[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] livepatch: Add limit of 2MB to payload .bss sections.

commit c1d255584c31d242900cecad2c73158a27e3fa29
Author:     Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
AuthorDate: Tue Sep 6 12:45:50 2016 -0400
Commit:     Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
CommitDate: Fri Sep 23 12:39:43 2016 -0400

    livepatch: Add limit of 2MB to payload .bss sections.
    
    The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
    "xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
    size of the binary at 2MB. We follow that in capping the size
    of the .BSSes to be at maximum 2MB.
    
    We also bubble up the payload limit and this one in one #define
    called LIVEPATCH_MAX_SIZE to make it easier to find these
    arbitrary limits.
    
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
    Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
---
 xen/common/livepatch.c      | 2 +-
 xen/common/livepatch_elf.c  | 4 ++++
 xen/include/xen/livepatch.h | 2 ++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c
index 912729e..f5ce28c 100644
--- a/xen/common/livepatch.c
+++ b/xen/common/livepatch.c
@@ -123,7 +123,7 @@ static int verify_payload(const 
xen_sysctl_livepatch_upload_t *upload, char *n)
     if ( !upload->size )
         return -EINVAL;
 
-    if ( upload->size > MB(2) )
+    if ( upload->size > LIVEPATCH_MAX_SIZE )
         return -EINVAL;
 
     if ( !guest_handle_okay(upload->payload, upload->size) )
diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index 6c7773b..dec904a 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, 
const void *data)
                     delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past 
end");
             return -EINVAL;
         }
+        else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
+                  sec[i].sec->sh_type == SHT_NOBITS &&
+                  sec[i].sec->sh_size > LIVEPATCH_MAX_SIZE )
+            return -EINVAL;
 
         sec[i].data = data + delta;
         /* Name is populated in elf_resolve_section_names. */
diff --git a/xen/include/xen/livepatch.h b/xen/include/xen/livepatch.h
index 243e240..29c9b31 100644
--- a/xen/include/xen/livepatch.h
+++ b/xen/include/xen/livepatch.h
@@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
 #define ELF_LIVEPATCH_FUNC    ".livepatch.funcs"
 #define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
 #define ELF_BUILD_ID_NOTE      ".note.gnu.build-id"
+/* Arbitrary limit for payload size and .bss section size. */
+#define LIVEPATCH_MAX_SIZE     MB(2)
 
 struct livepatch_symbol {
     const char *name;
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.