[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 05/20] arm64/alternatives: Make it possible to patch outside of hypervisor.

To: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, konrad@xxxxxxxxxx, ross.lagerwall@xxxxxxxxxx, sstabellini@xxxxxxxxxx
From: Julien Grall <julien.grall@xxxxxxx>
Date: Wed, 31 Aug 2016 16:54:42 +0100
Delivery-date: Wed, 31 Aug 2016 15:54:48 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Konrad,

On 25/08/16 14:37, Konrad Rzeszutek Wilk wrote:

With livepatching the alternatives that should be patched are
outside the Xen hypervisor _start -> _end. As such having
to use an alternative VA is not neccessary. In fact we


s/neccessary/necessary/

can use the ones that the caller provided us with.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
---
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>
Cc: Julien Grall <julien.grall@xxxxxxx>

v2: First version
---
 xen/arch/arm/alternative.c | 40 +++++++++++++++++++++++++---------------
 1 file changed, 25 insertions(+), 15 deletions(-)

diff --git a/xen/arch/arm/alternative.c b/xen/arch/arm/alternative.c
index aba06db..90a857a 100644
--- a/xen/arch/arm/alternative.c
+++ b/xen/arch/arm/alternative.c
@@ -94,24 +94,30 @@ static int __apply_alternatives(const struct alt_region 
*region)
 {
     const struct alt_instr *alt;
     const u32 *origptr, *replptr;
-    u32 *writeptr, *writemap;
+    u32 *writeptr, *writemap = NULL;
     mfn_t text_mfn = _mfn(virt_to_mfn(_stext));
     unsigned int text_order = get_order_from_bytes(_end - _start);

-    printk(XENLOG_INFO "alternatives: Patching kernel code\n");
-
-    /*
-     * The text section is read-only. So re-map Xen to be able to patch
-     * the code.
-     */
-    writemap = __vmap(&text_mfn, 1 << text_order, 1, 1, PAGE_HYPERVISOR,
-                      VMAP_DEFAULT);
-    if ( !writemap )
+    if ( region->begin >= __alt_instructions &&
+         region->end <= __alt_instructions_end )

I think this is quite fragile because __alt_instructions is part of theinit section. So after runtime, those regions could be reallocated forother purposes.

I thought a bit more about the issue, each alt_instr contains a relativeoffset. So it would be possible to re-map the region in__apply_alternatives_multi_stop and passed the re-map the region to

__apply_alternatives.

Furthermore, I think it is safe to mandate apply_alternatives to workonly read-write region.

So we could simplify the hacky code I wrote to workaround the Writepermissions implies execute-never.


Let me try to write a patch to see if my solution works.

Regards,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v2] Livepatch for ARM 64 and 32.
  - From: Konrad Rzeszutek Wilk
- [Xen-devel] [PATCH v2 05/20] arm64/alternatives: Make it possible to patch outside of hypervisor.
  - From: Konrad Rzeszutek Wilk

Prev by Date: Re: [Xen-devel] [PATCH v2] Livepatch for ARM 64 and 32.
Next by Date: Re: [Xen-devel] [PATCH v2 0/4] Fix gcov build
Previous by thread: [Xen-devel] [PATCH v2 05/20] arm64/alternatives: Make it possible to patch outside of hypervisor.
Next by thread: [Xen-devel] [PATCH v2 07/20] arm/x86: Add ALTERNATIVE and HAS_EX_TABLE
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.