Xen project Mailing List

Re: [PATCH 4/4] livepatch: differentiate between old and new build systems

To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Fri, 11 Mar 2022 09:33:15 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dFdPvFcnYw6R7oQmRklyRYsTI4psmQhNZc4Km6yVZKE=; b=XomWG/kmYxrcX2P42ThQeZgmCsAHpBG+HPWyYrAhWnrOcW9X2LBE8ZbS9Wu734WO4sT9I5QDJwPx/zjIN9gbzEHSmGMLNuMvr4SBd6kX0oaVrlRxnzopjYux9jq7cLn7WPJrp/qbnFPu+dFza1YJAgAFl+3slmyPfrsjYF4uq/yVOPkrqWnXzgbEu3bvgzQW8ynKTrP+cL9kIW+a2GPpQv6tmzJtMUNENA9pwHBC+NJ2yJ4pWrIktqzj/4gqAb9s/dVA8lODL1wL45SBeBRM7JCrW4KofgLoYzD7ouZqXNvGEKtOn3DVBqEPSZSWZ32AKBlkz3ibpozU4kBSSJ9kDg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O12V8bs2RLrOKv/F0eUMltk5acC/0/jsqJU5ObKZqpCOoELpxmF4UsLyxeq3vt5+Q4LDvFuZMh/arM93XiO3l0V8zKZy5cN+h03iiZflL7lH0Ve0fw1Y8V3vivCN84f2by42O2/gRY5S4M06CW0AerXlw5ubddtJ+zJE045QcaPuPXPkrvYNpxCkB6RubeJ7sWzC8sMy/VGSfeOEjVy5B/WBfnjDo2MrAERjqVwFCdnXh/vLvUs4bFh4MgaHU1JqH5GjBvxSVVNtdq2TXvleaY+nLUrXaZWbQAq6wc9erZ/milE/MIAWSdhXMgY07q9aV9jSBtPxjNF8RtSMS+0Rlg==

Authentication-results: esa4.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, "konrad.wilk@xxxxxxxxxx" <konrad.wilk@xxxxxxxxxx>, "doebel@xxxxxxxxx" <doebel@xxxxxxxxx>, "julien@xxxxxxx" <julien@xxxxxxx>

Delivery-date: Fri, 11 Mar 2022 08:33:33 +0000

Ironport-data: A9a23:d9lZYa/O7nxz51KXQ12JDrUDq36TJUtcMsCJ2f8bNWPcYEJGY0x3m 2YZUTyOOPyJYmCneYh1OYy3oRsDvJbcz9BlGgdk+Hg8E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si+Fa+Sn9T8mvU2xbuKU5NTsY0idfic5DnZ54f5fs7Rh2NQw2oHgW1rlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnZ+fYxgLNermocIEVjxUVCtVM6l/8rCSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFJkYtXx6iynQEN4tQIzZQrWM7thdtNs1rp4eRquGP 5dBAdZpRB3MM0dJKHsnNKs3tv+wunfgKQ8AjV3A8MLb5ECMlVcsgdABKuH9dtuHT8hRtk+dr 3DB+SL1D3kyNsGbyDeD2mKhgKnIhyyTcJIfEvi0++BnhHWXx3cPE1sGWF2ju/67h0WiHdVFJ CQ8+S0ot6E+slOqStrVWAexq3qJ+BUbXrJt//YSsV/XjPCOukDAWzZCHmUphMEaWNEeRhMAy X2C2PnQIyVqlbHSQ1mT8o6eombnUcQKFlMqaSgBRAoDxtDspoAvkx7CJupe/L6JYs7dQm+pn W3TxMQqr/BK1JNQif3nlbzSq2/0/vD0ohgJChI7t45Pxidwf8abaoOh8jA3Bt4Qfd/CHjFtU JXp8vVyDdzi77nRxURho81XRdlFAspp1hWF0DaD+LF7q1yQF4aLJ9w43d2HDB4B3jw4UTHoe lTPngha+YVeOnCnBYcuPd7vWp91kvi4TY27PhwxUjaoSsEgHONg1HszDXN8Iki3yBR8+U3BE cvznTmQ4YYyVv08kWveqxY12r433CEurV4/trigpylLJYG2PSbPIZ9caQPmRrlgsMus/VWEm /4CZpDi40gOD4XDjtz/rNd7waYidiNgW/gbaqV/K4a+H+aRMDp4WqGLnu95JdANcmY8vr6gw 0xRk3RwkTLXrXbGNR+LejZkbrbuVox4tnU1IWonOlPA5pTpSdrHAHs3H3fvQYQayQ==

Ironport-hdrordr: A9a23:iYVlrKgM1DBms2XGQwqGYCuornBQXkQji2hC6mlwRA09TyXBrb HXoBwavSWUtN9jYgBapTnmAtj/fZq8z+8L3WB/B8bFYOCLggSVxeJZnPrfKl/balTDH4dmvM 8KGcUTNDSaNzhHZLPBkWuF+qEbsbq6Gc6T69v2/jNGRQRua6Zv0gt9Bh+bFEp7YxVDDpYjfa Dsg/Zvln6OcWUxcsCxCmIiUNHKqdHQ/aiWBiLuTCRXkjVmxQnYlYLSIlym2BcVXxdC260r/2 Tpjxfw+6WktJiAu3vhPkHonuhrpOc=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Mar 10, 2022 at 06:01:48PM +0000, Andrew Cooper wrote: > On 08/03/2022 14:52, Roger Pau Monne wrote: > > On Tue, Mar 08, 2022 at 02:38:47PM +0000, Andrew Cooper wrote: > >> On 02/03/2022 14:27, Roger Pau Monne wrote: > >>> diff --git a/livepatch-build b/livepatch-build > >>> index 38a92be..656cdac 100755 > >>> --- a/livepatch-build > >>> +++ b/livepatch-build > >>> @@ -98,14 +98,20 @@ function build_special() > >>> > >>> # Build with special GCC flags > >>> cd "${SRCDIR}/xen" || die > >>> - sed -i 's/CFLAGS += -nostdinc/CFLAGS += -nostdinc > >>> -ffunction-sections -fdata-sections/' Rules.mk > >>> - cp -p arch/x86/Makefile arch/x86/Makefile.bak > >>> - sed -i 's/--section-alignment=0x200000/--section-alignment=0x1000/' > >>> arch/x86/Makefile > >>> - # Restore timestamps to prevent spurious rebuilding > >>> - touch --reference=arch/x86/Makefile.bak arch/x86/Makefile > >>> - make "-j$CPUS" $XEN_DEBUG &> "${OUTPUT}/build_${name}_compile.log" > >>> || die > >>> - sed -i 's/CFLAGS += -nostdinc -ffunction-sections > >>> -fdata-sections/CFLAGS += -nostdinc/' Rules.mk > >>> - mv -f arch/x86/Makefile.bak arch/x86/Makefile > >>> + if grep -q 'nostdinc' Rules.mk; then > >>> + # Support for old build system, attempt to set > >>> -f{function,data}-sections and rebuild > >>> + sed -i 's/CFLAGS += -nostdinc/CFLAGS += -nostdinc > >>> -ffunction-sections -fdata-sections/' Rules.mk > >>> + cp -p arch/x86/Makefile arch/x86/Makefile.bak > >>> + sed -i > >>> 's/--section-alignment=0x200000/--section-alignment=0x1000/' > >>> arch/x86/Makefile > >>> + # Restore timestamps to prevent spurious rebuilding > >>> + touch --reference=arch/x86/Makefile.bak arch/x86/Makefile > >>> + make "-j$CPUS" $XEN_DEBUG &> > >>> "${OUTPUT}/build_${name}_compile.log" || die > >>> + sed -i 's/CFLAGS += -nostdinc -ffunction-sections > >>> -fdata-sections/CFLAGS += -nostdinc/' Rules.mk > >>> + mv -f arch/x86/Makefile.bak arch/x86/Makefile > >>> + else > >>> + # -f{function,data}-sections set by CONFIG_LIVEPATCH > >>> + make "-j$CPUS" $XEN_DEBUG &> > >>> "${OUTPUT}/build_${name}_compile.log" || die > >>> + fi > >> This really ought to be the other way around, by spotting the thing we > >> know is good, and then falling back to the heuristics. In light of the > >> updates to the Xen side, something like: > > I'm not sure I agree. I do prefer to spot the 'bad' one, and just > > fallback to expecting Xen to correctly set -f{function,data}-sections > > otherwise. > > > >> if grep -q CC_SPLIT_SECTIONS Kconfig; then > > Because this logic ties us to not moving CC_SPLIT_SECTIONS from being > > defined in xen/Kconfig (or even changing it's name), and gain ties the > > livepatch tools to internal details about the Xen build system. > > It doesn't particularly matter which way around the if/else is. It does > matter that we're choosing based on something relevant. > > nostdinc in Rules.mk has exactly the same amount of "magic string in > magic file" as CC_SPLIT_SECTIONS in Kconfig, but has absolutely nothing > to do with the property we actually care about. > > Really what you actually want is > > if grep -q CC_SPLIT_SECTIONS Kconfig; then > # Xen behaves sensibly > elif grep -q 'nostdinc' Rules.mk; then > # Legacy mess with Rules.mk > else > die "Help with build system divination" > fi > > The "behaves sensibly" case is unlikely to change name and unlikely to > move locations, but each are easy to cope with via `grep -e FOO -e BAR > file1 file2`, and this approach avoids the problem of blindly (and > falsely) assuming that anything which is 4.14 and later splits sections > correctly, and that this will remain true even when someone adds "# use > to have -nostdinc here" to Rules.mk. TBH, I don't find the proposed solution is much better to what's in this patch, and as said I really dislike tying the behavior of the livepatch build tools to heuristics against Xen internal build files - be it a Kconfig or a Makefile. Specially because your proposed approach adds heuristics to detect the 'good' case which should be the default one going forward. A better option might be to just make the 'build adjustments' a command line option that the user can pass to the tools, ie: --build-adjust and let the user decide whether it needs the adjustments or not. If I was a livepatch user myself I would seriously consider picking the linker script changes and backport that to my production version. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.