lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 7 Jun 2024 15:06:14 +0200 (CEST)
From: Miroslav Benes <mbenes@...e.cz>
To: Song Liu <song@...nel.org>
cc: live-patching@...r.kernel.org, linux-kernel@...r.kernel.org, 
    jpoimboe@...nel.org, jikos@...nel.org, pmladek@...e.com, 
    joe.lawrence@...hat.com, nathan@...nel.org, morbo@...gle.com, 
    justinstitt@...gle.com, mcgrof@...nel.org, thunder.leizhen@...wei.com, 
    kees@...nel.org, kernel-team@...a.com
Subject: Re: [PATCH] kallsyms, livepatch: Fix livepatch with
 CONFIG_LTO_CLANG

Hi,

On Tue, 4 Jun 2024, Song Liu wrote:

> With CONFIG_LTO_CLANG, the compiler may postfix symbols with .llvm.<hash>
> to avoid symbol duplication. scripts/kallsyms.c sorted the symbols
> without these postfixes. The default symbol lookup also removes these
> postfixes before comparing symbols.
> 
> On the other hand, livepatch need to look up symbols with the full names.
> However, calling kallsyms_on_each_match_symbol with full name (with the
> postfix) cannot find the symbol(s). As a result, we cannot livepatch
> kernel functions with .llvm.<hash> postfix or kernel functions that use
> relocation information to symbols with .llvm.<hash> postfixes.
> 
> Fix this by calling kallsyms_on_each_match_symbol without the postfix;
> and then match the full name (with postfix) in klp_match_callback.
> 
> Signed-off-by: Song Liu <song@...nel.org>
> ---
>  include/linux/kallsyms.h | 13 +++++++++++++
>  kernel/kallsyms.c        | 21 ++++++++++++++++-----
>  kernel/livepatch/core.c  | 32 +++++++++++++++++++++++++++++++-
>  3 files changed, 60 insertions(+), 6 deletions(-)

I do not like much that something which seems to be kallsyms-internal is 
leaked out. You need to export cleanup_symbol_name() and there is now a 
lot of code outside. I would feel much more comfortable if it is all 
hidden from kallsyms users and kept there. Would it be possible?

Moreover, isn't there a similar problem for ftrace, kprobes, ebpf,...?

Thank you,
Miroslav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ