| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Oct 2019 15:39:01 +0100
From: Miroslav Benes <mbenes@...e.cz>
To: heiko.carstens@...ibm.com, gor@...ux.ibm.com,
borntraeger@...ibm.com, jpoimboe@...hat.com,
joe.lawrence@...hat.com
Cc: linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
jikos@...nel.org, pmladek@...e.com, nstange@...e.de,
live-patching@...r.kernel.org, Miroslav Benes <mbenes@...e.cz>
Subject: [PATCH v2 0/3] s390/livepatch: Implement reliable stack tracing for the consistency model
The livepatch consistency model requires reliable stack tracing
architecture support in order to work properly. In order to achieve
this, two main issues have to be solved. First, reliable and consistent
call chain backtracing has to be ensured. Second, the unwinder needs to
be able to detect stack corruptions and return errors.
The former should be guaranteed (see 3/3 for details), the latter is
implemented by the patch set (mainly 3/3).
It passes livepatch kselftests (with timeout disabled, see
https://lore.kernel.org/live-patching/20191025115041.23186-1-mbenes@suse.cz/)
and tests from https://github.com/lpechacek/qa_test_klp.
Changes since v1 and questions follow:
- rebased on top of v5.4-rc5. It also meant rebasing on top of
ARCH_STACKWALK, which made the outcome nicer and addressed some of
Joe's remarks.
- sp alignment is checked in both _start and _next_frame cases
- ftrace_graph_ret_addr() calling cleanup
- I tried to use the existing infrastructure as much as possible with
one exception. I kept unwind_next_frame_reliable() next to the
ordinary unwind_next_frame(). I did not come up with a nice solution
how to integrate it. The reliable unwinding is executed on a task
stack only, which leads to a nice simplification. My integration
attempts only obfuscated the existing unwind_next_frame() which is
already not easy to read. Ideas are definitely welcome.
- although not nice (Josh mentioned it in his review), I kept checking
for kretprobe_trampoline in the main loop. It could go into _start and
_next_frame callbacks, but more changes would be required (changing a
function return type, ordinary unwinding does not need it). So I did
not think it was worth it. I could change it in v3, of course.
Miroslav Benes (3):
s390/unwind: drop unnecessary code around calling
ftrace_graph_ret_addr()
s390/unwind: prepare the unwinding interface for reliable stack traces
s390/livepatch: Implement reliable stack tracing for the consistency
model
arch/s390/Kconfig | 1 +
arch/s390/include/asm/stacktrace.h | 3 +-
arch/s390/include/asm/unwind.h | 15 +++---
arch/s390/kernel/dumpstack.c | 16 +++++-
arch/s390/kernel/perf_event.c | 2 +-
arch/s390/kernel/stacktrace.c | 48 +++++++++++++++++-
arch/s390/kernel/unwind_bc.c | 79 ++++++++++++++++++++++++------
arch/s390/oprofile/init.c | 2 +-
8 files changed, 139 insertions(+), 27 deletions(-)
--
2.23.0
Powered by blists - more mailing lists