[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] libelf: improve PVH elfnote parsing

  • To: Jason Andryuk <jandryuk@xxxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Tue, 18 May 2021 13:28:16 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3IkFluejZckp15DsuWXvgNhQs8OSc1Ee5IBdC3fu5XE=; b=hXOf7U7r0VnHzwKo1xh7mz8IddAaOluqRCWkm1gqeCdK30FnnQSN20+rIgFnWw0Y1ctNI7he9Je4mEfaS4f3l47UFwDbSWcDNPic9N0E4SLTnWzZ11dj73aY8I/LZt/ZSHbN8iUP3yNnG4eLvR1a8z0rsim5WV4jKeC/U64JGholfYLjXSaN80Mnmw/vMrrndxsLU2faPd4QKH6t7uTIumojbmHgDbgnnim/52osoWeIQ6zX6ysisnT+CsJm7untzyn8e3aYF7kmISx0s152oRF/puvZSt0sTmB/2Jj7p3Xu/Cmdsb1kAAcYInUALHiOUHPvizvxAawjmxLagwMZUQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GDsgHiJNAMKb6aIQqzDNEKwqkfpAbr1GG4pZzakX4Yv3sOfpjH5LLSlF+zw1aEeivFc8Jbf8dxv8Cq3FVgAGE5z6n3w9NjZ5j7rLDD2GA6F/g/r9vr9zOrO0Imuyp3GthTOJo9hwLoUCPMZC3R9A3W1SmaqaUsVvofbTvqqSV1EunaOFa7JPWewnyGvdbqzhlc/6XcFTf29x9oKegPRvqkaOH39lw+RCs2Tfv+wC3le1vhIt5X/SUtrtwXIOGyNLxksF96dEE9mnmE3okQOcDR5F5JCkWlt2fd0lEvQKiGrJ/7NbGGQ3PEfFQJJmid/3FNyvVB4Q+8sW2bS1BNkHOA==
  • Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Tue, 18 May 2021 11:28:32 +0000
  • Ironport-hdrordr: A9a23:eLFey6uT79B7LhryqG6ezXqp7skCdoMji2hC6mlwRA09TyXGra +TdaUguSMc1gx9ZJhBo7G90KnpewK6yXdQ2/hqAV7CZnichILMFu9fBOTZsl/d8kHFh4tgPO JbAtVD4b7LfClHZKTBkXCF+r8bqbHtmsDY5pas854ud3ATV0gJ1XYGNu/xKDwReOApP+tcKH LKjfA32AZINE5nI/hSaRI+LqT+juyOsKijTQ8NBhYh5gXLpyiv8qTGHx+R2Qpbey9TwJ85mF K10jDR1+GGibWW2xXc32jc49B9g9360OZOA8SKl4w8NijssAC1f45sMofy8gzdmNvfq2rCre O84SvJZ69ImjbslyCO0FTQMjDboXYTAySI8y7dvZOLyvaJNA7TCKJ69Mpkm1Ximg0dVHwV6t M944ujjesjMfr3plW12zH5bWAZqqOKmwtXrQcytQ0VbWJMUs4akWQglHklZqvoSxiKlLzPVt MeSv3h2A==
  • Ironport-sdr: UM99sqw0VpGoJXcXcETiBYoAtSMXZbyNmEfoecWmXOTWE6aUzumN8YSXpf3UQGI4RswR1KhePC +bDwx8sU0tsMCzesAkTLuMXClm394aR2o/cVRPQg+Fto84EwfTrTf+tq9pn/p8u/JCij6UDyzj IJZsJ/cH6T4cip61OG9Eef2visZpMBWG35PFSP35Ni7Jq+MR0Pyb7UbbvJG86A5qhSpN/GPIY+ DpDuMvyaF1BCDS9EW4XHLsmW8wFsdh9/ZVv9Xm4S148ei6q4qugrpKzmoOnDsfrMdWUfkHlmwg pdY=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Fri, May 14, 2021 at 11:11:14AM -0400, Jason Andryuk wrote:
> On Fri, May 14, 2021 at 9:50 AM Roger Pau Monne <roger.pau@xxxxxxxxxx> wrote:
> >
> > Pass an hvm boolean parameter to the elf note parsing and checking
> > routines, so that better checking can be done in case libelf is
> > dealing with an hvm container.
> >
> > elf_xen_note_check shouldn't return early unless PHYS32_ENTRY is set
> > and the container is of type HVM, or else the loader and version
> > checks would be avoided for kernels intended to be booted as PV but
> > that also have PHYS32_ENTRY set.
> >
> > Adjust elf_xen_addr_calc_check so that the virtual addresses are
> > actually physical ones (by setting virt_base and elf_paddr_offset to
> > zero) when the container is of type HVM, as that container is always
> > started with paging disabled.
> 
> Should elf_xen_addr_calc_check be changed so that PV operates on
> virtual addresses and HVM operates on physical addresses?

Right... I was aiming with getting away with something simpler and
just assume phys == virt on HVM in order to avoid more complicated
changes and the need to introduce new fields on the structure.

> I worked on some patches for this a while back, but lost track when
> other work pulled me away.  I'll send out what I had, but I think I
> had not tested many of the cases.  Also, I had other questions about
> the approach.  Fundamentally, what notes and limits need to be checked
> for PVH vs. PV?

Those are only sanity checks to assert that the image is kind of fine,
libelf also has checks when loading stuff to make sure a malicious elf
payload cannot fool the loader.

I'm unlikely to be able to do much work on this aside from this
current patch.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.