lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190208132238.GA32656@JAVRIS.in.ibm.com>
Date:   Fri, 8 Feb 2019 18:52:38 +0530
From:   Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>
To:     Miroslav Benes <mbenes@...e.cz>
Cc:     Petr Mladek <pmladek@...e.com>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Alice Ferrazzi <alicef@...cef.me>, jeyu@...nel.org,
        jikos@...nel.org, live-patching@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Alice Ferrazzi <alice.ferrazzi@...aclelinux.com>
Subject: Re: [PATCH v2] livepatch: core: Return EOPNOTSUPP instead of ENOSYS

Hi Miroslav,

On Fri, Feb 08, 2019 at 10:24:21AM +0100, Miroslav Benes wrote:
> Hi Kamalesh,
> 
> On Fri, 8 Feb 2019, Kamalesh Babulal wrote:
> 
> > On Wed, Feb 06, 2019 at 11:28:32AM +0100, Petr Mladek wrote:
> > > On Tue 2019-02-05 09:59:33, Josh Poimboeuf wrote:
> > > > On Tue, Feb 05, 2019 at 03:33:28AM +0900, Alice Ferrazzi wrote:
> > > > > From: Alice Ferrazzi <alice.ferrazzi@...aclelinux.com>
> > > > > 
> > > > > As a result of an unsupported operation is better to use EOPNOTSUPP
> > > > > as error code.
> > > > > ENOSYS is only used for 'invalid syscall nr' and nothing else.

[...]

> > After removal of the immediate flag by
> > commit d0807da78e11 ("livepatch: Remove immediate feature"), every
> > architecture enabling livepatching is required to have implemented
> > reliable stack trace.  Is it a better idea to make
> > HAVE_RELIABLE_STACKTRACE a config dependency, which will disable
> > livepatching support for architectures without reliable stack trace
> > function during kernel build?
> 
> if I am not mistaken, s390x is currently the only one which is supported 
> (the redirection works) but has no reliable stacktraces (so far, it is my 
> plan to take a look soon).
> 
> Theoretically, it could still work. We have the fake signal and we can 
> force the remaining tasks (kthreads). It is not something to be used in 
> production but it could make sense for a limited testing.

That was my understanding too, s390 doesn't set HAVE_RELIABLE_STACKTRACE.

(below output is right trimmed for readability)

arch $ find . -name 'Kconfig'|xargs egrep -an "HAVE_LIVEPATCH"                                                                                                                                                                               
./powerpc/Kconfig:209:  select HAVE_LIVEPATCH ...
./x86/Kconfig:171:      select HAVE_LIVEPATCH ...
./s390/Kconfig:161:     select HAVE_LIVEPATCH

arch $ find . -name 'Kconfig'|xargs egrep -an "HAVE_RELIABLE_STACKTRACE"                                                                                                                                                                     
./powerpc/Kconfig:223:  select HAVE_RELIABLE_STACKTRACE ...
./x86/Kconfig:189:      select HAVE_RELIABLE_STACKTRACE ...
./Kconfig:690:config HAVE_RELIABLE_STACKTRACE

klp_have_reliable_stack() will guard against loading of livepatching
module on s390, for the same reason being that HAVE_RELIABLE_STACKTRACE
is not set. My explanation is purely based on the above grep output
on Kconfig files, which might be partial. Am I missing something here?

> > The idea is to remove klp_have_reliable_stack() by moving
> > CONFIG_HAVE_RELIABLE_STACKTRACE as a config dependency to Kconfig file
> > and adding the other CONFIG_STACKTRACE as a config dependency is not
> > required, as it's selected via CONFIG_DYNAMIC_FTRACE_WITH_REGS
> > dependency chain. With the patch on architecture without
> > HAVE_RELIABLE_STACKTRACE, the user should see:

[...]

> > diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> > index fe1993399823..9a80f7574d75 100644
> > --- a/kernel/livepatch/core.c
> > +++ b/kernel/livepatch/core.c
> > @@ -1002,12 +1002,6 @@ int klp_enable_patch(struct klp_patch *patch)
> >         if (!klp_initialized())
> >                 return -ENODEV;
> >  
> > -       if (!klp_have_reliable_stack()) {
> > -               pr_err("This architecture doesn't have support for the livepatch consistency model.\n");
> > -               return -ENOSYS;
> > -       }
> > -
> > -
> >         mutex_lock(&klp_mutex);
> >  
> >         ret = klp_init_patch_early(patch);
> 
> On the other hand, I like this change. So we have two options, I think. 
> We can apply this and wait if someone complains (because of s390x 
> testing), or we can wait for the full support of s390x and then enforce 
> it.

Thanks, I am ok with either of the options.  We could enforce the config
dependency, in case the above assumption in regard to s390 is correct.

Thanks,
Kamalesh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ