lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LSU.2.21.2409051215140.8559@pobox.suse.cz>
Date: Thu, 5 Sep 2024 12:23:20 +0200 (CEST)
From: Miroslav Benes <mbenes@...e.cz>
To: Wardenjohn <zhangwarden@...il.com>
cc: jpoimboe@...nel.org, jikos@...nel.org, pmladek@...e.com, 
    joe.lawrence@...hat.com, live-patching@...r.kernel.org, 
    linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 2/2] livepatch: Add using attribute to klp_func for
 using function show

Hi,

On Wed, 28 Aug 2024, Wardenjohn wrote:

> One system may contains more than one livepatch module. We can see
> which patch is enabled. If some patches applied to one system
> modifing the same function, livepatch will use the function enabled
> on top of the function stack. However, we can not excatly know
> which function of which patch is now enabling.
> 
> This patch introduce one sysfs attribute of "using" to klp_func.
> For example, if there are serval patches  make changes to function
> "meminfo_proc_show", the attribute "enabled" of all the patch is 1.
> With this attribute, we can easily know the version enabling belongs
> to which patch.
> 
> The "using" is set as three state. 0 is disabled, it means that this
> version of function is not used. 1 is running, it means that this
> version of function is now running. -1 is unknown, it means that
> this version of function is under transition, some task is still
> chaning their running version of this function.
> 
> cat /sys/kernel/livepatch/<patch1>/<object1>/<function1,sympos>/using -> 0
> means that the function1 of patch1 is disabled.
> 
> cat /sys/kernel/livepatch/<patchN>/<object1>/<function1,sympos>/using -> 1
> means that the function1 of patchN is enabled.
> 
> cat /sys/kernel/livepatch/<patchN>/<object1>/<function1,sympos>/using -> -1
> means that the function1 of patchN is under transition and unknown.
> 
> Signed-off-by: Wardenjohn <zhangwarden@...il.com>

I am not a fan. Josh wrote most of my objections already so I will not 
repeat them. I understand that the attribute might be useful but the 
amount of code it adds to sensitive functions like 
klp_complete_transition() is no fun.

Would it be possible to just use klp_transition_patch and implement the 
logic just in using_show()? I have not thought through it completely but 
klp_transition_patch is also an indicator that there is a transition going 
on. It is set to NULL only after all func->transition are false. So if you 
check that, you can assign -1 in using_show() immediately and then just 
look at the top of func_stack.

If possible (and there are corner cases everywhere. Just take a look at 
barriers in all those functions.) and the resulting code is much simpler, 
we might take it. But otherwise this should really be solved in userspace 
using some live patch management tool as Josh said. I mean generally 
because you have much more serious problems without it.

Regards,
Miroslav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ