[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET-enhanced functions

  • To: Bjoern Doebel <doebel@xxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Wed, 9 Mar 2022 16:14:05 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yrpNBLGYU93k46NxfhdHcGQjmVPUW8QJexOIfYOXk4M=; b=VuKeDVVWfcaUt/sXm/hmApSzLVruVwmZPUWk+AE14H1GapcEd+Po9QqwbdFwvWk0jy/arBIPgJE1lqO0POGitlVadFMGSNwu+FuEuSlt1aUSlMsqb71wD+IXFFYt01kayC71rS3G49MNAHM71pFN/9s9x74L52h64V5t5WTFg8UeRtjCq/weYrrdkY9U1UkwbXaHv8WJ2JDW4xjLbnX/M7xINbloAjasts62XH3J1cdCVFQvyLmNvebFHFs/8IypFOGfK0Ais9LjUk0EvvrND5fhbnoPSd7WkdAeVGiGAbdiYD/r0QByl+cipE/yGpvH9Kkj6Da23ILGTBNj3I9d2g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k6WCpm/08k/HAuddhcBSjNaUxTP+d4uIQ7KUoLP5lPvlSxX0oayjLWC8h8NJeG0VpRnUl241Y8qED3Vi04C1r0dPRExfgVcipwUICay0MUq/9W6KhW2BEbT5S0DWwOBdYqOAQU70FWHPnT4Ezf7SGwTl8I3dOUPKD+vVrvfLxn8kwToxmyR/7wZ23CfNZb19wgiIC3DDXQ8/fU+n9r20GO664L6+Qjyy5ECb5F2vqvxfKOkN4iCjE/9aFTM7A1G3Hg5FXhRJh+YjxRY+w2hR3vGbvsPqjmnPzcR94fGPRPp9DMuWnzQj1wDeRyCa8+tHW1BuzKXfvLlyWlkO3s2Veg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Michael Kurth <mku@xxxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Wed, 09 Mar 2022 15:14:20 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 09.03.2022 15:53, Bjoern Doebel wrote:
> Changes since r1:
> * use sizeof_field() to avoid unused variable warning
> * make metadata variable const in arch_livepatch_revert
> * rebase on top and make use of Andrew Cooper's was_endbr64() patch
> * use padding byte to store offset rather than reducing opaque area

You seem to accumulate things here, thus making it impossible to spot
what was changed from the previous version. Retaining all changes
information is helpful, but it wants splitting up suitably.

It would also have been helpful if you had mentioned the 2nd
was_endbr64() that has appeared now.

I'm glad to see the casts are gone now, thanks.

> @@ -114,8 +115,21 @@ int arch_livepatch_verify_func(const struct 
> livepatch_func *func)
>          if ( func->old_size < func->new_size )
>              return -EINVAL;
>      }
> -    else if ( func->old_size < ARCH_PATCH_INSN_SIZE )
> -        return -EINVAL;
> +    else
> +    {
> +        /*
> +         * Space needed now depends on whether the target function
> +         * start{s,ed} with an ENDBR64 instruction.
> +         */
> +        uint8_t needed;
> +
> +        needed = ARCH_PATCH_INSN_SIZE;

Surely this can be the initializer of the variable?

> @@ -130,12 +144,24 @@ void noinline arch_livepatch_apply(struct 
> livepatch_func *func)
>      uint8_t insn[sizeof(func->opaque)];
>      unsigned int len;
>  
> +    func->patch_offset = 0;
>      old_ptr = func->old_addr;
>      len = livepatch_insn_len(func);
>      if ( !len )
>          return;
>  
> -    memcpy(func->opaque, old_ptr, len);
> +    /*
> +    * CET hotpatching support: We may have functions starting with an ENDBR64
> +    * instruction that MUST remain the first instruction of the function, 
> hence
> +    * we need to move any hotpatch trampoline further into the function. For 
> that
> +    * we need to keep track of the patching offset used for any loaded 
> hotpatch
> +    * (to avoid racing against other fixups adding/removing ENDBR64 or 
> similar
> +    * instructions).
> +    */

Bad indentation of all but the first line of this comment. Also the
middle on of the lines is too long.

> +    if ( is_endbr64(old_ptr)  || was_endbr64(func->old_addr) )

Stray double blank in the middle.

> @@ -143,14 +169,15 @@ void noinline arch_livepatch_apply(struct 
> livepatch_func *func)
>          BUILD_BUG_ON(ARCH_PATCH_INSN_SIZE != (1 + sizeof(val)));
>  
>          insn[0] = 0xe9; /* Relative jump. */
> -        val = func->new_addr - func->old_addr - ARCH_PATCH_INSN_SIZE;
> +        val = func->new_addr - (func->old_addr + func->patch_offset
> +                                + ARCH_PATCH_INSN_SIZE);

Nit: On split lines the operator still goes on the previous line. (We
often make an exception for ?:, but not normally anything else.)

> @@ -159,7 +186,7 @@ void noinline arch_livepatch_apply(struct livepatch_func 
> *func)
>   */
>  void noinline arch_livepatch_revert(const struct livepatch_func *func)
>  {
> -    memcpy(func->old_addr, func->opaque, livepatch_insn_len(func));
> +    memcpy(func->old_addr + func->patch_offset, func->opaque, 
> livepatch_insn_len(func));

This line is now too long.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.