lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240112-send-lp-kselftests-v6-0-79f3e9a46717@suse.com>
Date: Fri, 12 Jan 2024 14:43:49 -0300
From: Marcos Paulo de Souza <mpdesouza@...e.com>
To: Shuah Khan <shuah@...nel.org>, Jonathan Corbet <corbet@....net>, 
 Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>, 
 Alexander Gordeev <agordeev@...ux.ibm.com>, 
 Christian Borntraeger <borntraeger@...ux.ibm.com>, 
 Sven Schnelle <svens@...ux.ibm.com>, Josh Poimboeuf <jpoimboe@...nel.org>, 
 Jiri Kosina <jikos@...nel.org>, Miroslav Benes <mbenes@...e.cz>, 
 Petr Mladek <pmladek@...e.com>, Joe Lawrence <joe.lawrence@...hat.com>
Cc: linux-kselftest@...r.kernel.org, linux-doc@...r.kernel.org, 
 linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org, 
 live-patching@...r.kernel.org, Marcos Paulo de Souza <mpdesouza@...e.com>
Subject: [PATCH v6 0/3] livepatch: Move modules to selftests and add a new
 test

Changes in v6:
- Rebased on top of 70d201a40823 (thanks Alexander Gordeev!)
- Resolved a conflict because of 43e8832fed08 being reverted
- Resolved a missing static declaration for lp_sys_getpid, since
  -Wmissing-prototypes warning was enabled.
- Retested everything, from running the livepatch selftests from kernel
  source, running from a directory here the testes were installed (Joe's
  usecase), and running from a gen_tar'ed directory. All of them
  executed correctly.
- Added Petr review tags (Thanks!)
- Link to v5: https://lore.kernel.org/r/20240109-send-lp-kselftests-v5-0-364d59a69f12@suse.com

Changes in v5:
* Fixed an issue found by Joe that copied Kbuild files along with the
  test modules to the installation directory.
* Added Joe Lawrense review tags.

Changes in v4:
* Documented how to compile the livepatch selftests without running the
  tests (Joe)
* Removed the mention to lib/livepatch on MAINTAINERS file, reported by
  checkpatch.

Changes in v3:
* Rebased on top of v6.6-rc5
* The commits messages were improved (Thanks Petr!)
* Created TEST_GEN_MODS_DIR variable to point to a directly that contains kernel
  modules, and adapt selftests to build it before running the test.
* Moved test_klp-call_getpid out of test_programs, since the gen_tar
  would just copy the generated test programs to the livepatches dir,
  and so scripts relying on test_programs/test_klp-call_getpid will fail.
* Added a module_param for klp_pids, describing it's usage.
* Simplified the call_getpid program to ignore the return of getpid syscall,
  since we only want to make sure the process transitions correctly to the
  patched stated
* The test-syscall.sh not prints a log message showing the number of remaining
  processes to transition into to livepatched state, and check_output expects it
  to be 0.
* Added MODULE_AUTHOR and MODULE_DESCRIPTION to test_klp_syscall.c

- Link to v3: https://lore.kernel.org/r/20231031-send-lp-kselftests-v3-0-2b1655c2605f@suse.com
- Link to v2: https://lore.kernel.org/linux-kselftest/20220630141226.2802-1-mpdesouza@suse.com/

This patchset moves the current kernel testing livepatch modules from
lib/livepatches to tools/testing/selftest/livepatch/test_modules, and compiles
them as out-of-tree modules before testing.

There is also a new test being added. This new test exercises multiple processes
calling a syscall, while a livepatch patched the syscall.

Why this move is an improvement:
* The modules are now compiled as out-of-tree modules against the current
  running kernel, making them capable of being tested on different systems with
  newer or older kernels.
* Such approach now needs kernel-devel package to be installed, since they are
  out-of-tree modules. These can be generated by running "make rpm-pkg" in the
  kernel source.

What needs to be solved:
* Currently gen_tar only packages the resulting binaries of the tests, and not
  the sources. For the current approach, the newly added modules would be
  compiled and then packaged. It works when testing on a system with the same
  kernel version. But it will fail when running on a machine with different kernel
  version, since module was compiled against the kernel currently running.

  This is not a new problem, just aligning the expectations. For the current
  approach to be truly system agnostic gen_tar would need to include the module
  and program sources to be compiled in the target systems.

Thanks in advance!
  Marcos

Signed-off-by: Marcos Paulo de Souza <mpdesouza@...e.com>
---
Marcos Paulo de Souza (3):
      kselftests: lib.mk: Add TEST_GEN_MODS_DIR variable
      livepatch: Move tests from lib/livepatch to selftests/livepatch
      selftests: livepatch: Test livepatching a heavily called syscall

 Documentation/dev-tools/kselftest.rst              |   4 +
 MAINTAINERS                                        |   1 -
 arch/s390/configs/debug_defconfig                  |   1 -
 arch/s390/configs/defconfig                        |   1 -
 lib/Kconfig.debug                                  |  22 ----
 lib/Makefile                                       |   2 -
 lib/livepatch/Makefile                             |  14 ---
 tools/testing/selftests/lib.mk                     |  26 ++++-
 tools/testing/selftests/livepatch/Makefile         |   5 +-
 tools/testing/selftests/livepatch/README           |  25 +++--
 tools/testing/selftests/livepatch/config           |   1 -
 tools/testing/selftests/livepatch/functions.sh     |  34 +++---
 .../testing/selftests/livepatch/test-callbacks.sh  |  50 ++++-----
 tools/testing/selftests/livepatch/test-ftrace.sh   |   6 +-
 .../testing/selftests/livepatch/test-livepatch.sh  |  10 +-
 .../selftests/livepatch/test-shadow-vars.sh        |   2 +-
 tools/testing/selftests/livepatch/test-state.sh    |  18 ++--
 tools/testing/selftests/livepatch/test-syscall.sh  |  53 ++++++++++
 tools/testing/selftests/livepatch/test-sysfs.sh    |   6 +-
 .../selftests/livepatch/test_klp-call_getpid.c     |  44 ++++++++
 .../selftests/livepatch/test_modules/Makefile      |  20 ++++
 .../test_modules}/test_klp_atomic_replace.c        |   0
 .../test_modules}/test_klp_callbacks_busy.c        |   0
 .../test_modules}/test_klp_callbacks_demo.c        |   0
 .../test_modules}/test_klp_callbacks_demo2.c       |   0
 .../test_modules}/test_klp_callbacks_mod.c         |   0
 .../livepatch/test_modules}/test_klp_livepatch.c   |   0
 .../livepatch/test_modules}/test_klp_shadow_vars.c |   0
 .../livepatch/test_modules}/test_klp_state.c       |   0
 .../livepatch/test_modules}/test_klp_state2.c      |   0
 .../livepatch/test_modules}/test_klp_state3.c      |   0
 .../livepatch/test_modules/test_klp_syscall.c      | 116 +++++++++++++++++++++
 32 files changed, 340 insertions(+), 121 deletions(-)
---
base-commit: 70d201a40823acba23899342d62bc2644051ad2e
change-id: 20231031-send-lp-kselftests-4c917dcd4565

Best regards,
-- 
Marcos Paulo de Souza <mpdesouza@...e.com>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ