From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: ross.lagerwall@citrix.com, xen-devel@lists.xenproject.org
Subject: Re: [PATCH v4 1/9] livepatch: Clear .bss when payload is reverted
Date: Tue, 6 Sep 2016 12:47:16 -0400 [thread overview]
Message-ID: <20160906164716.GA2161@char.us.oracle.com> (raw)
In-Reply-To: <57BD7D19020000780010881B@prv-mh.provo.novell.com>
On Wed, Aug 24, 2016 at 02:55:21AM -0600, Jan Beulich wrote:
> >>> On 24.08.16 at 04:22, <konrad.wilk@oracle.com> wrote:
> > --- a/xen/common/livepatch.c
> > +++ b/xen/common/livepatch.c
> > @@ -70,6 +70,9 @@ struct payload {
> > unsigned int nsyms; /* Nr of entries in .strtab and symbols. */
> > struct livepatch_build_id id; /* ELFNOTE_DESC(.note.gnu.build-id) of the payload. */
> > struct livepatch_build_id dep; /* ELFNOTE_DESC(.livepatch.depends). */
> > + void **bss; /* .bss's of the payload. */
> > + size_t *bss_size; /* and their sizes. */
>
> Is size_t wide enough in the extreme case? Perhaps yes, because I
> don't think we'll ever load 64-bit ELF on a 32-bit platform.
Nonethless having a huge .bss is a kind of extreme? Perhaps we should
have an seperate patch that checks the SHT_NOBITS and disallows .bss's
bigger than say 2MB?
I am using 2MB as that is the limit of the livepatch binaries right
now (see verify_payload:
127 if ( upload->size > MB(2) )
128 return -EINVAL;
>
> > + size_t n_bss; /* Size of the array. */
>
> As opposed to that, I think this one could be unsigned int (or else
> you end up with inconsistencies in {move,apply}_payload()).
/me nods. Changed to unsitned int.
>
> > @@ -374,14 +392,24 @@ static int move_payload(struct payload *payload, struct livepatch_elf *elf)
> > elf->name, elf->sec[i].name, elf->sec[i].load_addr);
> > }
> > else
> > - memset(elf->sec[i].load_addr, 0, elf->sec[i].sec->sh_size);
> > + {
> > + payload->bss[n_bss] = elf->sec[i].load_addr;
> > + payload->bss_size[n_bss++] = elf->sec[i].sec->sh_size;
> > + }
> > }
> > }
> > + ASSERT(n_bss == payload->n_bss);
> >
> > out:
> > xfree(offset);
> >
> > return rc;
> > +
> > + out_mem:
> > + dprintk(XENLOG_ERR, LIVEPATCH "%s: Could not allocate memory for payload!\n",
> > + elf->name);
> > + rc = -ENOMEM;
> > + goto out;
>
> You leak any of the three buffers here which you managed to
> successfully allocate.
I added a call to 'free_payload_data(payload)' there to make it a direct call to it.
It is not needed per say as the caller unconditionally calls free_payload_data() if
the return of any of the functions is non-zero. But in case things get moved around
and that assumption goes away - having a call to free_payload_data makes sense
in the function (plus it looks much more nicer to free/alloc in the same function).
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-09-06 16:47 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-24 2:22 [PATCH v4] Livepatch fixes and features for v4.8 Konrad Rzeszutek Wilk
2016-08-24 2:22 ` [PATCH v4 1/9] livepatch: Clear .bss when payload is reverted Konrad Rzeszutek Wilk
2016-08-24 8:55 ` Jan Beulich
2016-08-25 16:08 ` Andrew Cooper
2016-09-06 16:51 ` Konrad Rzeszutek Wilk
2016-09-07 9:18 ` Jan Beulich
2016-09-06 16:47 ` Konrad Rzeszutek Wilk [this message]
2016-09-07 8:02 ` Jan Beulich
2016-09-08 9:25 ` Konrad Rzeszutek Wilk
2016-09-09 13:33 ` Ross Lagerwall
2016-09-09 13:50 ` Konrad Rzeszutek Wilk
2016-09-09 13:58 ` Ross Lagerwall
2016-09-09 15:28 ` Jan Beulich
2016-08-24 2:22 ` [PATCH v4 2/9] livepatch: Deal with payloads without any .text Konrad Rzeszutek Wilk
2016-08-24 2:22 ` [PATCH v4 3/9] version/livepatch: Move xen_build_id_check to version.h Konrad Rzeszutek Wilk
2016-08-24 2:22 ` [PATCH v4 4/9] version: Print build-id at bootup Konrad Rzeszutek Wilk
2016-08-24 8:58 ` Jan Beulich
2016-09-06 16:57 ` Konrad Rzeszutek Wilk
2016-09-07 8:03 ` Jan Beulich
2016-09-09 13:37 ` Ross Lagerwall
2016-08-24 2:22 ` [PATCH v4 5/9] livepatch: Move code from prepare_payload to own routine Konrad Rzeszutek Wilk
2016-08-25 16:02 ` Ross Lagerwall
2016-08-24 2:22 ` [PATCH v4 6/9] livepatch: Add parsing for the symbol+0x<offset> Konrad Rzeszutek Wilk
2016-08-24 9:08 ` Jan Beulich
2016-09-06 19:56 ` Konrad Rzeszutek Wilk
2016-09-07 8:10 ` Jan Beulich
2016-09-08 9:22 ` Konrad Rzeszutek Wilk
2016-09-08 10:01 ` Jan Beulich
2016-09-09 14:28 ` Ross Lagerwall
2016-08-24 2:22 ` [PATCH v4 7/9] livepatch: NOP if func->new_[addr] is zero Konrad Rzeszutek Wilk
2016-08-24 9:13 ` Jan Beulich
2016-09-06 20:05 ` Konrad Rzeszutek Wilk
2016-09-07 8:13 ` Jan Beulich
2016-08-24 2:22 ` [PATCH v4 8/9] symbols: Generate an xen-sym.map Konrad Rzeszutek Wilk
2016-08-24 9:16 ` Jan Beulich
2016-09-09 13:43 ` Ross Lagerwall
2016-08-24 2:22 ` [PATCH v4 9/9] livepach: Add .livepatch.hooks functions and test-case Konrad Rzeszutek Wilk
2016-09-06 17:22 ` Konrad Rzeszutek Wilk
2016-09-06 18:25 ` Andrew Cooper
2016-09-08 1:18 ` Konrad Rzeszutek Wilk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160906164716.GA2161@char.us.oracle.com \
--to=konrad.wilk@oracle.com \
--cc=JBeulich@suse.com \
--cc=ross.lagerwall@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.