Received: by 10.192.165.156 with SMTP id m28csp1713793imm;
        Tue, 17 Apr 2018 04:23:09 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/HmzAIJ+d4Fq3mPv3Hc41y5j38WcEJCV1bu+OcayI9Ty147bAfhT6Ges62rAYCxXn/AOrI
X-Received: by 10.98.56.144 with SMTP id f138mr1606706pfa.173.1523964189701;
        Tue, 17 Apr 2018 04:23:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523964189; cv=none;
        d=google.com; s=arc-20160816;
        b=Gr+/ZHGi0h1talm+OsZpqGf/eyMCTVZXZSl9qCd0Jaje2psaMtw49ccH7/jL1PBHyN
         u+/C2NbQaISsQZpmtPCeITmYL3Xhge/IppjBBP+x+9OryaAF9bNCg2Wi+xD/Bb0C4Zca
         jOQIPsbPmj7f6zRML6QNFP333bb8uH55vjDeoKq86HDZCyLq0/ne9OE/ju8yotudJKjw
         iuxO8Uey68O1s/nCERLDE79ygutOMgzrLHjNfr0vht7ZQfoY/TMC5YHyFQYw6ziVvCO4
         Jhqs2VJXEYJL3lka0OMwl+LSQHfMUuQeiYuawm5ODlPEy9BDR/yKLfn6QoiIHsVByC2V
         k2Sw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=B5h9BXsuffMXyuQf0rPLTOqK6DGAW0RLB75fJ2LWX3Y=;
        b=jEF8Ma0XmFGmF+XRzTeT16W1xa7flP0jlzzmGPBnhA27QB/bABuzJP7GH+g5p2AdHl
         OxmONveFvApDPAEz9hA61acWrTp3s18pNEwd84AfiXxgiOp88OduIBDgtbwq4fa2R++3
         3VYu1GVORPe90ekesybxLbx+iEFzNUFhZzYhhbnIZ9bEcKYdy8E6Uch7HqRp1Vo7ZLBz
         rHCnf5WvTSnrTlP/Ga4k0rypmWkBQ8u2YooBsePtrhszrz/+QWVjdFkfpALNz7lXwH8E
         ZA+7qeZDxuzc+GRS1yp29VIx2raiZTbX20njJyU0nzgxGAcQgEagRrMIMf02k1HBCODH
         S3DQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k78si13195255pfb.250.2018.04.17.04.22.55;
        Tue, 17 Apr 2018 04:23:09 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752357AbeDQLVc (ORCPT <rfc822;xqjcool@gmail.com> + 99 others);
        Tue, 17 Apr 2018 07:21:32 -0400
Received: from mx2.suse.de ([195.135.220.15]:35608 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752670AbeDQLV1 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 17 Apr 2018 07:21:27 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 53A50AECE;
        Tue, 17 Apr 2018 11:21:26 +0000 (UTC)
Date:   Tue, 17 Apr 2018 13:21:25 +0200 (CEST)
From:   Miroslav Benes <mbenes@suse.cz>
To:     Petr Mladek <pmladek@suse.com>
cc:     Jiri Kosina <jikos@kernel.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Joe Lawrence <joe.lawrence@redhat.com>,
        Jessica Yu <jeyu@kernel.org>, Nicolai Stange <nstange@suse.de>,
        live-patching@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 0/2] livepatch: Allocate and free shadow variables
 more safely
In-Reply-To: <20180416113647.25288-1-pmladek@suse.com>
Message-ID: <alpine.LSU.2.21.1804171320480.12184@pobox.suse.cz>
References: <20180416113647.25288-1-pmladek@suse.com>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 16 Apr 2018, Petr Mladek wrote:

> Nikolai started to use shadow variables and found that list_head
> is not initialized correctly using the existing API.
> 
> The problem is that LIST_HEAD_INIT() set pointers to itself.
> klp_shadow_alloc() then copies these pointers to another location.
> 
> It would be possible to solve this by a late initialization. But
> this does not work well with klp_shadow_get_or_alloc(). Also this
> behavior is error prone. Note that list_head might be hidden in
> another structure, for example mutex.
> 
> I suggest to change the API and allow to initialize the shadow
> variables using a custom callback. I think that we have already
> talked about this but we decided to go the easier way. It seems
> that it was a bad decision.
> 
> I send also patch that add a symmetric callback to the klp_shadow_free()
> functions. It might be handy especially for klp_shadow_free_all().
> 
> 
> Changes against v2:
> 
>   + Use pr_err() instead of WARN() when ctor() fails [Josh]
>   + Some typos [Mirek]
> 
> 
> Changes against v1:
> 
>   + Rename init/free callbacks to ctor/dtor
>   + Misc update of comments and commit messages
>   + Fix sizeof() in the sample code in shadow-vars.txt
> 
> 
> Petr Mladek (2):
>   livepatch: Initialize shadow variables safely by a custom callback
>   livepatch: Allow to call a custom callback when freeing shadow
>     variables
> 
>  Documentation/livepatch/shadow-vars.txt   |  41 ++++++++----
>  include/linux/livepatch.h                 |  19 ++++--
>  kernel/livepatch/shadow.c                 | 108 ++++++++++++++++++++----------
>  samples/livepatch/livepatch-shadow-fix1.c |  43 +++++++++---
>  samples/livepatch/livepatch-shadow-fix2.c |  33 ++++-----
>  5 files changed, 163 insertions(+), 81 deletions(-)

Acked-by: Miroslav Benes <mbenes@suse.cz>

M