lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LSU.2.21.2001281014280.14030@pobox.suse.cz>
Date:   Tue, 28 Jan 2020 10:28:07 +0100 (CET)
From:   Miroslav Benes <mbenes@...e.cz>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
cc:     Peter Zijlstra <peterz@...radead.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        Jessica Yu <jeyu@...nel.org>, x86@...nel.org,
        linux-kernel@...r.kernel.org, mhiramat@...nel.org,
        bristot@...hat.com, jbaron@...mai.com,
        torvalds@...ux-foundation.org, tglx@...utronix.de,
        mingo@...nel.org, namit@...are.com, hpa@...or.com, luto@...nel.org,
        ard.biesheuvel@...aro.org, live-patching@...r.kernel.org,
        Randy Dunlap <rdunlap@...radead.org>
Subject: Re: [PATCH v3 5/6] x86/ftrace: Use text_poke()

On Wed, 22 Jan 2020, Josh Poimboeuf wrote:

> On Wed, Jan 22, 2020 at 11:09:56AM +0100, Miroslav Benes wrote:
> > 
> > > > > At this point, I only see downsides of -flive-patching, at least until
> > > > > we actually have real upstream code which needs it.
> > > > 
> > > > Can you explain this? The option makes GCC to avoid optimizations which 
> > > > are difficult to detect and would make live patching unsafe. I consider it 
> > > > useful as it is, so if you shared the other downsides and what you meant 
> > > > by real upstream code, we could discuss it.
> > > 
> > > Only SLES needs it right?  Why inflict it on other livepatch users?  By
> > > "real upstream code" I mean there's no (documented) way to create live
> > > patches using the method which relies on this flag.  So I don't see any
> > > upstream benefits for having it enabled.
> > 
> > I'd put it differently. SLES and upstream need it, RHEL does not need it. 
> > Or anyone using kpatch-build.
> 
> I'm confused about why you think upstream needs it.
> 
> Is all the tooling available somewhere?  Is there documentation
> available which describes how to build patches using that method from
> start to finish?  Are there actual users other than SUSE?
> 
> BTW, kpatch-build has a *lot* of users other than RHEL.  All its tooling
> and documentation are available on Github.
> 
> > It is perfectly fine to prepare live patches just from the source code
> > using upstream live patching infrastructure. 
> 
> Do you mean the dangerous method used by the livepatch sample code which
> completely ignores interprocedural optimizations?  I wouldn't call that
> perfectly fine.
> 
> > After all, SLES is nothing else than upstream here. We were creating live 
> > patches manually for quite a long time and only recently we have been 
> > using Nicolai's klp-ccp automation (https://github.com/SUSE/klp-ccp).
> > 
> > So, everyone using upstream directly relies on the flag, which seems to be 
> > a clear benefit to me. Reverting the patch would be a step back.
> 
> Who exactly is "everyone using upstream"?
> 
> >From what I can tell, kpatch-build is the only known way (to those
> outside of SUSE) to make safe patches for an upstream kernel.  And it
> doesn't need this flag and the problems associated with it: performance,
> LTO incompatibility, clang incompatibility (I think?), the GCC dead code
> issue.

I don't think we have something special at SUSE not generally available...

...and I don't think it is really important to discuss that and replying 
to the above, because there is a legitimate use case which relies on the 
flag. We decided to support different use cases right at the beginning.

I understand it currently complicates things for objtool, but objtool is 
sensitive to GCC code generation by definition. "Issues" appear with every 
new GCC version. I see no difference here and luckily it is not so 
difficult to fix it.

I am happy to help with acting on those objtool warning reports you 
mentioned in the other email. Just Cc me where appropriate. We will take a 
look.

Regards
Miroslav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ