| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Jan 2020 16:03:12 +0100
From: Petr Mladek <pmladek@...e.com>
To: Jiri Kosina <jikos@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Miroslav Benes <mbenes@...e.cz>
Cc: Joe Lawrence <joe.lawrence@...hat.com>,
Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
Nicolai Stange <nstange@...e.de>,
live-patching@...r.kernel.org, linux-kernel@...r.kernel.org,
Petr Mladek <pmladek@...e.com>
Subject: [POC 12/23] livepatch: Automatically remove livepatch module when the object is freed
Make it easy to deal with the split livepatch modules. Remove the livepatch
modules that livepatched modules when they are no longer used.
It must be done from workqueue context to avoid deadlocks.
It must not be done when klp_add_module() fails because is called from
the livepatch module init callback. The module will not load at
all in this case.
Signed-off-by: Petr Mladek <pmladek@...e.com>
---
include/linux/livepatch.h | 4 ++++
kernel/livepatch/core.c | 19 ++++++++++++++++++-
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h
index e021e512b207..4afb7f3a5a36 100644
--- a/include/linux/livepatch.h
+++ b/include/linux/livepatch.h
@@ -115,6 +115,8 @@ struct klp_callbacks {
* @dynamic: temporary object for nop functions; dynamically allocated
* @patched: the object's funcs have been added to the klp_ops list
* @forced: was involved in a forced transition
+ * @add_err: failed to add the object when loading the livepatch module
+ * @remove_work: remove module from workqueue-context
*/
struct klp_object {
/* external */
@@ -131,6 +133,8 @@ struct klp_object {
bool dynamic;
bool patched;
bool forced;
+ bool add_err;
+ struct work_struct remove_work;
};
/**
diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index 2f15ff360676..6c51b194da57 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -556,8 +556,14 @@ static void klp_kobj_release_object(struct kobject *kobj)
return;
}
- if (klp_is_module(obj) && !obj->forced)
+ if (obj->forced || !klp_is_module(obj))
+ return;
+
+ /* Must not explicitely remove module when adding failed. */
+ if (obj->add_err)
module_put(obj->mod);
+ else
+ schedule_work(&obj->remove_work);
}
static struct kobj_type klp_ktype_object = {
@@ -677,6 +683,14 @@ static void klp_free_patch_finish(struct klp_patch *patch)
module_put(patch->obj->mod);
}
+static void klp_remove_module_work_fn(struct work_struct *work)
+{
+ struct klp_object *obj =
+ container_of(work, struct klp_object, remove_work);
+
+ module_put_and_delete(obj->mod);
+}
+
/*
* The livepatch might be freed from sysfs interface created by the patch.
* This work allows to wait until the interface is destroyed in a separate
@@ -835,6 +849,8 @@ static int klp_init_object_early(struct klp_patch *patch,
kobject_init(&obj->kobj, &klp_ktype_object);
list_add_tail(&obj->node, &patch->obj_list);
obj->forced = false;
+ obj->add_err = false;
+ INIT_WORK(&obj->remove_work, klp_remove_module_work_fn);
klp_for_each_func_static(obj, func) {
klp_init_func_early(obj, func);
@@ -1063,6 +1079,7 @@ int klp_add_object(struct klp_object *obj)
return 0;
err_free:
+ obj->add_err = true;
klp_free_object(obj, false);
err:
/*
--
2.16.4
Powered by blists - more mailing lists