[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Livepatch for Xen 4.9

To: <konrad.wilk@xxxxxxxxxx>
From: "Jan Beulich" <jbeulich@xxxxxxxx>
Date: Mon, 03 Oct 2016 08:37:17 -0600
Cc: andrew.cooper3@xxxxxxxxxx, Marcos.Matsunaga@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx, mpohlack@xxxxxxxxxx, ross.lagerwall@xxxxxxxxxx
Delivery-date: Mon, 03 Oct 2016 14:37:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> 10/03/16 4:18 PM >>>
>2) We could also do some form of restartable patching. That is seed the code 
>(where we are going to
>put a trampoline) with 'CC'. Then do memcpy over the the 'CC' the new 
>instructions (jump). If the
>NMI/MCE handler hits that code it would call the int3 - which we expand now to 
>take over and check
>whether the EIP is in the location which we just seeded with 'CC' - and if so 
>it can memcpy the
>trampoline code in (with a slight twist - we first memcpy the displacement, so 
>the start of a function
>would be say: CC 00 23 00 10 - and then we do a single write to replace 'CC' 
>with 'E9').
   
Careful here: How do you mean to return from the int3 handler? You mustn't use 
IRET
there, or else you unmask further NMIs.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] Livepatch for Xen 4.9
  - From: Konrad Rzeszutek Wilk

Prev by Date: Re: [Xen-devel] [PATCH RFC] xen: make it possible to disable XEN_TMEM
Next by Date: [Xen-devel] [PATCH] libxl: fix issues in 38cd0664
Previous by thread: [Xen-devel] Livepatch for Xen 4.9
Next by thread: Re: [Xen-devel] Livepatch for Xen 4.9
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.