From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Minfei Huang <mnfhuang@gmail.com>
Cc: Zhou Chengming <zhouchengming1@huawei.com>,
sjenning@redhat.com, jkosina@suse.cz, vojtech@suse.cz,
live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
guohanjun@huawei.com, huawei.libin@huawei.com,
xiexiuqi@huawei.com, cbay@alwaysdata.com
Subject: Re: [PATCH v2] livepatch: x86: bugfix about kASLR
Date: Wed, 11 Nov 2015 10:15:56 -0600 [thread overview]
Message-ID: <20151111161556.GA5331@treble.redhat.com> (raw)
In-Reply-To: <20151111084648.GA26302@dhcp-129-10.nay.redhat.com>
On Wed, Nov 11, 2015 at 04:46:48PM +0800, Minfei Huang wrote:
> On 11/10/15 at 08:07am, Josh Poimboeuf wrote:
> > On Fri, Nov 06, 2015 at 02:25:00PM +0800, Zhou Chengming wrote:
> > > When enable KASLR, livepatch will adjust old_addr of changed
> > > function accordingly. So do the same thing for reloc.
> > >
> > > +
> > > +#if defined(CONFIG_RANDOMIZE_BASE)
> > > + /* If KASLR has been enabled, adjust old value accordingly */
> > > + if (kaslr_enabled())
> > > + reloc->val += kaslr_offset();
> > > +#endif
> > > ret = klp_verify_vmlinux_symbol(reloc->name,
> > > reloc->val);
> > > if (ret)
> >
> > Zhou, thanks a lot for this fix.
> >
> > Generally I think this patch is fine. However, Chris J Arges is working
> > on another patch[*] which may get rid of reloc->val as an input and make
> > this patch obsolete.
> >
> > So, assuming Chris's patch eventually gets accepted, I don't see a need
> > for this one unless anybody wants it as a bug fix for 4.4.
> >
> > [*] https://lkml.kernel.org/r/1447085770-11729-1-git-send-email-chris.j.arges@canonical.com
> >
>
> Hi, Josh.
>
> I think Jessica Yu is working on the relative patchset which will
> offload relocation logical to the module loader.
Yeah, Jessica's patch set does move the relocation logic to the module
loader, and it does result in a rewrite of this code. However, it still
uses an address-based symbol addressing scheme, so it doesn't resolve
this particular issue.
Chris's patch changes the symbol addressing scheme from address-based to
sympos-based. To be consistent, I think it should do that for both
function addresses and relocation symbol addresses. Then that would fix
this issue and make Zhou's patch obsolete.
If Chris's smaller patch is merged before Jessica's bigger patch set,
Jessica's patches can be rebased on top of Chris's to keep the new
sympos-based addressing scheme.
Or vice versa: if Jessica's patches are merged first, then Chris's can
be rebased. Either way, Chris's patches will obsolete this one.
--
Josh
next prev parent reply other threads:[~2015-11-11 16:16 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-06 6:25 [PATCH v2] livepatch: x86: bugfix about kASLR Zhou Chengming
2015-11-10 14:07 ` Josh Poimboeuf
2015-11-11 8:46 ` Minfei Huang
2015-11-11 16:15 ` Josh Poimboeuf [this message]
2015-11-11 16:19 ` Jiri Kosina
2015-11-11 16:20 ` Josh Poimboeuf
2015-11-11 16:26 ` Josh Poimboeuf
2015-11-11 16:39 ` Jiri Kosina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151111161556.GA5331@treble.redhat.com \
--to=jpoimboe@redhat.com \
--cc=cbay@alwaysdata.com \
--cc=guohanjun@huawei.com \
--cc=huawei.libin@huawei.com \
--cc=jkosina@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mnfhuang@gmail.com \
--cc=sjenning@redhat.com \
--cc=vojtech@suse.cz \
--cc=xiexiuqi@huawei.com \
--cc=zhouchengming1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox