lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200117150323.21801-15-pmladek@suse.com>
Date:   Fri, 17 Jan 2020 16:03:14 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     Jiri Kosina <jikos@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Miroslav Benes <mbenes@...e.cz>
Cc:     Joe Lawrence <joe.lawrence@...hat.com>,
        Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
        Nicolai Stange <nstange@...e.de>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org,
        Petr Mladek <pmladek@...e.com>
Subject: [POC 14/23] livepatch: Never block livepatch modules when the related module is being removed

Originally, it was not possible to remove the single livepatch module when
the code was used during a forced transition. There were no guarantees that
the code was no longer used.

Even the split livepatch modules have to stay when the entire livepatch
gets disabled/replaced and the livepatch modules were used during
a forced transition.

On the other hand, klp_module_going() callback is called when the patched
module is about to be removed. It's code should no longer be used.
The same should be true also for the related livepatch module. Therefore
the livepatch module could always get removed as well.

It allows to load the patched module again in the future. Otherwise,
it would get blocked because the related livepatch module could not
get loaded more times.

Signed-off-by: Petr Mladek <pmladek@...e.com>
---
 kernel/livepatch/core.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index 73462b66f63f..4b55d805f3ec 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -1391,6 +1391,13 @@ void klp_module_going(struct module *mod)
 	klp_for_each_patch(patch) {
 		klp_for_each_object_safe(patch, obj, tmp_obj) {
 			if (obj->name && !strcmp(obj->name, mod->name)) {
+				/*
+				 * The livepatched module is about to be
+				 * destroyed. It's code is no longer used.
+				 * Same is true for the livepatch even when
+				 * it was part of forced transition.
+				 */
+				obj->forced = false;
 				klp_remove_object(obj);
 			}
 		}
-- 
2.16.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ