lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 6 Aug 2020 14:03:36 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     Joe Lawrence <joe.lawrence@...hat.com>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] docs/livepatch: Add new compiler considerations doc

On Wed 2020-07-22 15:51:39, Josh Poimboeuf wrote:
> On Wed, Jul 22, 2020 at 01:03:03PM -0400, Joe Lawrence wrote:
> > On 7/21/20 7:04 PM, Josh Poimboeuf wrote:
> > > On Tue, Jul 21, 2020 at 12:14:06PM -0400, Joe Lawrence wrote:
> > > > Compiler optimizations can have serious implications on livepatching.
> > > > Create a document that outlines common optimization patterns and safe
> > > > ways to livepatch them.
> > > > 
> > > > Signed-off-by: Joe Lawrence <joe.lawrence@...hat.com>
> > > 
> > > There's a lot of good info here, but I wonder if it should be
> > > reorganized a bit and instead called "how to create a livepatch module",
> > > because that's really the point of it all.
> > > 
> > 
> > That would be nice.  Would you consider a stand-alone compiler-optimizations
> > doc an incremental step towards that end?  Note that the other files
> > (callbacks, shadow-vars, system-state) in their current form might be as
> > confusing to the newbie.
> 
> It's an incremental step towards _something_.  Whether that's a cohesive
> patch creation guide, or just a growing hodgepodge of random documents,
> it may be too early to say :-)

Yes, it would be nice to have a cohesive documentation. But scattered
pieces are better than nothing.

> > > I'm thinking a newcomer reading this might be lost.  It's not
> > > necessarily clear that there are currently two completely different
> > > approaches to creating a livepatch module, each with their own quirks
> > > and benefits/drawbacks.  There is one mention of a "source-based
> > > livepatch author" but no explanation of what that means.
> > > 
> > 
> > Yes, the initial draft was light on source-based patching since I only
> > really tinker with it for samples/kselftests.  The doc was the result of an
> > experienced livepatch developer and Sunday afternoon w/the compiler. I'm
> > sure it reads as such. :)
> 
> Are experienced livepatch developers the intended audience?  If so I
> question what value this document has in its current form.  Presumably
> experienced livepatch developers would already know this stuff.

IMHO, this document is useful even for newbies. They might at
least get a clue about these catches. It is better than nothing.

I do not want to discourage Joe from creating even better
documentation. But if he does not have interest or time
to work on it, I am happy even for this piece.

Acked-by: Petr Mladek <pmladek@...e.com>

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ