[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] livepatch: set -f{function,data}-sections compiler option

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Mon, 7 Mar 2022 17:36:28 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Z3xROm6DFkdCKIDAqiL7E57MvhGKHu1iWupBBogtGJY=; b=gxA08lQCSCcm1UB2DHIPHJZG4mCKqLx8qvaXZzID9AF51LNio+OZJZF7TR2dp50rdMsnq87Z7OfHtA9hkpdcWsJcaep/6tzfBFA+C3BmhhkL8nP2iMdrPOWUs8t8qKyNp7JjSOWTUt3ij6SbtN50xlV93Ybkz3ftSUvnUyOIL1+cqODNFntal68aP3DTu6L74DoTumQedtKUHIG6I5lI7QeZ495f76YkUbPHk/jQT+U5ciGRxAVAx7gnvFBjg1AxJ9oDTZFHOwACl7Mvf3Fe56DYPWmxTPoMnNn5wMjZ7GkrzQbvm9Tbe2MlC/Xxkbny4Dv7r9zwyU+Tec+LPjScoA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yt1qmLdI7qwwGvoesuOHaDtVVWJ+hAdaSlcVPwUolGbuuEtGFeuopZ6IEXQJC1OWhYZ5dqw6XneMkm8ncfTE+S+VQLxPBERVU4ZfvPH+hbmdqHXID6oGByxnKh29bLQTray2hDvvBprPeYPU798biqpmSlStLZqW6V+kzcP2dxpFy3myrGitzEn8WTYngSekRDpt3ZQFHmOk4UErzHJGXJS0yc7JDuGJzBH+354ZynBVsWlYF0yOtWW3ZQ5fE6UMQXd/jdAk9F7gw1jGvGJXlr1/KPszSq7k3M8II38TWtUHF5fTRNlqx04etXfOOENtJIcHHdG4CgEZ5naZSH+OCQ==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 07 Mar 2022 16:36:50 +0000
  • Ironport-data: A9a23:zS1uZ630kwvdVIe0xPbD5Txxkn2cJEfYwER7XKvMYLTBsI5bpzIAz zZNUW2FbPneMGukL9twOdnipkIAsZfSyoM1TAA6pC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7xdOCn9xGQ7InQLlbGILes1htZGEk1EE/NtTo5w7Rj2tUw3oDja++wk YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx /1rma2xcVsoOpHu29g+eARlAyxMBoBJreqvzXiX6aR/zmXDenrohf5vEFs3LcsT/eMf7WNmr KJCbmpXN1ba2rzwkOnTpupE36zPKOHxO4wSoDd4xCzxBvc6W5HTBa7N4Le02R9u250QR62PN qL1bxJlUkWZXTl0IG4MJ5YZm9qMlGTnUSZX/Qf9Sa0fvDGIkV0ZPKLWGNDYYMCQTMNZ2EORv Hvb/n/RCwsfcteYzFKtzHWogePemDLhb6gbHra46/1CjUWawyoYDxh+fUu2p7y1h1CzX/pbK lcI4Ww+oK4q7kupQ9LhGRqirxasoRo0S9dWVeog52mlyKDZ/gKYDWgsVSNaZZots8pebT430 l6Emfv5CDopt6eaIVqG7audpz62PSkTLEcBaDUCQA9D5MPsyLzflTqWEIwlSvTsyISoR3egm FhmsRTSmZ01of8K7/m6+WzlwA6PjYX0XgMH3SjYCzfNAhxCWKapYImh6F7+5PlGLZqEQlTpg EXoi/Ry/8hVU8jTyXXlrPElWejwuq3baGG0bUtHQsF5nwlB7UJPamy5DNtWAE5yevgJdjbyC KM4kVMAvcQDVJdGgEIeXm5QNyjI5fW6fTgGfqqNBjarXnSWXFXblByCnWbKgwjQfLEEyMnTw 6uzf8e2Fmo9Aq961jewTOp1+eZ1mn5jlD2LGsurn0jPPV+iiJm9E+ttDbdzRrphsPPsTPv9q b6zyPdmOz0ACbajM0E7AKYYLEwQLGhTOHwFg5c/SwJ3GSI/QDtJI6aImdsJItU594wMz7eg1 iztCydwlQuk7VWaeFriV5yWQO62NXqJhSlgZnJE0JfB8yVLXLtDG49EL8pnJeR8rbc7pRO2J tFcE/i97j10Ym2v0xwWbIXnrZwkcxKuhAmUODGibiR5dJllLzElMPe7Fucz3EHi1haKiPY=
  • Ironport-hdrordr: A9a23:bYOFnKkg/+RmSc6UO2Ae4Pj2ULnpDfPOimdD5ihNYBxZY6Wkfp +V88jzhCWZtN9OYhwdcLC7WZVpQRvnhPlICK0qTM2ftW7dyRaVxeBZnPDfKljbdREWmdQtt5 uIH5IObeEYSGIK8foSgzPIYurIouP3iZxA7N22pxwGLXAIV0gj1XYANu/yKDwJeOAsP+teKH Pz3Lsim9L2Ek5nEfhTS0N1F9TrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S yd+jaJrJmLgrWe8FvxxmXT55NZlJ/IzcZCPtWFjowwJi/3ggilSYx9U/mpvSwzosuo9FE2+e O86CsIDoBW0Tf8b2u1qRzi103J1ysv0WbrzRuijX7qsaXCNUUHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5vDTPisa2XackD4Hq6o+nnZfWYwRZPt6tooE5n5YF58GAWbT9J0nKu 9zF8vRjcwmPW9yV0qp/1WH/ebcHkjaRny9Mws/U42uonVrdUlCvgUlLJd1pAZDyHo/I6M0k9 gsfJ4Y0Y2mdfVmHp6VNN1xMfdfNVa9My4kEFjiV2gPR5t3ck4klfbMkcAIDaeRCdg18Kc=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Mon, Mar 07, 2022 at 05:28:20PM +0100, Jan Beulich wrote:
> On 07.03.2022 16:55, Roger Pau Monne wrote:
> > If livepatching support is enabled build the hypervisor with
> > -f{function,data}-sections compiler options, which is required by the
> > livepatching tools to detect changes and create livepatches.
> > 
> > This shouldn't result in any functional change on the hypervisor
> > binary image, but does however require some changes in the linker
> > script in order to handle that each function and data item will now be
> > placed into its own section in object files. As a result add catch-all
> > for .text, .data and .bss in order to merge each individual item
> > section into the final image.
> > 
> > The main difference will be that .text.startup will end up being part
> > of .text rather than .init, and thus won't be freed. .text.exit will
> > also be part of .text rather than dropped. Overall this could make the
> > image bigger, and package some .text code in a sub-optimal way.
> > 
> > Note that placement of the sections inside of .text is also slightly
> > adjusted to be more similar to the position found in the default GNU
> > ld linker script. This requires having a separate section for the
> > header in order to place it at the begging of the output image,
> > followed with the unlikely and related sections, and finally the main
> > .text section.
> > 
> > On Arm the .data.read_mostly needs to be moved ahead of the .data
> > section like it's already done on x86, and the alignment needs to be
> > set to PAGE_SIZE so it doesn't end up being placed at the tail of a
> > read-only page from the previous section. While there move the
> > alignment of the .data section ahead of the section declaration, like
> > it's done for other sections.
> > 
> > The benefit of having CONFIG_LIVEPATCH enable those compiler option
> > is that the livepatch build tools no longer need to fiddle with the
> > build system in order to enable them. Note the current livepatch tools
> > are broken after the recent build changes due to the way they
> > attempt to set  -f{function,data}-sections.
> > 
> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> 
> The x86 part of this looks fine to me, just one other remark:
> 
> > --- a/xen/common/Kconfig
> > +++ b/xen/common/Kconfig
> > @@ -350,10 +350,14 @@ source "common/sched/Kconfig"
> >  config CRYPTO
> >     bool
> >  
> > +config CC_SPLIT_SECTIONS
> > +   bool
> 
> I think this wants to live higher up in the file, perhaps between
> ALTERNATIVE_CALL and HAS_ALTERNATIVE. (CRYPTO, as seen in context
> here, imo also would better live higher up.) Or alternatively it may
> want to move to xen/Kconfig, next to CC_HAS_VISIBILITY_ATTRIBUTE.

I was tempted to place it in xen/Kconfig. The logic for the current
suggested placement is to be closer to it's current only user
(LIVEPATCH), but I'm not opposed to moving it somewhere else if
there's consensus.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.