[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] livepatch: account for patch offset when applying NOP patch

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Wed, 30 Mar 2022 17:02:48 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uUnXY73EYVNDaYl1Mer9X/OrVGcW39M+NuQd5rvKIIc=; b=noh4/otdLSPYOiIZ8vxWOz3IvQHwZ+38YPyFO7RPrBJ/TtiblxRatzpkNrMDb/Hv6cW9+GRUXdsBt3UWxKeL9IKw0Ip0muhWB41u4+pJFOqI0/kXMV566IJCYEjmAZNrnXHdL5iRmYuebffZD59akuqjaTgaPdiR5ohTPMHPx4wbqXomW4wTPf2HPRkeqTPia9nzsb/weeRsta++cpznaCXgr+Zg9MnFhbICxrWK6MgO3N/D0dCfVBij3dRjO4aIT+yi3GXRmvvFB0pZnBuoKjeF97rPmxUGWFVdiNffBfyGNNJeqVX7rHg2Qhc12EUbbMSEw0TYwrbF6ffTbxszVg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VownB+9By3ImLo70W5dHhdAt7cY65nE47m7bfH+JvVb8zgtiDrNErkDVd+a7liCfmDXLuC+ejBW8gDbZHHTuhClSByjYoFdM18LxYNPz9FHiJebiNJqE0FZQcIl7ZREMVNbSPo/1t74N/yN+c5ZFgD9Wo2KQeJ69sBh5cm400XyHSFn9+WHxwH8UGV1JLc+e8T2e2mAqM2pHimei2wg0WUvKvtZ3y+LX7A+ejS8pAn3MKHuvQdJ2oSFuW5fB/szlg/qdEFACF/dlxG4rwOu+jKP7Zfp58rPB1WtpMvliw1Nr7bgXyFMQLzG7/PQR6lMyPR/eZhtSxTnCsx4kntLDLA==
  • Authentication-results: esa4.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Ross Lagerwall" <ross.lagerwall@xxxxxxxxxx>, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, "Bjoern Doebel" <doebel@xxxxxxxxx>
  • Delivery-date: Wed, 30 Mar 2022 15:03:03 +0000
  • Ironport-data: A9a23:WjELl60BVndBEC6bjPbD5e1xkn2cJEfYwER7XKvMYLTBsI5bpzYHz zcYWz3XMveCa2bxLot1b4S18EoOup7dyt8wTgtspC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7xdOCn9xGQ7InQLlbGILes1htZGEk1EE/NtTo5w7Rj2tUz2YDja++wk YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx /1q5Zm7ER8ENJfOu/giXQZXEDskMYh/reqvzXiX6aR/zmXDenrohf5vEFs3LcsT/eMf7WNmr KJCbmpXN1ba2rzwkOnTpupE36zPKOHxO4wSoDd4xCzxBvc6W5HTBa7N4Le02R9u15ESQqyHO aL1bxJvfRHNOwIREG46VrJgm6C3nnnTamVx/Qf9Sa0fvDGIkV0ZPKLWGMXRUsyHQ4NShEnwj m7B8m70BjkTMdWNzjzD/n/EruzImznyVMQNFbm73vlwiVaXyyoYDxh+fVmxrOS9i0W+c8lCM EFS8S0rxYAi+UruQtTjUhmQpH+fogVaS9dWC/c96gyG1uzT+QnxO4QfZmcfMpp87pZwHGF0k A/S9z/0OdBxmJrFTHnF7pqelzGRJRcbMmABf3UIaDJQtrEPv7oPph7IS99iFou8gdv0BSz8z li2kcQuu1kApZVVjvvmpDgrlxrp/8GUFVBtum07S0r/tmtEiJiZi5tEALQxxdJJN86nQ1aIp xDocODOvblVXflheMFgKdjh/Y1FBd7YaFUwYnY1RvHNEghBHVb5J+i8BxkkeS9U3j4sI2OBX aMqkVo5CGVvFHWrd7RrRIm6Ft4ny6Ptffy8CKyEM4oUO8IpLlfblM2LWaJ29zq3+KTLuftiU ap3jO72VSpKYUiZ5GTeqxghPU8DmXllmDK7qWHTxBW7y7uODEN5up9eWGZimtsRtfveyC2Mq o43H5LTl313Db2vCgGKoNV7BQ1bchAG6WXe9pU/mhireVE9RgnMypb5nNscRmCSt/kMzr6Tp CDkACe1CjPX3BX6FOlDUVg6AJvHVpdjt3MreysqOFejwX84ZoizqqwYcvMKkXMPqISPEdYco yE5Rvi9
  • Ironport-hdrordr: A9a23:8dAnmasFNAqwpyTSNmqbsRnx7skCkoMji2hC6mlwRA09TyXGra 6TdaUguiMc1gx8ZJhBo7C90KnpewK7yXdQ2/htAV7EZnibhILIFvAZ0WKG+Vzd8kLFh4tgPM tbAsxD4ZjLfCdHZKXBkXmF+rQbsaG6GcmT7I+0pRodLnAJV0gj1XYDNu/yKDwGeOAsP+tBKH Pz3Lshm9L2Ek5nEPhTS0N1FNTrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S yd+jaJq5mLgrWe8FvxxmXT55NZlJ/IzcZCPtWFjowwJi/3ggilSYx9U/mpvSwzosuo9FE2+e O86SsIDoBW0Tf8b2u1qRzi103J1ysv0WbrzRuijX7qsaXCNUQHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5vDTPisa2HackD4Hq6o+nnZfWYwRZPt6tooE5n5YF58GAWbT9J0nKu 9zF8vRjcwmPm9yV0qp/lWH/ebcHUjaRny9Mwo/U42uonRrdUlCvgolLJd1pAZEyHo/I6M0kN gsfJ4Y0I2mdfVmH56VNN1xMvdfNVa9NC4kEFjiaGgPR5t3c04klfbMkcEIDaeRCds18Kc=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Wed, Mar 30, 2022 at 04:55:52PM +0200, Jan Beulich wrote:
> On 30.03.2022 16:19, Roger Pau Monné wrote:
> > On Wed, Mar 30, 2022 at 01:05:31PM +0200, Jan Beulich wrote:
> >> While not triggered by the trivial xen_nop in-tree patch on
> >> staging/master, that patch exposes a problem on the stable trees, where
> >> all functions have ENDBR inserted. When NOP-ing out a range, we need to
> >> account for this. Handle this right in livepatch_insn_len().
> >>
> >> This requires livepatch_insn_len() to be called _after_ ->patch_offset
> >> was set. Note however that the earlier call cannot be deleted. In fact
> >> its result should have been used to guard the is_endbr64() /
> >> is_endbr64_poison() invocations - add the missing check now. While
> >> making that adjustment, also use the local variable "old_ptr"
> >> consistently.
> >>
> >> Fixes: 6974c75180f1 ("xen/x86: Livepatch: support patching CET-enhanced 
> >> functions")
> > 
> > I have to admit I'm confused as to why that commit carries a Tested-by
> > from Arm.  Did Arm test the commit on x86 hardware?  Because that
> > commit only touches x86 specific code.
> 
> ;-)
> 
> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> > 
> > FWIW, on the original implementation, I think it would have been
> > clearer to advance old_ptr and adjust the length?
> 
> In my 1st attempt I had confined the change to the x86 file, but it
> didn't feel right that I then also had to adjust arch_livepatch_revert().
> 
> >> ---
> >> v2: Re-issue livepatch_insn_len(). Fix buffer overrun.
> >> ---
> >> Only build tested, as I don't have a live patching environment available.
> >>
> >> For Arm this assumes that the patch_offset field starts out as zero; I
> >> think we can make such an assumption, yet otoh on x86 explicit
> >> initialization was added by the cited commit.
> 
> Note how this already deals with ...
> 
> >> --- a/xen/include/xen/livepatch.h
> >> +++ b/xen/include/xen/livepatch.h
> >> @@ -90,7 +90,7 @@ static inline
> >>  unsigned int livepatch_insn_len(const struct livepatch_func *func)
> >>  {
> >>      if ( !func->new_addr )
> >> -        return func->new_size;
> >> +        return func->new_size - func->patch_offset;
> > 
> > Seeing as func->patch_offset is explicitly initialized in
> > arch_livepatch_apply for x86, do we also need to do the same on Arm
> > now that the field will be used by common code?
> > 
> > Maybe the initialization done in arch_livepatch_apply for x86 is not
> > strictly required.
> 
> ... your remark. I'd prefer if I could get away without touching Arm
> code. Hence if such initialization was needed, I think it ought to
> live in common code. If this was a requirement here, I would perhaps
> add a prereq patch doing the movement. My preference though would be
> for that to be a follow-on, unless there's an actual reason why the
> initialization has to happen; personally I think it ought to be a
> requirement on patch building that this (and perhaps other) fields
> start out as zero. I therefore view the initialization on x86 as a
> guard against the patch getting applied a 2nd time. Yet of course it
> would then also have helped (not anymore after this change) to use
> = instead of += when updating ->patch_offset.

Sorry, I didn't realize about your post-commit note. In which case:

Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.