Re: [PATCH v10 02/15] livepatch: avoid position-based search if `-z unique-symbol` is available

[Josh Poimboeuf]

On Mon, Feb 14, 2022 at 01:24:33PM +0100, Alexander Lobakin wrote:
> > One idea I mentioned before, it may be worth exploring changing the "F"
> > in FGKASLR to "File" instead of "Function".  In other words, only
> > shuffle at an object-file granularity.  Then, even with duplicates, the
> > <file+function> symbol pair doesn't change in the symbol table.  And as
> > a bonus, it should help FGKASLR i-cache performance, significantly.
> 
> Yeah, I keep that in mind. However, this wouldn't solve the
> duplicate static function names problem, right?
> Let's say you have a static function f() in file1 and f() in file2,
> then the layout each boot can be
> 
> .text.file1  or  .text.file2
> f()              f()
> .text.file2      .text.file1
> f()              f()
> 
> and position-based search won't work anyway, right?

Right, so we'd have to abandon position-based search in favor of
file+func based search.

It's not perfect because there are still a few file+func duplicates.
But it might be good enough.  We would presumably just refuse to patch a
duplicate.  Or we could remove them (and enforce their continued removal
with tooling-based warnings).

Another variant of this which I described here

  https://lore.kernel.org/all/20210125172124.awabevkpvq4poqxf@treble/

would be to keep it function-granular, but have kallsyms keep track of
what file each func belongs to.  Then livepatch could still do the
file+func based search.

-- 
Josh