[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3] livepatch: account for patch offset when applying NOP patch


  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 31 Mar 2022 10:42:15 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Hg+QikVvGA78nenuqUw7zHf6Ghwa8wX98L1tevmyRyE=; b=VbxG5vF3JGvAcgmihI18EedemxlJwm+AZk5T6H2TKUPUjGZSHHqOF4PiNabU5SpSkPC5L9me0YxJ6Wj0BGFf0mwO3b3iXSTQUcigN279MtCDhp/mAKYd+Hong28xTTMB+ZZDIwu+1D/veywPZd1Vd7jAHr/tWv3f74IyjIJyx10R/yvaUUqMsDVV1HmwkHrUtkPXjYMPTa/+PzPkbcgP1DMzBFYTNCnErWnoJrNWp0cUjH7dXrKy6C1qcFMG05oqOkr9GStrj6F09RgsRAYBSb2cgpWnsaC2dzBLxSMalmG3UxNF8GIxPyVl+Bs11aR7EQ8jDHFnAEts7tuYE/0trw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BR0DaytymPK50G9woauW7o3WsYTe9Um2bz94bmTHnY0jYLyzhdki3TtIWNme0431RoHq4miJzOlIwXiuZRgURmpmbSnCtAOozWLSU5jDz9Lpu9TkoACCAHcOBqsGfI6ZEqF3eI6JHi8fdKjclXuRtx43YkhwCn8WWUNvVdwW95WRK/76L0oM6Q+LOfZ0H9o/fC0LEq38YCH6ZlkU/MUlDWvJq5XDAVoFOTfaXlv0s5pK95KqtTWvdzfV13ykaAEwS5rhAakqg3Tne3RMT04Hmg8Kx9Z94f4qFU3llRqgBJxV1y3FrcyLP2yYRq5zYwhwmeW7u25SZ7wFHQxbRThvaQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>
  • Delivery-date: Thu, 31 Mar 2022 08:42:29 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 31.03.2022 10:21, Roger Pau Monné wrote:
> On Thu, Mar 31, 2022 at 08:49:46AM +0200, Jan Beulich wrote:
>> While not triggered by the trivial xen_nop in-tree patch on
>> staging/master, that patch exposes a problem on the stable trees, where
>> all functions have ENDBR inserted. When NOP-ing out a range, we need to
>> account for this. Handle this right in livepatch_insn_len().
>>
>> This requires livepatch_insn_len() to be called _after_ ->patch_offset
>> was set.
>>
>> Fixes: 6974c75180f1 ("xen/x86: Livepatch: support patching CET-enhanced 
>> functions")
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> 
> Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Thanks.

As a note to the livepatch maintainers: I'm going to put this in
without further waiting for suitable acks. Just in case I'll put
it on the 4.16 branch only for starters, to see that it actually
helps there (it's unusual to put something on the stable
branches before it having passed the push gate to master).

> Albeit I don't think I understand how the in-place patching is done. I
> would expect the !func->new_addr branch of the if in
> arch_livepatch_apply to fill the insn buffer with the in-place
> replacement instructions, but I only see the buffer getting filled
> with nops. I'm likely missing something (not that this patch changes
> any of this).

Well, as per the v2 thread: There's no in-place patching except
to NOP out certain insns.

> I'm also having trouble figuring out how we assert that the len value
> (which is derived from new_size if !new_addr) is not greater than
> LIVEPATCH_OPAQUE_SIZE, which is the limit of the insn buffer. Maybe
> that's already checked elsewhere.

That's what my 3rd post-commit-message remark was (partly) about.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.