lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1A0E6D0A-4245-4F44-8667-CDD86A925347@gmail.com>
Date: Wed, 24 Jul 2024 23:20:34 +0800
From: zhang warden <zhangwarden@...il.com>
To: Petr Mladek <pmladek@...e.com>
Cc: Miroslav Benes <mbenes@...e.cz>,
 Josh Poimboeuf <jpoimboe@...nel.org>,
 Jiri Kosina <jikos@...nel.org>,
 Joe Lawrence <joe.lawrence@...hat.com>,
 live-patching@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] livepatch: Add using attribute to klp_func for using func
 show


Hi Petr!

> The value is useless when the transition is in progress.
> You simply do not know which variant is used in this case.
> 
Yes, I agree that if the patch is in transition, we can not know which version of this function is running by one task.

As my previous explanation, each patch have a state "transition" to show if this patch is under transition state. If this function "using" is 1, it shows that this function is going to become the version to be use, but not all the task use this newest version because some task is under transition (this is the "unknown" state from your opinion).

> Which brings the question how exactly you use the value.
> Could you please provide an example of decision which you make based
> on the value?
> 

Here I can give you an example.
We are going to fix a problem of io_uring.
Our team made a livepatch of io_sq_offload_create.
This livepatch module is deployed to some running servers.

Then, another team make some change to the same function and deployed it to the same cluster.

Finally, they found that there are some livepatch module modifying the same function io_sq_offload_create. But none of them can tell which version of io_sq_offload_create is now exactly running in the system.

We can only use crash to debug /proc/kcore to see if we can get more information from the kcore.

If livepatch can tell which version of the function is now running or going to run, it will be very useful.
> If we agree that it makes sense then we should make it 3-state
> where the meaning of values would be:
> 
>   -1: unknown (transition in progress)
>   0: unused
>   1: used
> 

Yeah, I agree with this state. I combine "transition" and "using" to tell the unknown state. It can be better if this state can be shown in using flag.

Thanks!
Wardenjohn



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ