Xen project Mailing List

[PATCH v2] Arm: avoid .init.data to be marked as executable

To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Date: Mon, 14 Jun 2021 15:52:36 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uHxN8njyAPbAT4wEv5MVDJ50g6OUZutBTJuMLi18sp0=; b=D8/dHsAVr/d71EjHnzhp1TlodLXqmjGpuRPH9+gdd7+v726sjjRWtaPhtsTOkyi8qRZKFRvf+j/dTCc5vWjNtRky3HoUokJNDAhkEdfli7MC0+rxDvYhr9Csg7d1LG3JletjhgWWHANrmt7R4Ublm7Bf3V2Gf7nAlmpLNXag9ltaqdts3FM6q0LyimPVgk6nF4Z9bG00fJsl2bpCPmdlw231FF1ovg2U9BaSnpnil9oCHe3b3usw8vne0hu4n/7WnsMz7/z/rwaXcI0tfoRQKpp0Cw8Zx2SxYtcIvHUHPICSwzrCTCOmyhPHZmjBG3zHLHsuot45GP/rtCFBwQO9FQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fuivG3+pMRNI7/2IRkGMiKkkh3g6S7ofGoh3FAsA27KW4y6GM4kSSo4zDhAVh6ntipctTYV+agNesoA6wZB2Yk7FNNyTKCm2TF7NNaqY9/lZP/zqEFMiA1X9J4KZ3dPM0eeb/6PCpg3lBDO1UNJrI1sX9M8xi8E8VkZGqaccVLsdgzVgDolFVlT4M7hsFpGaJlJnu97/fDF+KJGwyOz3/+UKs0urSDibMPNw9F2w7cD1CqVeLzkWTwj9oNVygz/3J+sGMtlVjYwtJeM0lnctrfGn9XzRvFXjmRZhlGqLYQsSEFLPsTeTpWi/WxG2/o48COhS66gvQccqw+SZma/sTQ==

Authentication-results: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=suse.com;

Cc: Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>

Delivery-date: Mon, 14 Jun 2021 13:52:48 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

This confuses disassemblers, at the very least. Move .altinstr_replacement to .init.text. The previously redundant ALIGN() now gets converted to page alignment, such that the hypervisor mapping won't have this as executable (it'll instead get mapped r/w, which I'm told is intended to be adjusted at some point). Note that for the actual patching logic's purposes this part of .init.text _has_ to live after _einittext (or before _sinittext), or else branch_insn_requires_update() would produce wrong results. Also, to have .altinstr_replacement have consistent attributes in the object files, add "x" to the one instance where it was missing. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- v2: Put past _einittext. --- a/xen/arch/arm/xen.lds.S +++ b/xen/arch/arm/xen.lds.S @@ -148,6 +148,8 @@ SECTIONS _sinittext = .; *(.init.text) _einittext = .; + . = ALIGN(PAGE_SIZE); /* Avoid mapping alt insns executable */ + *(.altinstr_replacement) } :text . = ALIGN(PAGE_SIZE); .init.data : { @@ -169,8 +171,6 @@ SECTIONS __alt_instructions = .; *(.altinstructions) __alt_instructions_end = .; - . = ALIGN(4); - *(.altinstr_replacement) #ifdef CONFIG_DEBUG_LOCK_PROFILE . = ALIGN(POINTER_ALIGN); --- a/xen/include/asm-arm/alternative.h +++ b/xen/include/asm-arm/alternative.h @@ -67,7 +67,7 @@ int apply_alternatives(const struct alt_ ALTINSTR_ENTRY(feature,cb) \ ".popsection\n" \ " .if " __stringify(cb) " == 0\n" \ - ".pushsection .altinstr_replacement, \"a\"\n" \ + ".pushsection .altinstr_replacement, \"ax\"\n" \ "663:\n\t" \ newinstr "\n" \ "664:\n\t" \

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.