From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
xen-devel@lists.xenproject.org, konrad@kernel.org,
ross.lagerwall@citrix.com, mpohlack@amazon.de,
sasha.levin@oracle.com
Cc: Keir Fraser <keir@xen.org>, Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH v6 16/24] xsplice: Add support for alternatives
Date: Fri, 8 Apr 2016 18:34:06 +0100 [thread overview]
Message-ID: <5707EB8E.6050001@citrix.com> (raw)
In-Reply-To: <1460000983-28170-17-git-send-email-konrad.wilk@oracle.com>
On 07/04/16 04:49, Konrad Rzeszutek Wilk wrote:
> From: Ross Lagerwall <ross.lagerwall@citrix.com>
>
> Add support for applying alternative sections within xsplice payload.
> At payload load time, apply an alternative sections that are found.
>
> Also we add an test-case exercising a rather useless alternative
> (patching a NOP with a NOP) - but it does exercise the code-path.
>
> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
> ---
> Cc: Keir Fraser <keir@xen.org>
> Cc: Jan Beulich <jbeulich@suse.com>
> Cc: Andrew Cooper <andrew.cooper3@citrix.com>
>
> v2: Make a new alternative function that does not ASSERT on IRQs and
> don't disable IRQs in the code when loading payload.
> v4: Include test-case
> Include check for size of alternatives and that it is not a 0 size
> section.
> v6: Add #define INIT to preserve __initness on alternative code.
> Double check that alt_instr are only patching payload code.
> ---
> ---
> xen/arch/x86/Makefile | 2 +-
> xen/arch/x86/alternative.c | 35 ++++++++++++++++++++++----------
> xen/arch/x86/test/xen_hello_world_func.c | 5 +++++
> xen/common/xsplice.c | 34 +++++++++++++++++++++++++++++++
> xen/include/asm-x86/alternative.h | 4 ++++
> 5 files changed, 68 insertions(+), 12 deletions(-)
>
> diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
> index d85287d..08a7b68 100644
> --- a/xen/arch/x86/Makefile
> +++ b/xen/arch/x86/Makefile
> @@ -6,7 +6,7 @@ subdir-y += mm
> subdir-$(CONFIG_XENOPROF) += oprofile
> subdir-y += x86_64
>
> -obj-bin-y += alternative.init.o
> +obj-bin-y += alternative.o
You want to keep this as alternative.init.o if not CONFIG_XSPLICE
> @@ -142,15 +144,13 @@ static void *__init text_poke_early(void *addr, const void *opcode, size_t len)
> * APs have less capabilities than the boot processor are not handled.
> * Tough. Make sure you disable such features by hand.
> */
> -static void __init apply_alternatives(struct alt_instr *start, struct alt_instr *end)
> +void __INIT apply_alternatives_nocheck(struct alt_instr *start, struct alt_instr *end)
> {
> struct alt_instr *a;
> u8 *instr, *replacement;
> u8 insnbuf[MAX_PATCH_LEN];
> unsigned long cr0 = read_cr0();
The cr0 adjustment of WP should also move from the nocheck() to the
plain variant. This avoid temporisingly disabling WP on the CPU setting
up the patch, before the payload is "secured".
>
> - ASSERT(!local_irq_is_enabled());
> -
> printk(KERN_INFO "alt table %p -> %p\n", start, end);
>
> /* Disable WP to allow application of alternatives to read-only pages. */
> @@ -183,13 +183,26 @@ static void __init apply_alternatives(struct alt_instr *start, struct alt_instr
>
> add_nops(insnbuf + a->replacementlen,
> a->instrlen - a->replacementlen);
> - text_poke_early(instr, insnbuf, a->instrlen);
> + text_poke(instr, insnbuf, a->instrlen);
> }
>
> /* Reinstate WP. */
> write_cr0(cr0);
> }
>
> +#undef __INIT
> +#undef __INITCONST
> +#undef __INITDATA
Why these undefs?
> +/*
> + * This routine is called with local interrupt disabled and used during
> + * bootup.
> + */
> +void __init apply_alternatives(struct alt_instr *start, struct alt_instr *end)
> +{
> + ASSERT(!local_irq_is_enabled());
> + apply_alternatives_nocheck(start, end);
> +}
> +
> void __init alternative_instructions(void)
> {
> nmi_callback_t *saved_nmi_callback;
> diff --git a/xen/arch/x86/test/xen_hello_world_func.c b/xen/arch/x86/test/xen_hello_world_func.c
> index 7e239ca..55e84ac 100644
> --- a/xen/arch/x86/test/xen_hello_world_func.c
> +++ b/xen/arch/x86/test/xen_hello_world_func.c
> @@ -3,6 +3,9 @@
> *
> */
>
> +#include <asm/alternative.h>
> +#include <asm/nops.h>
> +#include <asm/uaccess.h>
> #include <xen/types.h>
>
> static unsigned long *non_canonical_addr = (unsigned long *)(1UL<<48);
> @@ -12,6 +15,8 @@ const char *xen_hello_world(void)
> {
> unsigned long tmp = 0xdeadbeef;
> int rc;
> +
> + alternative(ASM_NOP1, ASM_NOP1, X86_FEATURE_NX);
NX is very definitely not always available. Use LM instead, and leave a
comment saying that LM will always be available on Xen.
With these fixed, Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-08 17:34 UTC|newest]
Thread overview: 85+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-07 3:49 [PATCH v6] xSplice v1 design and implementation Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 01/24] xsplice: Design document Konrad Rzeszutek Wilk
2016-04-07 16:34 ` Ian Jackson
2016-04-07 3:49 ` [PATCH v6 02/24] xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op Konrad Rzeszutek Wilk
2016-04-07 14:47 ` Andrew Cooper
2016-04-08 18:30 ` Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 03/24] libxc: Implementation of XEN_XSPLICE_op in libxc Konrad Rzeszutek Wilk
2016-04-07 19:53 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 04/24] xen-xsplice: Tool to manipulate xsplice payloads Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 05/24] arm/x86: Use struct virtual_region to do bug, symbol, and (x86) exception tables lookup Konrad Rzeszutek Wilk
2016-04-07 20:12 ` Andrew Cooper
2016-04-08 15:30 ` Julien Grall
2016-04-07 3:49 ` [PATCH v6 06/24] x86: Alter nmi_callback_t typedef Konrad Rzeszutek Wilk
2016-04-07 16:35 ` Ian Jackson
2016-04-07 20:13 ` Andrew Cooper
2016-04-08 20:44 ` Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 07/24] arm/x86/vmap: Add vmalloc_type and vm_init_type Konrad Rzeszutek Wilk
2016-04-08 14:22 ` Andrew Cooper
2016-04-08 17:19 ` Jan Beulich
2016-04-09 1:10 ` Konrad Rzeszutek Wilk
2016-04-08 15:32 ` Julien Grall
2016-04-07 3:49 ` [PATCH v6 08/24] xsplice: Add helper elf routines Konrad Rzeszutek Wilk
2016-04-07 16:19 ` Ian Jackson
2016-04-07 17:23 ` Jan Beulich
2016-04-07 20:32 ` Andrew Cooper
2016-04-08 13:26 ` Ian Jackson
2016-04-07 20:43 ` Konrad Rzeszutek Wilk
2016-04-08 14:53 ` Andrew Cooper
2016-04-08 21:26 ` Konrad Rzeszutek Wilk
2016-04-08 22:10 ` Andrew Cooper
2016-04-08 22:48 ` Jan Beulich
2016-04-07 3:49 ` [PATCH v6 09/24] xsplice: Implement payload loading Konrad Rzeszutek Wilk
2016-04-08 15:31 ` Andrew Cooper
2016-04-08 21:10 ` Konrad Rzeszutek Wilk
2016-04-08 21:18 ` Jan Beulich
2016-04-08 22:45 ` Konrad Rzeszutek Wilk
2016-04-08 22:50 ` Jan Beulich
2016-04-09 0:37 ` Konrad Rzeszutek Wilk
2016-04-09 11:48 ` Konrad Rzeszutek Wilk
2016-04-11 15:53 ` Jan Beulich
2016-04-11 16:03 ` Konrad Rzeszutek Wilk
2016-04-11 16:34 ` Konrad Rzeszutek Wilk
2016-04-11 16:55 ` Jan Beulich
2016-04-11 17:08 ` Konrad Rzeszutek Wilk
2016-04-11 17:26 ` Jan Beulich
2016-04-11 18:21 ` Konrad Rzeszutek Wilk
2016-04-11 18:57 ` Konrad Rzeszutek Wilk
2016-04-08 15:35 ` Julien Grall
2016-04-07 3:49 ` [PATCH v6 10/24] xsplice: Implement support for applying/reverting/replacing patches Konrad Rzeszutek Wilk
2016-04-08 15:36 ` Julien Grall
2016-04-08 16:33 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 11/24] x86/xen_hello_world.xsplice: Test payload for patching 'xen_extra_version' Konrad Rzeszutek Wilk
2016-04-08 15:37 ` Julien Grall
2016-04-08 16:38 ` Andrew Cooper
2016-04-09 0:45 ` Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 12/24] xsplice, symbols: Implement symbol name resolution on address Konrad Rzeszutek Wilk
2016-04-08 16:55 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 13/24] x86, xsplice: Print payload's symbol name and payload name in backtraces Konrad Rzeszutek Wilk
2016-04-08 17:00 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 14/24] xsplice: Add support for bug frames Konrad Rzeszutek Wilk
2016-04-08 17:03 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 15/24] xsplice: Add support for exception tables Konrad Rzeszutek Wilk
2016-04-08 17:16 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 16/24] xsplice: Add support for alternatives Konrad Rzeszutek Wilk
2016-04-08 17:34 ` Andrew Cooper [this message]
2016-04-08 17:57 ` Jan Beulich
2016-04-07 3:49 ` [PATCH v6 17/24] build_id: Provide ld-embedded build-ids Konrad Rzeszutek Wilk
2016-04-08 15:39 ` Julien Grall
2016-04-08 18:07 ` Andrew Cooper
2016-04-08 19:34 ` Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 18/24] HYPERCALL_version_op: Add VERSION_build_id to retrieve build-id Konrad Rzeszutek Wilk
2016-04-08 18:07 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 19/24] libxl: info: Display build_id of the hypervisor using XEN_VERSION_build_id Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 20/24] xsplice: Print build_id in keyhandler and on bootup Konrad Rzeszutek Wilk
2016-04-08 18:12 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 21/24] xsplice: Stacking build-id dependency checking Konrad Rzeszutek Wilk
2016-04-08 18:19 ` Andrew Cooper
2016-04-09 1:43 ` Konrad Rzeszutek Wilk
2016-04-07 3:49 ` [PATCH v6 22/24] xsplice/xen_replace_world: Test-case for XSPLICE_ACTION_REPLACE Konrad Rzeszutek Wilk
2016-04-08 18:20 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 23/24] xsplice: Prevent duplicate payloads from being loaded Konrad Rzeszutek Wilk
2016-04-07 16:36 ` Ian Jackson
2016-04-08 18:21 ` Andrew Cooper
2016-04-07 3:49 ` [PATCH v6 24/24] MAINTAINERS/xsplice: Add myself and Ross as the maintainers Konrad Rzeszutek Wilk
2016-04-08 18:21 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5707EB8E.6050001@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=keir@xen.org \
--cc=konrad.wilk@oracle.com \
--cc=konrad@kernel.org \
--cc=mpohlack@amazon.de \
--cc=ross.lagerwall@citrix.com \
--cc=sasha.levin@oracle.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.