Xen project Mailing List

Re: [PATCH v2] livepatch: set -f{function,data}-sections compiler option

To: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Mon, 7 Mar 2022 17:28:20 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TpZmy+WckZWHPjdugwBIWtrS8HJyTvdknliRjg0Fh5E=; b=bxw3D5unEnq4iSS7Pr4KS8WctYcZ7pZnb8f9zJDDs+D/LNzV2RigfCK941XWLl3nm3ezMjFA1hit5Xj6hSLj7YCRYC+za5my7ia/w/UjE+nMDW5eNXHKelg056fSgHNpupEhaJ9IWfmHnQCD1PjZuHF2qeudgLPPvGapQvqChasvFVWTmqVN/v5ET6Sg7gJxApuKbZbJh3zX6mGQvSqSZNlxpY/uA9vs6CIduk3RAFyu8hswKRIZgxVjQ9K8v1faZZUGSBS1ehio0le/Qh5/dX40ja/qgJmgSw8EFJMZYJO/r7/OG/LTgnewYPN5AVZMz026hRmH9FbrcznA0BxI/g==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dtM2MT61SVVqllOv5v32ALrUpAR+zioBTQ9PxKWXwzeWlefp4AIh+FnE2S/INeAcGZ3j7QvNCKicjnfxM+sz8DB84PbD6h8sVsl0tQGD3v63e5CB+B8O0eb1qozPsjzStRS3bfKABJ0ZscnnKWE8tOvT4Ymb+P5/OZHrmgviUL/w12cK5L/6btP+f408k/l61EhUUwbeODlTSJDTPysXrGsuSEqDGHKTeW7zV17b9gxBh9kpxuLaSgJJNkTFX3eJqoN1PIUVwHY2SC7W69SWouwqSbVdiYnwkFZcTEoQelo4hDuVZFkf7P6b04rSWUA77uhAndklKLmErgAsF/Xaag==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Mon, 07 Mar 2022 16:28:30 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.03.2022 16:55, Roger Pau Monne wrote: > If livepatching support is enabled build the hypervisor with > -f{function,data}-sections compiler options, which is required by the > livepatching tools to detect changes and create livepatches. > > This shouldn't result in any functional change on the hypervisor > binary image, but does however require some changes in the linker > script in order to handle that each function and data item will now be > placed into its own section in object files. As a result add catch-all > for .text, .data and .bss in order to merge each individual item > section into the final image. > > The main difference will be that .text.startup will end up being part > of .text rather than .init, and thus won't be freed. .text.exit will > also be part of .text rather than dropped. Overall this could make the > image bigger, and package some .text code in a sub-optimal way. > > Note that placement of the sections inside of .text is also slightly > adjusted to be more similar to the position found in the default GNU > ld linker script. This requires having a separate section for the > header in order to place it at the begging of the output image, > followed with the unlikely and related sections, and finally the main > .text section. > > On Arm the .data.read_mostly needs to be moved ahead of the .data > section like it's already done on x86, and the alignment needs to be > set to PAGE_SIZE so it doesn't end up being placed at the tail of a > read-only page from the previous section. While there move the > alignment of the .data section ahead of the section declaration, like > it's done for other sections. > > The benefit of having CONFIG_LIVEPATCH enable those compiler option > is that the livepatch build tools no longer need to fiddle with the > build system in order to enable them. Note the current livepatch tools > are broken after the recent build changes due to the way they > attempt to set -f{function,data}-sections. > > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> The x86 part of this looks fine to me, just one other remark: > --- a/xen/common/Kconfig > +++ b/xen/common/Kconfig > @@ -350,10 +350,14 @@ source "common/sched/Kconfig" > config CRYPTO > bool > > +config CC_SPLIT_SECTIONS > + bool I think this wants to live higher up in the file, perhaps between ALTERNATIVE_CALL and HAS_ALTERNATIVE. (CRYPTO, as seen in context here, imo also would better live higher up.) Or alternatively it may want to move to xen/Kconfig, next to CC_HAS_VISIBILITY_ATTRIBUTE. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.