lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <FF185094-10E0-4898-96C4-184F96D5B56C@gmail.com>
Date: Thu, 5 Sep 2024 22:17:26 +0800
From: zhang warden <zhangwarden@...il.com>
To: Miroslav Benes <mbenes@...e.cz>
Cc: Josh Poimboeuf <jpoimboe@...nel.org>,
 Jiri Kosina <jikos@...nel.org>,
 Petr Mladek <pmladek@...e.com>,
 Joe Lawrence <joe.lawrence@...hat.com>,
 live-patching@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 2/2] livepatch: Add using attribute to klp_func for
 using function show


Hi Miroslav,
> 
> 
> I am not a fan. Josh wrote most of my objections already so I will not 
> repeat them. I understand that the attribute might be useful but the 
> amount of code it adds to sensitive functions like 
> klp_complete_transition() is no fun.
> 
OK, the point I make changes to klp_complete_transition is that when a transition is going to be complete, we can make sure the function state can go to an end state (0 or 1), which is the most easy way to do so...lol...

> Would it be possible to just use klp_transition_patch and implement the 
> logic just in using_show()? I have not thought through it completely but 
> klp_transition_patch is also an indicator that there is a transition going 
> on. It is set to NULL only after all func->transition are false. So if you 
> check that, you can assign -1 in using_show() immediately and then just 
> look at the top of func_stack.
> 

I will consider it later. If you have any suggestions or other solutions, please let me know.

> If possible (and there are corner cases everywhere. Just take a look at 
> barriers in all those functions.) and the resulting code is much simpler, 
> we might take it. But otherwise this should really be solved in userspace 
> using some live patch management tool as Josh said. I mean generally 
> because you have much more serious problems without it.
> 

I replied to Josh to explain my reason of not using user space tools to maintain livepatch information. Of cause, I put my patch here and tell you the problem I am facing, maybe there some people may face the same problem as me...hah...

We can discuss it, if you have a better idea for that patch, please fell free to tell me.

Also, I forgot to sign at the end of the email I sent Josh, I'm sorry...

Thanks.
Wardenjohn.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ