[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v1] arch/x86: Livepatch: fix overflow check when computing ELF relocations

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Tue, 8 Mar 2022 17:15:33 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xRh513p/AsQY5XbW32P7IOjnQoyPaNleodqK+9PVZwo=; b=Ap5GlqYCob1BXLn3X9WYu9tpUyOq/ZGQU6BFcMp+DuFyXE4oCHCFbL2H7Ci5iKUfZV9w/IAcwexDL6XqXkrFJzqWenkY/oJaBaNHg4G+idDCEgkQHxPjVopXVj6Pgpr57YZGzbMP9IxNSg+GoJYfRBDwMWHpt7UcSDpfKCfE/n7NBnLTkFZ8eZ7aP0hIVkvB8X5KgMqNzjdrZAjxir/BWw2WR+7rJfeXylKUmoWOgpfs+W5F9nEPDrbZauH2SX4U1XI0M8RrGeym8wLJtew6qyHlLjsBiU/GpdBnnAnhc79qGJH9sVyyFscTZiPiq/I886xMVO8VVKOxp6LlGg0egQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d0y1kIf8KBf57b2XpBZNhurOMT6fHV7ILmXJv2NegUjxBElUtGdp9GFF9MlBbhFUociMYMIg64eXP8h1gikOL3WPSJayrL38IAfltoqX6JnF7CIJnaAkjbqxsNeCNdYq34rG3drUrTeQnwK7HRfiqkg3MHCc26k3isVd8dMrNLZud5hj/TBQvni9uXz9IuRt722Du7ldgVk7DSuph5IJXGe/jEO267A9MA7jz+Mxd/ZVADsqVx6vwRwpEzlZDkjoxhktoCyZcbJBDUbD3ZgJXOq6uflC30sr3H6inWRw2KfdrG5C3ZKM7k80/25Ml2fOV1oXbtVuqXX0w3hmjESpOQ==
  • Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Bjoern Doebel <doebel@xxxxxxxxx>, Michael Kurth <mku@xxxxxxxxx>, "Martin Pohlack" <mpohlack@xxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 08 Mar 2022 16:15:50 +0000
  • Ironport-data: A9a23:sq99GqlMKBdGOVg3WgGxUtXo5gxQJkRdPkR7XQ2eYbSJt1+Wr1Gzt xIdDziBM63eNmegKYxybY7kpktXupbSzodqQAc/q3gyFiMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BCpC48T8kk/vgqoPUUIYoAAgoLeNfYHpn2EoLd9IR2NYy24DiW1PV4 7senuWEULOb828sWo4rw/rrRCNH5JwebxtB4zTSzdgS1LPvvyF94KA3fMldHFOhKmVgJcaoR v6r8V2M1jixEyHBqD+Suu2TnkUiGtY+NOUV45Zcc/DKbhNq/kTe3kunXRa1hIg+ZzihxrhMJ NtxWZOYUwVxAIn9pc8hfT5XAR85LYt35rvdGC3q2SCT5xWun3rExvxvCAc9PJEC+/YxCmZLn RAaAGlTNFbZ3bvwme/lDLk37iggBJCD0Ic3oHZvwCufFf87aZvCX7/L9ZlT2zJYasVmQ6iHP ZNDNGAHgBLofhwVGnM0WJkCs8yjgUPlcRoBkF7OnP9ii4TU5FMoi+W8WDbPQfSPXcJVmk+Tp UrP+m3rBRdcONH34TmC9GiliqnQnCf4cIUIHba8+7hhh1j77nweDlgaWEW2pdG9i1WiQJRPJ koM4C0soKMuskuxQbHVXRe1vXqFtR40QMdLHqsx7wTl4qbT7gyUAkANSzdTb9pguMJebTkpy 3eAmtr7AjopvLD9dJ6G3u7K93XoY3FTdDJcI39fJecY3zX9iJsx1izrf+tILICSgc/LXiHW8 i6OthFr0t3/kvU3/6m8+FnGhRelqZ7IUhM5623rY4610u9qTNX7PtL1sDA3+d4Fdd/EFQfZ4 BDojuDDtLhmMH2bqMCarAzh9pmN7u3NDjDTiEUH83IJp2X0oC7LkWy9DVhDyKZV3iQsJGeBj Kz741o5CHpv0J2CN/cfj2WZUZhC8EQYPY65Ps04l/IXCnSLSCeJ/Tt1eWmb1H33nU4nnMkXY MnHL5jzXStBUPQ6l1JaotvxN5dxnUjSIkuJGfjGI+mPi+LCNBZ5t59fWLdxUgzJxPzd+1iEm zquH8CL1w9eQIXDjtr/quYuwaQxBSFjX/je8pUPHsbae1YOMDxxWpf5nOJ6E6Q4zvs9qws91 izkMqOu4AGk3iOvxMTjQi0LVY4Dqr4j9SJrZ3J9Zw30s5XhCK72hJoim1IMVeBP3MRozOJuT ulDfMOFA/9VTS/A9ShbZp74xLGOvjzw7e5SF0JJuAQCQqM=
  • Ironport-hdrordr: A9a23:BzpC9ao46gnv+wCOhccNNm0aV5oDeYIsimQD101hICG9E/bo9f xG+c5x6faaslsssR0b9exoQZPwOk80rKQFmbX5Xo3SPzUO2lHIEGgK1+KLqQEIfReQygc378 ddmsZFZuEYQmIK6foSpDPIderJ/bG8gcWVbdi39QYVcelJA5sQiDtENg==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Tue, Mar 08, 2022 at 04:45:34PM +0100, Jan Beulich wrote:
> On 08.03.2022 16:36, Bjoern Doebel wrote:
> > --- a/xen/arch/x86/livepatch.c
> > +++ b/xen/arch/x86/livepatch.c
> > @@ -339,7 +339,7 @@ int arch_livepatch_perform_rela(struct livepatch_elf 
> > *elf,
> >  
> >              val -= (uint64_t)dest;
> >              *(int32_t *)dest = val;
> 
> Afaict after this assignment ...
> 
> > -            if ( (int64_t)val != *(int32_t *)dest )
> > +            if ( (int32_t)val != *(int32_t *)dest )
> 
> ... this condition can never be false. The cast really wants to be
> to int64_t, and the overflow you saw being reported is quite likely
> for a different reason. But from the sole message you did quote
> it's not really possible to figure what else is wrong.

It seems Linux has that check ifdef'ed [0], but there's no reference
as to why it's that way (I've tracked it back to the x86-64 import on
the historical tree, f3081f5b66a06175ff2dabfe885a53fb04e71076).

It's a 64bit relocation using a 32bit value, but it's unclear to me
that modifying the top 32bits is not allowed/intended.

Regards, Roger.

[0] https://elixir.bootlin.com/linux/latest/source/arch/x86/kernel/module.c#L190

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.