| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2024 17:31:35 -0300 From: Marcos Paulo de Souza <mpdesouza@...e.com> To: Joe Lawrence <joe.lawrence@...hat.com>, Josh Poimboeuf <jpoimboe@...nel.org>, Jiri Kosina <jikos@...nel.org>, Miroslav Benes <mbenes@...e.cz>, Petr Mladek <pmladek@...e.com>, Shuah Khan <shuah@...nel.org> Cc: linux-kernel@...r.kernel.org, live-patching@...r.kernel.org, linux-kselftest@...r.kernel.org Subject: Re: [PATCH] selftests: livepatch: Test atomic replace against multiple modules On Thu, 2024-03-21 at 10:08 -0400, Joe Lawrence wrote: > On 3/12/24 08:12, Marcos Paulo de Souza wrote: > > This new test checks if a livepatch with replace attribute set > > replaces > > all previously applied livepatches. > > > > Signed-off-by: Marcos Paulo de Souza <mpdesouza@...e.com> > > --- > > tools/testing/selftests/livepatch/Makefile | 3 +- > > .../selftests/livepatch/test-atomic-replace.sh | 71 > > ++++++++++++++++++++++ > > 2 files changed, 73 insertions(+), 1 deletion(-) > > > > diff --git a/tools/testing/selftests/livepatch/Makefile > > b/tools/testing/selftests/livepatch/Makefile > > index 35418a4790be..e92f61208d35 100644 > > --- a/tools/testing/selftests/livepatch/Makefile > > +++ b/tools/testing/selftests/livepatch/Makefile > > @@ -10,7 +10,8 @@ TEST_PROGS := \ > > test-state.sh \ > > test-ftrace.sh \ > > test-sysfs.sh \ > > - test-syscall.sh > > + test-syscall.sh \ > > + test-atomic-replace.sh > > > > TEST_FILES := settings > > > > diff --git a/tools/testing/selftests/livepatch/test-atomic- > > replace.sh b/tools/testing/selftests/livepatch/test-atomic- > > replace.sh > > new file mode 100755 > > index 000000000000..09a3dcdcb8de > > --- /dev/null > > +++ b/tools/testing/selftests/livepatch/test-atomic-replace.sh > > @@ -0,0 +1,71 @@ > > +#!/bin/bash > > +# SPDX-License-Identifier: GPL-2.0 > > +# > > +# Copyright (C) 2024 SUSE > > +# Author: Marcos Paulo de Souza <mpdesouza@...e.com> > > + > > +. $(dirname $0)/functions.sh > > + > > +MOD_REPLACE=test_klp_atomic_replace > > + > > +setup_config > > + > > +# - Load three livepatch modules. > > +# - Load one more livepatch with replace being set, and check that > > only one > > +# livepatch module is being listed. > > + > > +start_test "apply one liveptach to replace multiple livepatches" > > + > > +for mod in test_klp_livepatch test_klp_syscall > > test_klp_callbacks_demo; do > > + load_lp $mod > > +done > > + > > +nmods=$(ls /sys/kernel/livepatch | wc -l) > > +if [ $nmods -ne 3 ]; then > > + die "Expecting three modules listed, found $nmods" > > +fi > > + > > +load_lp $MOD_REPLACE replace=1 > > + > > +nmods=$(ls /sys/kernel/livepatch | wc -l) > > +if [ $nmods -ne 1 ]; then > > + die "Expecting only one moduled listed, found $nmods" > > +fi > > + > > +disable_lp $MOD_REPLACE > > +unload_lp $MOD_REPLACE > > + > > +check_result "% insmod test_modules/test_klp_livepatch.ko > > +livepatch: enabling patch 'test_klp_livepatch' > > +livepatch: 'test_klp_livepatch': initializing patching transition > > +livepatch: 'test_klp_livepatch': starting patching transition > > +livepatch: 'test_klp_livepatch': completing patching transition > > +livepatch: 'test_klp_livepatch': patching complete > > +% insmod test_modules/test_klp_syscall.ko > > +livepatch: enabling patch 'test_klp_syscall' > > +livepatch: 'test_klp_syscall': initializing patching transition > > +livepatch: 'test_klp_syscall': starting patching transition > > +livepatch: 'test_klp_syscall': completing patching transition > > +livepatch: 'test_klp_syscall': patching complete > > +% insmod test_modules/test_klp_callbacks_demo.ko > > +livepatch: enabling patch 'test_klp_callbacks_demo' > > +livepatch: 'test_klp_callbacks_demo': initializing patching > > transition > > +test_klp_callbacks_demo: pre_patch_callback: vmlinux > > +livepatch: 'test_klp_callbacks_demo': starting patching transition > > +livepatch: 'test_klp_callbacks_demo': completing patching > > transition > > +test_klp_callbacks_demo: post_patch_callback: vmlinux > > +livepatch: 'test_klp_callbacks_demo': patching complete > > +% insmod test_modules/test_klp_atomic_replace.ko replace=1 > > +livepatch: enabling patch 'test_klp_atomic_replace' > > +livepatch: 'test_klp_atomic_replace': initializing patching > > transition > > +livepatch: 'test_klp_atomic_replace': starting patching transition > > +livepatch: 'test_klp_atomic_replace': completing patching > > transition > > +livepatch: 'test_klp_atomic_replace': patching complete > > +% echo 0 > /sys/kernel/livepatch/test_klp_atomic_replace/enabled > > +livepatch: 'test_klp_atomic_replace': initializing unpatching > > transition > > +livepatch: 'test_klp_atomic_replace': starting unpatching > > transition > > +livepatch: 'test_klp_atomic_replace': completing unpatching > > transition > > +livepatch: 'test_klp_atomic_replace': unpatching complete > > +% rmmod test_klp_atomic_replace" > > + > > +exit 0 > > > > Hi Marcos, > > I'm not against adding a specific atomic replace test, but for a > quick > tl/dr what is the difference between this new test and > test-livepatch.sh's "atomic replace livepatch" test? > > If this one provides better coverage, should we follow up with > removing > the existing one? Hi Joe, thanks for looking at it. To be honest I haven't checked the current use of atomic replace on test-livepatch.sh =/ yes, that's mostly the same case, but in mine I load three modules and then load the third one replacing the others, while in the test- livepatch.sh we have only one module that is loaded, replaced, and then we unload the replaced one. Do you see value in extending the test at test-livepatch.sh to load more than one LP moduled and the replace all of them with another one? I believe that it adds more coverage, while keeping the number of tests the same. Thanks! >
Powered by blists - more mailing lists