lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Y1/xp7OBgu3qGUKz@alley>
Date:   Mon, 31 Oct 2022 17:02:47 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     Marcos Paulo de Souza <mpdesouza@...e.com>
Cc:     linux-kernel@...r.kernel.org, live-patching@...r.kernel.org,
        jpoimboe@...hat.com, joe.lawrence@...hat.com
Subject: Re: [PATCH v2 3/4] livepatch/shadow: Introduce klp_shadow_type
 structure

On Wed 2022-10-26 16:41:21, Marcos Paulo de Souza wrote:
> The shadow variable type will be used in klp_shadow_alloc/get/free
> functions instead of id/ctor/dtor parameters. As a result, all callers
> use the same callbacks consistently[*][**].
> 
> The structure will be used in the next patch that will manage the
> lifetime of shadow variables and execute garbage collection automatically.
> 
> [*] From the user POV, it might have been easier to pass $id instead
>     of pointer to struct klp_shadow_type.
> 
>     It would require registering the klp_shadow_type so that
>     the klp_shadow API could find ctor/dtor for the given id.
>     It actually will be needed for the garbage collection anyway
>     because it will define the lifetime of the variables.
> 
>     The bigger problem is that the same klp_shadow_type might be
>     used by more livepatch modules. Each livepatch module need
>     to duplicate the definition of klp_shadow_type and ctor/dtor
>     callbacks. The klp_shadow API would need to choose one registered
>     copy.
> 
>     The definitions should be compatible and they should stay as long
>     as the type is registered. But it still feels more safe when
>     klp_shadow API callers use struct klp_shadow_type and ctor/dtor
>     callbacks defined in the same livepatch module.
> 
>     This problem is gone when each livepatch explicitly uses its
>     own struct klp_shadow_type pointing to its own callbacks.

This paragraph seems redundant. It more or less repeats what
is said in the previous one.


> [**] test_klp_shadow_vars.c uses a custom @dtor to show that it was called.
>     The message must be disabled when called via klp_shadow_free_all()
>     because the ordering of freed variables is not well defined there.
>     It has to be done using another hack after switching to
>     klp_shadow_types.
> 
> Co-developed-by: Petr Mladek <pmladek@...e.com>
> Signed-off-by: Petr Mladek <pmladek@...e.com>
> Signed-off-by: Marcos Paulo de Souza <mpdesouza@...e.com>

I am never sure how the co-authoring should be done ;-) But I believe
that the author should always be the first one. And the other author
should be listed either by Co-developer-by: or by Signed-off-by: but
not by both tags. So, it should be:

Signed-off-by: Marcos Paulo de Souza <mpdesouza@...e.com>
Co-developed-by: Petr Mladek <pmladek@...e.com>


With the removed paragraph and updated tags:

Reviewed-by: Petr Mladek <pmladek@...e.com>

Best Regards,
Petr


PS: No need to resend the patch. I could do the two changes
    when pushing it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ