Received: by 10.213.65.68 with SMTP id h4csp434653imn;
        Tue, 13 Mar 2018 08:58:07 -0700 (PDT)
X-Google-Smtp-Source: AG47ELuZ2YrL2arZpny6BLdCaSqHGl9HsA6Pq58CZXuxOxPYiZ/fhWjf24vyn9jN/ieJ92iYGA7R
X-Received: by 10.99.100.6 with SMTP id y6mr896203pgb.254.1520956687849;
        Tue, 13 Mar 2018 08:58:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1520956687; cv=none;
        d=google.com; s=arc-20160816;
        b=L3TYwoBe8I/EAg9H0QTdiP9npStX5KfyFxozblh3603MwPGbZKunUFg/QjDdmDoCbD
         E7CvvRzahlDS3P5oxdX9viZBw5FnW6cIiSxUm2dGGRCnjGQiv1rCwEJt8Vt4jgT/ak/i
         fS6PqMjxnKWMFjo6gAU72hN0HBVnpBPtlvSVTrkhxTdTZgLtSF/ZFLNx1v/BCzpVd/8c
         qEUWGmS2vau5kuzjVKC1xCk03uAO8E0Q74SR29dXPtzmMwSIrG4pqSqWnZVB9s+7JzlK
         VMmm1r71RN8/vy6R+4OwUXLQT6lQFx+LOE571hVs5rsvzKEyGgNnwHCHRZRrsTzQzeWC
         kyCw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=cERCZE3jr5soyN4kIj81IQ+N9dCEeQ+EgqrNw3pOgH4=;
        b=xiLT1To//u88MBq0y00v9hV+xS1/LStYsxlOAM7N0E5D9Z0kjWbO+L3VpuqzEG8RmW
         lU5f3kwnM1LXaDa+lPKucpgrh0wJ3GhuSkM5e6P8dwNOXrKuCq4alBGEz2/dmHALML92
         gfz4/22YsZzE9N+w9FcDeHXdfZjmbube1EpDrl+cs+cZ5Bj3JOJFD6VeUmHrL8/TWlYw
         kHbJbTuDhJRkk2Q08tCOrlWfEHfYx6TA94j/xEs1Pz2eeyVQG5DvWZa9IXfMvwyGIOnM
         qg/yC059b9Xnl8Hxv14VFXrjbgrQ8rbQ7tKZvqRa3ucYiMpJGUdROXgZ6kA6gXp4oxQU
         Mbxw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e13si339033pff.8.2018.03.13.08.57.53;
        Tue, 13 Mar 2018 08:58:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933399AbeCMP4F (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Tue, 13 Mar 2018 11:56:05 -0400
Received: from mx2.suse.de ([195.135.220.15]:39859 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S932400AbeCMP4D (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 13 Mar 2018 11:56:03 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 17DFAAF85;
        Tue, 13 Mar 2018 15:56:02 +0000 (UTC)
From:   Petr Mladek <pmladek@suse.com>
To:     Jiri Kosina <jikos@kernel.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Miroslav Benes <mbenes@suse.cz>
Cc:     Joe Lawrence <joe.lawrence@redhat.com>,
        Jessica Yu <jeyu@kernel.org>, Nicolai Stange <nstange@suse.de>,
        live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
        Petr Mladek <pmladek@suse.com>
Subject: [PATCH 0/2] livepatch: Allocate and free shadow variables more safely
Date:   Tue, 13 Mar 2018 16:54:46 +0100
Message-Id: <20180313155448.1998-1-pmladek@suse.com>
X-Mailer: git-send-email 2.13.6
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Nikolai started to use shadow variables and found that list_head
is not initialized correctly using the existing API.

The problem is that LIST_HEAD_INIT() set pointers to itself.
klp_shadow_alloc() then copies these pointers to another location.

It would be possible to solve this by a late initialization. But
this does not work well with klp_shadow_get_or_alloc(). Also this
behavior is error prone. Note that list_head might be hidden in
another structure, for example mutex.

I suggest to change the API and allow to initialize the shadow
variables using a custom callback. I think that we have already
talked about this but we decided to go the easier way. It seems
that it was a bad decision.

I send also patch that add a symmetric callback to the klp_shadow_free()
functions. It might be handy especially for klp_shadow_free_all().


The patchset is against the current Linus' tree.

Petr Mladek (2):
  livepatch: Initialize shadow variables by init function safely
  livepatch: Allow to unregister or free shadow data using a custom
    function

 Documentation/livepatch/shadow-vars.txt   | 42 ++++++++++++-----
 include/linux/livepatch.h                 | 23 +++++++---
 kernel/livepatch/shadow.c                 | 75 +++++++++++++++++++++----------
 samples/livepatch/livepatch-shadow-fix1.c | 44 +++++++++++++-----
 samples/livepatch/livepatch-shadow-fix2.c | 33 +++++++-------
 5 files changed, 150 insertions(+), 67 deletions(-)

-- 
2.13.6