Xen project Mailing List

[PATCH v2 1/5] x86/livepatch: set function alignment to ensure minimal function size

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Tue, 28 Nov 2023 11:03:48 +0100

Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>

Delivery-date: Tue, 28 Nov 2023 10:04:08 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

The minimal function size requirements for livepatch are either 5 bytes (for jmp) or 9 bytes (for endbr + jmp). Ensure that functions are always at least that size by requesting the compiled to align the functions to 8 or 16 bytes, depending on whether Xen is build with IBT support. Note that it's possible for the compiler to end up using a higher function alignment regardless of the passed value, so this change just make sure that the minimum required for livepatch to work is present. Since the option (-falign-functions) is supported by both minimal required compiler versions of clang and gcc there's no need to add a test to check for its presence. The alignment is currently only implemented for livepatch on x86, I'm unsure whether ARM has a mandatory function alignment high enough to cover for the space required by the replacement instruction(s). Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> --- Changes since v1: - New in this version. --- xen/arch/x86/Kconfig | 6 ++++++ xen/arch/x86/Makefile | 2 ++ xen/arch/x86/livepatch.c | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig index 1acdffc51c22..612a4acf079b 100644 --- a/xen/arch/x86/Kconfig +++ b/xen/arch/x86/Kconfig @@ -47,6 +47,12 @@ config HAS_CC_CET_IBT # Retpoline check to work around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93654 def_bool $(cc-option,-fcf-protection=branch -mmanual-endbr -mindirect-branch=thunk-extern) && $(as-instr,endbr64) +# Set function alignment to ensure enough padding available +config CC_FUNCTION_ALIGNMENT + int + default 16 if LIVEPATCH && XEN_IBT + default 8 if LIVEPATCH + menu "Architecture Features" source "arch/Kconfig" diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile index f3abdf9cd111..f629157086d0 100644 --- a/xen/arch/x86/Makefile +++ b/xen/arch/x86/Makefile @@ -82,6 +82,8 @@ obj-$(CONFIG_COMPAT) += x86_64/platform_hypercall.o obj-y += sysctl.o endif +CFLAGS-$(CONFIG_LIVEPATCH) += -falign-functions=$(CONFIG_CC_FUNCTION_ALIGNMENT) + extra-y += asm-macros.i extra-y += xen.lds diff --git a/xen/arch/x86/livepatch.c b/xen/arch/x86/livepatch.c index ee539f001b73..4a6ba09e0ec5 100644 --- a/xen/arch/x86/livepatch.c +++ b/xen/arch/x86/livepatch.c @@ -109,6 +109,10 @@ int arch_livepatch_verify_func(const struct livepatch_func *func) */ uint8_t needed = ARCH_PATCH_INSN_SIZE; + BUILD_BUG_ON(ARCH_PATCH_INSN_SIZE + + (IS_ENABLED(CONIFG_XEN_IBT) ? ENDBR64_LEN : 0) > + CONFIG_CC_FUNCTION_ALIGNMENT); + if ( is_endbr64(func->old_addr) || is_endbr64_poison(func->old_addr) ) needed += ENDBR64_LEN; -- 2.43.0

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.