Xen project Mailing List

Re: [PATCH v2] livepatch: account for patch offset when applying NOP patch

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Thu, 31 Mar 2022 10:01:01 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FXUm0VfgaPvBqvudQYhLxa+evzl/IKxgQ7j114KUJM8=; b=dBZjbMdeXDYj9IeBjd4Dkl7il/NF3XnxNScwl+R+/Hgsr15Z3uAlY6B1iyhgrllKKauiPBNC47YyLkvKogYZcd16EAOoCNzb5EPunakm5TRr4p8PWKoOhwq57C3J3dQmRn4Oq0NYuTrE+x9S1B6CWwOr+0q59Be3oebciW+zlesZAo5d/OqaJnnFTXldrcogcQwjtmkYbTZMUsNq0rEiCjXhC/AjSRo+4H+YotdW4yRMLtivI2GM/CLVQIGkJ0MPho4hpZ4akTVeAfj9qLtYGcOem181Jj3qLToQi2uVIRbyQD2Ex1FAfe8r2Urw6oA/egy6Blswe6jS4IAQw+CzUA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U5EDw//RN36Z+L0+Kj7+918lssb3tinL3H6lcd+oqvwx1sYy7Z9HJLgAa1NoVVcMvCnXFDi28CQGEloqVX3BSxV/qbNU1Nu3fnrPOTc4y8s6kn7Djyz9U9Tk1BkXfChUYw9XYNoMdUvbBBVj5bBLdejSei1npJaiGhXxpfyMDZyK/DiH7bXh32uhI+UP7XzPP0iO2yOHyLn+vYtVCXRDds/UC78fUVvkaXa4iJZS0lQ7QVLTGpfdh/BjkXOfWye6/ZKvXNd4bhqBWxPxlHHhAfV7Bp0juyox7MFZHbv+fFxJ+tTjHNCTBdW8XcTlYhXxBkUgJCEGxzxrfwZbrRaW6A==

Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>

Delivery-date: Thu, 31 Mar 2022 08:01:23 +0000

Ironport-data: A9a23:rrRcBazT+JJLjlNeyUd6t+cOxirEfRIJ4+MujC+fZmUNrF6WrkVTn zEeWW/TOq3eMTPzKN9wPYyyoU1QuJbVyN9iQVNsrSAxQypGp/SeCIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwnj/0bv656yMUOZigHtIQMsadUsxKbVIiGX9JZS5LwbZj2NYz2oHhWmthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Npl5ZnrClYFNb/1nMc/eURkEy9SIrRM5+qSSZS/mZT7I0zudnLtx7NlDV0sPJ1e8eFyaY1M3 aVGcnZXNEnF3r/ohuLgIgVvrp1LwM3DJoQQt2sm1TjEJf0nXYrCU+PB4towMDIY2JAWRqqDP pJxhTxHfBPCWiZoEW4rUpsjwfX1vkuuTztFtwfAzUYwyzeKl1EguFT3C/LKfvSaSMMTmVyXz krK+GnzDxUyPdmW2z2DtH6h7sfMmiXhUY5UC7y89dZtmlSYwmFVAxoTPXO5q/Skjk+1W/pEN lcZvCEpqMAa5EGtC9XwQRC8iHqFpQIHHcpdFfUg7wOAwbaS5ByWblXoVRYYNoZg7pVvA2V3i BnZxLsFGACDrpXFTCnep5ufvwq2Ggo/cFMCawMbVAEatoyLTJ4IsjrDSdNqEaiQh9LzGC3tz z3ikBXSl4n/nuZQifzloAmvbyaE48GQE1Vrvlm/sneNtFsRWWKzW2C/BbE3B95kJZ3RcFSOt WNsdyO2vLFXVsHleMBgrYww8FCVCxStbWW0bb1HRcBJG9GRF5iLJ9o4DNZWfhsBDyr8UWW1C HI/QCsIjHOpAFOkbLVsf6W6ANkwwK7rGLzND66IPoQQP8cvLlLYoUmCgHJ8OUi3yiDAdollZ P+mnTuEVy5GWcyLMhLoLwvi7VPb7n9nnj6CLXwK5x+mzaCfdBaopUQtazOzghQCxPrc+m39q o8HX+PTkkk3eLCuM0H/rN9IRXhXfCdTOHwDg5EOHgJ1ClE9Qz9J5j646e5JRrGJaIwOyL+Sp yvtCxIAoLc97FWeQTi3hrlYQOqHdb50rG4hPDxqOlCt2nM5Zp2o4rtZfJwyFYTLPsQ/pRKoZ 5Hpo/m9P8k=

Ironport-hdrordr: A9a23:t/6CYKkJo2CLColDybi+6QPu2bTpDfPOimdD5ihNYBxZY6Wkfp +V88jzhCWZtN9OYhwdcLC7WZVpQRvnhPlICK0qTM2ftW7dyRaVxeBZnPDfKljbdREWmdQtt5 uIH5IObeEYSGIK8foSgzPIYurIouP3iZxA7N22pxwGLXAIV0gj1XYANu/yKDwJeOAsP+teKH Pz3Lsim9L2Ek5nEfhTS0N1F9TrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S yd+jaJrJmLgrWe8FvxxmXT55NZlJ/IzcZCPtWFjowwJi/3ggilSYx9U/mpvSwzosuo9FE2+e O86CsIDoBW0Tf8b2u1qRzi103J1ysv0WbrzRuijX7qsaXCNUUHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5vDTPisa2XackD4Hq6o+nnZfWYwRZPt6tooE5n5YF58GAWbT9J0nKu 9zF8vRjcwmPW9yV0qp/1WH/ebcHkjaRny9Mws/U42uonVrdUlCvgUlLJd1pAZDyHo/I6M0k9 gsfJ4Y0Y2mdfVmHp6VNN1xMfdfNVa9My4kEFjiV2gPR5t3ck4klfbMkcAIDaeRCdg18Kc=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Mar 31, 2022 at 08:42:47AM +0200, Jan Beulich wrote: > On 30.03.2022 19:04, Roger Pau Monné wrote: > > On Wed, Mar 30, 2022 at 01:05:31PM +0200,>> --- a/xen/arch/x86/livepatch.c > >> +++ b/xen/arch/x86/livepatch.c > >> @@ -157,9 +157,15 @@ void noinline arch_livepatch_apply(struc > >> * loaded hotpatch (to avoid racing against other fixups > >> adding/removing > >> * ENDBR64 or similar instructions). > >> */ > >> - if ( is_endbr64(old_ptr) || is_endbr64_poison(func->old_addr) ) > >> + if ( len >= ENDBR64_LEN && > > > > Sorry, didn't realize before, but shouldn't this check be using > > old_size instead of len (which is based on new_size)? > > Yes and no: In principle yes, but with len == func->new_size in the NOP > case, and with arch_livepatch_verify_func() guaranteeing new_size <= > old_size, the check is still fine for that case. Plus: If new_size was > less than 4 _but_ there's an ENDBR64 at the start, what would we do? I > think there's more that needs fixing in this regard. So I guess I'll > make a v3 with this extra fix dropped and with the livepatch_insn_len() > invocation simply moved. After all the primary goal is to get the > stable trees unstuck. Right, I agree to try and get the stable trees unblocked ASAP. I think the check for ENDBR is only relevant when we are patching the function with a jump, otherwise the new replacement code should contain the ENDBR instruction already? Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.