Received: by 10.213.65.68 with SMTP id h4csp1875187imn;
        Thu, 5 Apr 2018 05:25:06 -0700 (PDT)
X-Google-Smtp-Source: AIpwx48PzAkEgMudPgDa8VJfbag0GqgMgej8ghI6PFX6cq00R0cUA16rKx5qDQN+RWLYvyjkCBiF
X-Received: by 10.101.99.149 with SMTP id h21mr14867599pgv.345.1522931106861;
        Thu, 05 Apr 2018 05:25:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522931106; cv=none;
        d=google.com; s=arc-20160816;
        b=NYaL48B6mi/mo8ksrOqMv5jxDxWNQmH9k3kZorHvZNrNhPAQ/6b71jRsGgX8T9IrAo
         xMVVGzR2tJnjQfHAz+iSsG4akDbbCZt8ovikjee2V/xdBZZLwZOcNs5M/U6rOyhIwfmI
         Gumn9X80pkUDHHar7Bbgj8v9IoAjuGgt4d70/C9w4rzix0N8oKU6JIrb/vmEPm+ST18y
         HYwoacv4WgVF1NMNquhXeozyZg+VGj48SmewcpdWXMILJZm+kJDZaLFc1txDReHvWK+4
         XSHwxEHjjkAAZ0aU8c9Zhw9hVgCZVkIUIWBDyEzthwAMnmqrr5mcA+7Mx2T2Gf0hsj79
         R9lA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=G64uDCVcbF3xFLYDDu14jPvp6uVU3lldjVrKg5NF+uo=;
        b=QlT+vdPfBZUZdC/rIy8LqTZxRZkbTLjpu4DexACceNCUzdKf4nYbRRStVQ9Wh/1sj1
         kSfQjJP6qax8tWt7fegiPoPMQ9/+fJTZgfpdrDGH7xIjqpfqujd9tIPlpOKQOEGLPYtc
         7qlCnUe2fRfbW6Rqxx3sAMeypQsUoRWIMlI2aq1f5Z78uvqNzKYULSiembEAj5N+QtB9
         2VjFTi/h2Lykde6XfgfDWSMqgAYLXMtNnfLHJCa02jkoE0pBQIKH7NjCQsrfkOZTtPT3
         3EhbgxDyjANFPMpWDGECzu9zyuuIRrJ3xbtBPeI9wsFWCOEVEwD+wPAVsgXOUgJoJz+0
         daPg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k8-v6si5975011pls.368.2018.04.05.05.24.52;
        Thu, 05 Apr 2018 05:25:06 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751352AbeDEMXf (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Thu, 5 Apr 2018 08:23:35 -0400
Received: from mx2.suse.de ([195.135.220.15]:50508 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751038AbeDEMXe (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 5 Apr 2018 08:23:34 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id AEB99AF48;
        Thu,  5 Apr 2018 12:23:32 +0000 (UTC)
From:   Petr Mladek <pmladek@suse.com>
To:     Jiri Kosina <jikos@kernel.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Miroslav Benes <mbenes@suse.cz>
Cc:     Joe Lawrence <joe.lawrence@redhat.com>,
        Jessica Yu <jeyu@kernel.org>, Nicolai Stange <nstange@suse.de>,
        live-patching@vger.kernel.org, linux-kernel@vger.kernel.org,
        Petr Mladek <pmladek@suse.com>
Subject: [PATCH v2 0/2] livepatch: Allocate and free shadow variables more safely
Date:   Thu,  5 Apr 2018 14:23:13 +0200
Message-Id: <20180405122315.29065-1-pmladek@suse.com>
X-Mailer: git-send-email 2.13.6
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Nikolai started to use shadow variables and found that list_head
is not initialized correctly using the existing API.

The problem is that LIST_HEAD_INIT() set pointers to itself.
klp_shadow_alloc() then copies these pointers to another location.

It would be possible to solve this by a late initialization. But
this does not work well with klp_shadow_get_or_alloc(). Also this
behavior is error prone. Note that list_head might be hidden in
another structure, for example mutex.

I suggest to change the API and allow to initialize the shadow
variables using a custom callback. I think that we have already
talked about this but we decided to go the easier way. It seems
that it was a bad decision.

I send also patch that add a symmetric callback to the klp_shadow_free()
functions. It might be handy especially for klp_shadow_free_all().


Changes against v1:

  + Rename init/free callbacks to ctor/dtor
  + Misc update of comments and commit messages
  + Fix sizeof() in the sample code in shadow-vars.txt


Petr Mladek (2):
  livepatch: Initialize shadow variables safely by a custom callback
  livepatch: Allow to call a custom callback when freeing shadow
    variables

 Documentation/livepatch/shadow-vars.txt   |  41 +++++++----
 include/linux/livepatch.h                 |  19 ++++--
 kernel/livepatch/shadow.c                 | 109 ++++++++++++++++++++----------
 samples/livepatch/livepatch-shadow-fix1.c |  43 +++++++++---
 samples/livepatch/livepatch-shadow-fix2.c |  33 +++++----
 5 files changed, 164 insertions(+), 81 deletions(-)

-- 
2.13.6