity as
> the use of klp_mutex. There mutex has even longer comment.
> 
> I will use the longer text if you are not strictly against.

Ok, fair enough.

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ