[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC v2] xSplice design

To: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
From: Martin Pohlack <mpohlack@xxxxxxxxxx>
Date: Fri, 12 Jun 2015 13:51:08 +0200
Cc: Elena Ufimtseva <elena.ufimtseva@xxxxxxxxxx>, jeremy@xxxxxxxx, hanweidong@xxxxxxxxxx, jbeulich@xxxxxxxx, john.liuqiming@xxxxxxxxxx, Paul Voccio <paul.voccio@xxxxxxxxxxxxx>, Daniel Kiper <daniel.kiper@xxxxxxxxxx>, Major Hayden <major.hayden@xxxxxxxxxxxxx>, liuyingdong@xxxxxxxxxx, aliguori@xxxxxxxxxx, xiantao.zxt@xxxxxxxxxxxxxxx, lars.kurth@xxxxxxxxxx, Steven Wilson <steven.wilson@xxxxxxxxxxxxx>, peter.huangpeng@xxxxxxxxxx, msw@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx, Rick Harris <rick.harris@xxxxxxxxxxxxx>, boris.ostrovsky@xxxxxxxxxx, Josh Kearney <josh.kearney@xxxxxxxxxxxxx>, jinsong.liu@xxxxxxxxxxxxxxx, Antony Messerli <amesserl@xxxxxxxxxxxxx>, konrad@xxxxxxxxxx, fanhenglong@xxxxxxxxxx, andrew.cooper3@xxxxxxxxxx
Delivery-date: Fri, 12 Jun 2015 11:52:50 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 08.06.2015 17:19, Konrad Rzeszutek Wilk wrote:q
[...]
>>> There is a nice part of the old code check - you
>>> can check (and deal with) patching an already patched code.
>>> As in, if the payload was configured to be applied on top of an already
>>> patched function it would patch nicely. But if the payload is against
>>> the virgin code - and the hypervisor is running an older patch, we would
>>> bail out.
>>
>> You can do that too with the build IDs if there is some mechanism that
>> loads hotpatches in the same order as they were built in (if they
>> overlap).  The simplest approach that comes to mind is a hotpatch stack,
>> instead of independent patches.
> 
> True. Murphy law though says somebody will do this in reverse order :-)
> And that is my worry - some system admin will reverse the order, or pick
> an patch out of order, and we end up patching .. and things eventually
> break and blow up.

Right, I can see how this might be useful as an additional guard.

There are some additional benefits to using build IDs, beyond preventing
loading patches for the wrong hypervisor.  They can also help locate
patches for the currently running hypervisor if laid out correspondingly
on disk, e.g.:

  /some/path/<build_ID>/nnnnn-patch1.mod

A userland tool would query for the specific build ID of the currently
running hypervisor and only attempt to load hotpatches designated for
it.  This is a stronger protection than relying on the RPM version or a
similar mechanism.

* build ID
  * Prevent loading of wrong hotpatches (intended for other builds)
  * Allow to identify suitable hotpatches on disk and help with runtime
    tooling (if laid out using build ID)

* Comparing old code
  * Prevent loading of dynamically incompatible hotpatches

Martin

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [RFC v2] xSplice design
  - From: Konrad Rzeszutek Wilk

References:
- Re: [Xen-devel] [RFC v2] xSplice design
  - From: Konrad Rzeszutek Wilk
- Re: [Xen-devel] [RFC v2] xSplice design
  - From: Martin Pohlack
- Re: [Xen-devel] [RFC v2] xSplice design
  - From: Konrad Rzeszutek Wilk

Prev by Date: Re: [Xen-devel] [PATCH v2 COLOPre 03/13] libxc/restore: zero ioreq page only one time
Next by Date: [Xen-devel] Backport request "libxl: In libxl_set_vcpuonline check for maximum number of VCPUs against the cpumap." (Was: Re: [Bug report] Security issue in "xl vcpu-set")
Previous by thread: Re: [Xen-devel] [RFC v2] xSplice design
Next by thread: Re: [Xen-devel] [RFC v2] xSplice design
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.