| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LSU.2.21.1910091231560.20879@pobox.suse.cz>
Date: Wed, 9 Oct 2019 12:33:33 +0200 (CEST)
From: Miroslav Benes <mbenes@...e.cz>
To: Steven Rostedt <rostedt@...dmis.org>
cc: Joe Lawrence <joe.lawrence@...hat.com>, mingo@...hat.com,
jpoimboe@...hat.com, jikos@...nel.org, pmladek@...e.com,
linux-kernel@...r.kernel.org, live-patching@...r.kernel.org
Subject: Re: [PATCH 0/3] ftrace: Introduce PERMANENT ftrace_ops flag
On Tue, 8 Oct 2019, Steven Rostedt wrote:
> On Tue, 8 Oct 2019 15:35:34 -0400
> Joe Lawrence <joe.lawrence@...hat.com> wrote:
>
> >
> > I wonder if the opposite would be more intuitive: when ftrace_enabled is
> > not set, don't allow livepatches to register ftrace filters and
> > likewise, don't allow ftrace_enabled to be unset if any livepatches are
> > already registered. I guess you could make an argument either way, but
> > just offering another option. Perhaps livepatches should follow similar
> > behavior of other ftrace clients (like perf probes?)
>
> I believe I suggested the "PERMANENT" flag, but disabling ftrace_enable
> may be another approach. Might be much easier to maintain.
You did.
> >
> > As for the approach in this patchset, is it consistent that livepatches
> > loaded after setting ftrace_enabled to 0 will successfully load, but not
> > execute their new code... but then when ftrace_enabled is toggled, the
> > new livepatch code remains on?
No, it is not consistent and was not intended.
> > For example:
> >
> > 1 - Turn ftrace_enabled off and load the /proc/cmdline livepatch test
> > case, note that it reports a success patching transition, but
> > doesn't run new its code:
> >
> > % dmesg -C
> > % sysctl kernel.ftrace_enabled=0
> > kernel.ftrace_enabled = 0
> > % insmod lib/livepatch/test_klp_livepatch.ko
> > % echo $?
> > 0
> > % dmesg
> > [ 450.579980] livepatch: enabling patch 'test_klp_livepatch'
> > [ 450.581243] livepatch: 'test_klp_livepatch': starting patching transition
> > [ 451.942971] livepatch: 'test_klp_livepatch': patching complete
> > % cat /proc/cmdline
> > BOOT_IMAGE=(hd0,msdos1)/boot/vmlinuz-5.4.0-rc2+ root=UUID=c42bb089-b5c1-4e17-82bd-132f55bee54c ro console=ttyS0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 crashkernel=auto
> >
> > 2 - Turn ftrace_enabled on and see that the livepatch now works:
> >
> > % sysctl kernel.ftrace_enabled=1
> > kernel.ftrace_enabled = 1
> > % cat /proc/cmdline
> > test_klp_livepatch: this has been live patched
> >
> > 3 - Turn ftrace_enabled off and see that it's still enabled:
> >
> > % sysctl kernel.ftrace_enabled=0
> > kernel.ftrace_enabled = 0
> > % cat /proc/cmdline
> > test_klp_livepatch: this has been live patched
> >
> > Steps 2 and 3 match the behavior described by the patchset, but I was
> > particularly wondering what you thought about step 1.
> >
> > IMHO, I would expect step 1 to fully enable the livepatch, or at the
> > very least, not report a patch transition (though that may confuse
> > userspace tools waiting for that report).
Yes.
>
> I think I like your idea better. To prevent ftrace_enable from being
> disabled if a "permanent" option is set. Then we only need to have a
> permanent flag for the ftrace_ops, that will disable the ftrace_enable
> from being cleared. We can also prevent the ftrace_ops from being
> loaded if ftrace_enable is not set and the ftrace_ops has the PERMANENT
> flag set.
Agreed. Joe's approach is better. Let me prepare v2.
Thanks
Miroslav
Powered by blists - more mailing lists