lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 22 Jul 2020 13:03:03 -0400
From:   Joe Lawrence <joe.lawrence@...hat.com>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] docs/livepatch: Add new compiler considerations doc

On 7/21/20 7:04 PM, Josh Poimboeuf wrote:
> On Tue, Jul 21, 2020 at 12:14:06PM -0400, Joe Lawrence wrote:
>> Compiler optimizations can have serious implications on livepatching.
>> Create a document that outlines common optimization patterns and safe
>> ways to livepatch them.
>>
>> Signed-off-by: Joe Lawrence <joe.lawrence@...hat.com>
> 
> There's a lot of good info here, but I wonder if it should be
> reorganized a bit and instead called "how to create a livepatch module",
> because that's really the point of it all.
> 

That would be nice.  Would you consider a stand-alone 
compiler-optimizations doc an incremental step towards that end?  Note 
that the other files (callbacks, shadow-vars, system-state) in their 
current form might be as confusing to the newbie.

> I'm thinking a newcomer reading this might be lost.  It's not
> necessarily clear that there are currently two completely different
> approaches to creating a livepatch module, each with their own quirks
> and benefits/drawbacks.  There is one mention of a "source-based
> livepatch author" but no explanation of what that means.
> 

Yes, the initial draft was light on source-based patching since I only 
really tinker with it for samples/kselftests.  The doc was the result of 
an experienced livepatch developer and Sunday afternoon w/the compiler. 
I'm sure it reads as such. :)

> Maybe it could begin with an overview of the two approaches, and then
> delve more into the details of each approach, and then delve even more
> into the gory details about compiler optimizations.
> 

Up until now, the livepatch documentation has danced around the 
particular creation method and only described the API in abstract.  If a 
compiler considerations doc needs to have that complete context then I'd 
suggest we reorganize the entire lot as a prerequisite.

> Also the kpatch-build section can reference the patch author guide which
> we have on github.
> 

Good point.  I think there are a few kpatch-specific implications 
(sibling call changes maybe) to consider.

-- Joe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ