| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Oct 2019 10:39:01 -0400
From: Joe Lawrence <joe.lawrence@...hat.com>
To: Petr Mladek <pmladek@...e.com>
Cc: Jiri Kosina <jikos@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Miroslav Benes <mbenes@...e.cz>,
Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
Nicolai Stange <nstange@...e.de>,
live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 0/5] livepatch: new API to track system state changes
On Thu, Oct 03, 2019 at 11:01:32AM +0200, Petr Mladek wrote:
> Hi,
>
> this is another piece in the puzzle that helps to maintain more
> livepatches.
>
> Especially pre/post (un)patch callbacks might change a system state.
> Any newly installed livepatch has to somehow deal with system state
> modifications done be already installed livepatches.
>
> This patchset provides a simple and generic API that
> helps to keep and pass information between the livepatches.
> It is also usable to prevent loading incompatible livepatches.
>
> Changes since v2:
>
> + Typo fixes [Miroslav]
> + Move the documentation at the end of the list [Miroslav]
> + Add Miroslav's acks
>
> Changes since v1:
>
> + Use "unsigned long" instead of "int" for "state.id" [Nicolai]
> + Use "unsigned int" instead of "int" for "state.version [Petr]
> + Include "state.h" to avoid warning about non-static func [Miroslav]
> + Simplify logic in klp_is_state_compatible() [Miroslav]
> + Document how livepatches should handle the state [Nicolai]
> + Fix some typos, formulation, module metadata [Joe, Miroslav]
>
> Petr Mladek (5):
> livepatch: Keep replaced patches until post_patch callback is called
> livepatch: Basic API to track system state changes
> livepatch: Allow to distinguish different version of system state
> changes
> livepatch: Documentation of the new API for tracking system state
> changes
> livepatch: Selftests of the API for tracking system state changes
>
> Documentation/livepatch/index.rst | 1 +
> Documentation/livepatch/system-state.rst | 167 +++++++++++++++++++++
> include/linux/livepatch.h | 17 +++
> kernel/livepatch/Makefile | 2 +-
> kernel/livepatch/core.c | 44 ++++--
> kernel/livepatch/core.h | 5 +-
> kernel/livepatch/state.c | 122 +++++++++++++++
> kernel/livepatch/state.h | 9 ++
> kernel/livepatch/transition.c | 12 +-
> lib/livepatch/Makefile | 5 +-
> lib/livepatch/test_klp_state.c | 161 ++++++++++++++++++++
> lib/livepatch/test_klp_state2.c | 190 ++++++++++++++++++++++++
> lib/livepatch/test_klp_state3.c | 5 +
> tools/testing/selftests/livepatch/Makefile | 3 +-
> tools/testing/selftests/livepatch/test-state.sh | 180 ++++++++++++++++++++++
> 15 files changed, 902 insertions(+), 21 deletions(-)
> create mode 100644 Documentation/livepatch/system-state.rst
> create mode 100644 kernel/livepatch/state.c
> create mode 100644 kernel/livepatch/state.h
> create mode 100644 lib/livepatch/test_klp_state.c
> create mode 100644 lib/livepatch/test_klp_state2.c
> create mode 100644 lib/livepatch/test_klp_state3.c
> create mode 100755 tools/testing/selftests/livepatch/test-state.sh
>
> --
> 2.16.4
>
Hi Petr,
Thanks for respinning this one with the latest updates. The
implementation looks fine to me. I have two really minor nits for the
selftest (I'll reply to that commit), but I wouldn't hold up the series
for them.
Acked-by: Joe Lawrence <joe.lawrence@...hat.com>
-- Joe
Powered by blists - more mailing lists