lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Sep 2019 15:52:59 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     jikos@...nel.org, Joe Lawrence <joe.lawrence@...hat.com>,
        Miroslav Benes <mbenes@...e.cz>, linux-kernel@...r.kernel.org,
        live-patching@...r.kernel.org
Subject: Re: [RFC PATCH 2/2] livepatch: Clear relocation targets on a module
 removal

On Thu 2019-09-05 08:15:02, Josh Poimboeuf wrote:
> On Thu, Sep 05, 2019 at 08:08:32AM -0500, Josh Poimboeuf wrote:
> > On Thu, Sep 05, 2019 at 01:09:55PM +0200, Petr Mladek wrote:
> > > > I don't have a number, but it's very common to patch a function which
> > > > uses jump labels or alternatives.
> > > 
> > > Really? My impression is that both alternatives and jump_labels
> > > are used in hot paths. I would expect them mostly in core code
> > > that is always loaded.
> > > 
> > > Alternatives are often used in assembly that we are not able
> > > to livepatch anyway.
> > > 
> > > Or are they spread widely via some macros or inlined functions?
> > 
> > Jump labels are used everywhere.  Looking at vmlinux.o in my kernel:
> > 
> >   Relocation section [19621] '.rela__jump_table' for section [19620] '__jump_table' at offset 0x197873c8 contains 11913 entries:
> > 
> > Each jump label entry has 3 entries, so 11913/3 = 3971 jump labels.
> > 
> > $ readelf -s vmlinux.o |grep FUNC |wc -l
> > 46902
> > 
> > 3971/46902 = ~8.5%
> > 
> > ~8.5% of functions use jump labels.
> 
> Obviously some functions may use more than one jump label so this isn't
> exactly bulletproof math.  But it gives a rough idea of how widespread
> they are.

It looks scary. I just wonder why we have never met this problem during
last few years.

My only guess is that most of these functions are either in core
kernel or in code that we do not livepatch.

I do not want to say that we should ignore it. I want to
understand the cost and impact of the various approaches.

Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ