[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v6 2/6] livepatch: Add limit of 2MB to payload .bss sections.

To: xen-devel@xxxxxxxxxxxxxxxxxxxx, konrad@xxxxxxxxxx, ross.lagerwall@xxxxxxxxxx, andrew.cooper3@xxxxxxxxxx
From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Date: Fri, 16 Sep 2016 11:29:10 -0400
Cc: Jan Beulich <jbeulich@xxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Delivery-date: Fri, 16 Sep 2016 15:29:40 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
"xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
size of the binary at 2MB. We follow that in capping the size
of the .BSSes to be at maximum 2MB.

Reviewed-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
---
Cc: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Cc: Jan Beulich <jbeulich@xxxxxxxx>

v5: Initial submission. Came about from conversation about
    "livepatch: Clear .bss when payload is reverted"
   - Use only one sh_flags comparison instead of two.
   - And check for the _right_ combination (WA).
v6: Remove the logging
    Move the MB(2) to a #define in the header file.
    Add the newline after the addition in livepatch_elf.c.
    Added Reviewed-by from Ross.
---
 xen/common/livepatch_elf.c  | 4 ++++
 xen/include/xen/livepatch.h | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index cda9b27..79c290e 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, 
const void *data)
                     delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past 
end");
             return -EINVAL;
         }
+        else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
+                  sec[i].sec->sh_type == SHT_NOBITS &&
+                  sec[i].sec->sh_size > BSS_MAX_SIZE )
+            return -EINVAL;
 
         sec[i].data = data + delta;
         /* Name is populated in elf_resolve_section_names. */
diff --git a/xen/include/xen/livepatch.h b/xen/include/xen/livepatch.h
index 243e240..46b9fc2 100644
--- a/xen/include/xen/livepatch.h
+++ b/xen/include/xen/livepatch.h
@@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
 #define ELF_LIVEPATCH_FUNC    ".livepatch.funcs"
 #define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
 #define ELF_BUILD_ID_NOTE      ".note.gnu.build-id"
+/* Arbitrary limit. */
+#define BSS_MAX_SIZE            MB(2)
 
 struct livepatch_symbol {
     const char *name;
-- 
2.5.5


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v6 2/6] livepatch: Add limit of 2MB to payload .bss sections.
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH v6] Livepatch fixes and general features for Xen4.8.
  - From: Konrad Rzeszutek Wilk

Prev by Date: [Xen-devel] [PATCH v6 1/6] livepatch: Disallow applying after an revert
Next by Date: [Xen-devel] [PATCH v6 6/6] livepatch/tests: Move the .name value to .rodata
Previous by thread: Re: [Xen-devel] [PATCH v6 1/6] livepatch: Disallow applying after an revert
Next by thread: Re: [Xen-devel] [PATCH v6 2/6] livepatch: Add limit of 2MB to payload .bss sections.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.