[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] xsplice-build prototype (was [PATCH v1 1/5] xsplice: Design document.)



On 10/05/2015 11:28 AM, Ross Lagerwall wrote:
On 09/16/2015 10:01 PM, Konrad Rzeszutek Wilk wrote:
+### Generation of xSplice ELF payloads
+
+The design of that is not discussed in this design.
+
+The author of this design envisions objdump and objcopy along
+with special GCC parameters (see above) to create .o.xsplice files
+which can be used to splice an ELF with the new payload.
+
+The ksplice code can provide inspiration.
+

As discussed off-list with Konrad, I'm going to get started with
generation of the payload given a patch.


I've created a _prototype_ tool for this based on kpatch's tooling. It's currently living at https://github.com/rosslagerwall/xsplice-build

With no source patch modifications, live patches can be built for every XSA that applies to x86 back to XSA-90 except for XSA-97, XSA-111, XSA-112, and XSA-114 (83% success rate). It gives plausible output for each generated patch although I obviously can't verify the live patches yet.

It doesn't really follow the design in the above document; IMO the payload design is unnecessarily complicated. At this point I'd rather just get a complete working prototype, and we can figure out the specifics and finalize the design later.

If no one else is working on it, I'm going to start the next steps which is:
* Load the ELF binary into Xen memory.
* Resolve symbols.
* Perform ELF relocations

I'll use Konrad's xsplice.v1.1 branch as a starting point to provide the hypervisor interface for this work.

Thanks
--
Ross Lagerwall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.