lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LSU.2.21.1908131538010.10477@pobox.suse.cz>
Date:   Tue, 13 Aug 2019 15:43:11 +0200 (CEST)
From:   Miroslav Benes <mbenes@...e.cz>
To:     Petr Mladek <pmladek@...e.com>
cc:     Jiri Kosina <jikos@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
        Nicolai Stange <nstange@...e.de>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 4/5] livepatch: Documentation of the new API for
 tracking system state changes

On Fri, 19 Jul 2019, Petr Mladek wrote:

> Documentation explaining the motivation, capabilities, and usage
> of the new API for tracking system state changes.
> 
> Signed-off-by: Petr Mladek <pmladek@...e.com>
> ---
>  Documentation/livepatch/index.rst        |   1 +
>  Documentation/livepatch/system-state.rst | 167 +++++++++++++++++++++++++++++++
>  2 files changed, 168 insertions(+)
>  create mode 100644 Documentation/livepatch/system-state.rst
> 
> diff --git a/Documentation/livepatch/index.rst b/Documentation/livepatch/index.rst
> index edd291d51847..94bbbc2c8993 100644
> --- a/Documentation/livepatch/index.rst
> +++ b/Documentation/livepatch/index.rst
> @@ -9,6 +9,7 @@ Kernel Livepatching
>  
>      livepatch
>      callbacks
> +    system-state
>      cumulative-patches
>      module-elf-format
>      shadow-vars

This is really a nitpick, but wouldn't it be better to move system-state 
to the end of the list, because it relies on the information from the 
other parts?

> diff --git a/Documentation/livepatch/system-state.rst b/Documentation/livepatch/system-state.rst
> new file mode 100644
> index 000000000000..f04ef2b9089a
> --- /dev/null
> +++ b/Documentation/livepatch/system-state.rst
> @@ -0,0 +1,167 @@
> +====================
> +System State Changes
> +====================
> +
> +Some users are really reluctant to reboot a system. This brings the need
> +to provide more livepatches and maintain some compatibility between them.
> +
> +Maintaining more livepatches is much easier with cumulative livepatches.
> +Each new livepatch completely replaces any older one. It can keep,
> +add, and even remove fixes. And it is typically safe to replace any version
> +of the livepatch with any other one thanks to the atomic replace feature.
> +
> +The problems might come with shadow variables and callbacks. They might
> +change the system behavior or state so that it is not longer safe to

s/not longer/no longer/ (there are more instances of this in the patch).

Miroslav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ