Re: [PATCH] livepatch: Prevent to enable uninitialized patch

[Minfei Huang]

On 05/12/15 at 12:49P, Jiri Kosina wrote:
> On Mon, 11 May 2015, Minfei Huang wrote:
> 
> > 1) Patched a patch to fix the issue for module A.
> > 2) livepatch will try to enable the patch, while the corresponding
> > module is loaded ( call klp_module_notify_coming )
> > 3) Firstly, livepatch will do the instruction "obj->mod = mod", whatever
> > the result of klp_module_notify_coming is.
> > 4) livepatch may fail to call the klp_init_object_loaded or
> > klp_enable_object
> > 5) klp_module_notify_coming returns
> > 
> > 6) For the userspace, we can enable the patch again ( disable the patch
> > firstly, then enable the patch from the sysfs )
> > 7) In order to enable the patch, livepatch will call __klp_enable_patch
> > 8) we can pass the limitation (klp_is_object_loaded), because the value
> > of obj->mod is not NULL ( the obj->mod obtains the value from the step 3 )
> > 9) the patch may be applied, although the patch is not initialized, if
> > the value of func->old_addr is not NULL
> > 
> > From the above description, we can see the uninitialized patch ( the
> > patch should be initialized by the klp_init_object_loaded in general )
> > can be applied to the kernel.
> 
> This indeed looks like a valid breakage scenario.
> 
> Could you please resend v2 of this patch with much more detailed 
> description in the changelog? (i.e. some reformulated variation on the 
> text above). Your original submission didn't describe the problem your 
> patch is fixing at all.
> 
> Thanks,

Thanks for your review. I will repost a new patch.

Thanks
Minfei

> 
> -- 
> Jiri Kosina
> SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/