From: sashiko-bot@kernel.org
To: jikos@kernel.org, joe.lawrence@redhat.com, song@kernel.org,
mbenes@suse.cz, jpoimboe@kernel.org, pmladek@suse.com
Cc: live-patching@vger.kernel.org, "Yafang Shao" <laoar.shao@gmail.com>
Subject: Re: [PATCH v2 1/4] livepatch: Make klp_find_func() non-static
Date: Fri, 29 May 2026 04:01:30 +0000 [thread overview]
Message-ID: <20260529040130.95A9C1F00893@smtp.kernel.org> (raw)
In-Reply-To: <20260529034542.68766-2-laoar.shao@gmail.com>
Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
New issues:
- [Low] klp_find_func() is improperly exposed in the global public header, breaking encapsulation and introducing potential build/linkage errors.
Pre-existing issues:
- [High] klp_find_func() lacks input validation, exacerbating a pre-existing NULL pointer dereference vulnerability during livepatch loading.
--
commit 0b93025e6e1dd48057bb98e4d5e13741daab118e
Author: Yafang Shao <laoar.shao@gmail.com>
livepatch: Make klp_find_func() non-static
This commit exposes klp_find_func() by moving it out of the static scope
to make it available outside of core.c for reuse in upcoming patches.
> diff --git a/include/linux/livepatch.h b/include/linux/livepatch.h
> index ba9e3988c07c3..70854f542c33e 100644
> --- a/include/linux/livepatch.h
> +++ b/include/linux/livepatch.h
> @@ -215,6 +215,10 @@ int klp_apply_section_relocs(struct module *pmod, Elf_Shdr *sechdrs,
> unsigned int symindex, unsigned int secindex,
> const char *objname);
>
> +struct klp_func *klp_find_func(struct klp_object *obj,
> + struct klp_func *old_func);
> +
[Severity: Low]
Does this declaration belong in kernel/livepatch/core.h instead? It lacks
an EXPORT_SYMBOL_GPL() and a stub for when !CONFIG_LIVEPATCH is set.
[ ... ]
> diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> index 28d15ba58a26d..e97df3e59057b 100644
> --- a/kernel/livepatch/core.c
> +++ b/kernel/livepatch/core.c
> @@ -82,8 +82,8 @@ static bool klp_initialized(void)
> return !!klp_root_kobj;
> }
>
> -static struct klp_func *klp_find_func(struct klp_object *obj,
> - struct klp_func *old_func)
> +struct klp_func *klp_find_func(struct klp_object *obj,
> + struct klp_func *old_func)
> {
> struct klp_func *func;
[Severity: High]
This is a pre-existing issue, but does this function dereference a NULL
pointer if old_name is NULL?
If a newly loaded livepatch provides a function entry with a NULL old_name,
func->old_name will be NULL when evaluated in strcmp():
klp_init_patch()
klp_add_nops()
klp_find_func()
strcmp(old_func->old_name, func->old_name)
Could a check be added for NULL before calling strcmp()?
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260529034542.68766-1-laoar.shao@gmail.com?part=1
next prev parent reply other threads:[~2026-05-29 4:01 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-29 3:45 [PATCH v2 0/4] livepatch: Introduce replace set support Yafang Shao
2026-05-29 3:45 ` [PATCH v2 1/4] livepatch: Make klp_find_func() non-static Yafang Shao
2026-05-29 4:01 ` sashiko-bot [this message]
2026-05-29 9:07 ` Yafang Shao
2026-05-29 3:45 ` [PATCH v2 2/4] livepatch: Support scoped atomic replace using replace_set Yafang Shao
2026-05-29 4:32 ` sashiko-bot
2026-05-29 9:11 ` Yafang Shao
2026-05-29 3:45 ` [PATCH v2 3/4] livepatch: deprecate stack_order Yafang Shao
2026-05-29 4:54 ` sashiko-bot
2026-05-29 9:13 ` Yafang Shao
2026-05-29 3:45 ` [PATCH v2 4/4] selftests/livepatch: Update tests for replace_set Yafang Shao
2026-05-29 5:16 ` sashiko-bot
2026-05-29 9:12 ` Yafang Shao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260529040130.95A9C1F00893@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=jikos@kernel.org \
--cc=joe.lawrence@redhat.com \
--cc=jpoimboe@kernel.org \
--cc=laoar.shao@gmail.com \
--cc=live-patching@vger.kernel.org \
--cc=mbenes@suse.cz \
--cc=pmladek@suse.com \
--cc=sashiko-reviews@lists.linux.dev \
--cc=song@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.