lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20191004143901.GA3768@redhat.com>
Date:   Fri, 4 Oct 2019 10:39:01 -0400
From:   Joe Lawrence <joe.lawrence@...hat.com>
To:     Petr Mladek <pmladek@...e.com>
Cc:     Jiri Kosina <jikos@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Miroslav Benes <mbenes@...e.cz>,
        Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
        Nicolai Stange <nstange@...e.de>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 0/5] livepatch: new API to track system state changes

On Thu, Oct 03, 2019 at 11:01:32AM +0200, Petr Mladek wrote:
> Hi,
> 
> this is another piece in the puzzle that helps to maintain more
> livepatches.
> 
> Especially pre/post (un)patch callbacks might change a system state.
> Any newly installed livepatch has to somehow deal with system state
> modifications done be already installed livepatches.
> 
> This patchset provides a simple and generic API that
> helps to keep and pass information between the livepatches.
> It is also usable to prevent loading incompatible livepatches.
> 
> Changes since v2:
> 
>   + Typo fixes [Miroslav]
>   + Move the documentation at the end of the list [Miroslav]
>   + Add Miroslav's acks
> 
> Changes since v1:
> 
>   + Use "unsigned long" instead of "int" for "state.id" [Nicolai]
>   + Use "unsigned int" instead of "int" for "state.version [Petr]
>   + Include "state.h" to avoid warning about non-static func [Miroslav]
>   + Simplify logic in klp_is_state_compatible() [Miroslav]
>   + Document how livepatches should handle the state [Nicolai]
>   + Fix some typos, formulation, module metadata [Joe, Miroslav]
> 
> Petr Mladek (5):
>   livepatch: Keep replaced patches until post_patch callback is called
>   livepatch: Basic API to track system state changes
>   livepatch: Allow to distinguish different version of system state
>     changes
>   livepatch: Documentation of the new API for tracking system state
>     changes
>   livepatch: Selftests of the API for tracking system state changes
> 
>  Documentation/livepatch/index.rst               |   1 +
>  Documentation/livepatch/system-state.rst        | 167 +++++++++++++++++++++
>  include/linux/livepatch.h                       |  17 +++
>  kernel/livepatch/Makefile                       |   2 +-
>  kernel/livepatch/core.c                         |  44 ++++--
>  kernel/livepatch/core.h                         |   5 +-
>  kernel/livepatch/state.c                        | 122 +++++++++++++++
>  kernel/livepatch/state.h                        |   9 ++
>  kernel/livepatch/transition.c                   |  12 +-
>  lib/livepatch/Makefile                          |   5 +-
>  lib/livepatch/test_klp_state.c                  | 161 ++++++++++++++++++++
>  lib/livepatch/test_klp_state2.c                 | 190 ++++++++++++++++++++++++
>  lib/livepatch/test_klp_state3.c                 |   5 +
>  tools/testing/selftests/livepatch/Makefile      |   3 +-
>  tools/testing/selftests/livepatch/test-state.sh | 180 ++++++++++++++++++++++
>  15 files changed, 902 insertions(+), 21 deletions(-)
>  create mode 100644 Documentation/livepatch/system-state.rst
>  create mode 100644 kernel/livepatch/state.c
>  create mode 100644 kernel/livepatch/state.h
>  create mode 100644 lib/livepatch/test_klp_state.c
>  create mode 100644 lib/livepatch/test_klp_state2.c
>  create mode 100644 lib/livepatch/test_klp_state3.c
>  create mode 100755 tools/testing/selftests/livepatch/test-state.sh
> 
> -- 
> 2.16.4
> 

Hi Petr,

Thanks for respinning this one with the latest updates.  The
implementation looks fine to me.  I have two really minor nits for the
selftest (I'll reply to that commit), but I wouldn't hold up the series
for them.

Acked-by: Joe Lawrence <joe.lawrence@...hat.com>

-- Joe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ