From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: konrad@kernel.org, xen-devel@lists.xenproject.org,
ross.lagerwall@citrix.com
Cc: andrew.cooper3@citrix.com, Jan Beulich <jbeulich@suse.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: [PATCH v7 2/5] livepatch: Add limit of 2MB to payload .bss sections.
Date: Wed, 21 Sep 2016 12:57:07 -0400 [thread overview]
Message-ID: <1474477030-10722-3-git-send-email-konrad.wilk@oracle.com> (raw)
In-Reply-To: <1474477030-10722-1-git-send-email-konrad.wilk@oracle.com>
The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
"xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
size of the binary at 2MB. We follow that in capping the size
of the .BSSes to be at maximum 2MB.
We also bubble up the payload limit and this one in one #define
called LIVEPATCH_MAX_SIZE to make it easier to find these
arbitrary limits.
Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
Cc: Ross Lagerwall <ross.lagerwall@citrix.com>
Cc: Jan Beulich <jbeulich@suse.com>
v5: Initial submission. Came about from conversation about
"livepatch: Clear .bss when payload is reverted"
- Use only one sh_flags comparison instead of two.
- And check for the _right_ combination (WA).
v6: Remove the logging
- Move the MB(2) to a #define in the header file.
- Add the newline after the addition in livepatch_elf.c.
- Added Reviewed-by from Ross.
v7:- s/MAX_BSS_SIZE/LIVEPATCH_MAX_SIZE/
- Also use this LIVEPATHCH_MAX_SIZE in verify_payload
---
xen/common/livepatch.c | 2 +-
xen/common/livepatch_elf.c | 4 ++++
xen/include/xen/livepatch.h | 2 ++
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c
index 1f527a3..c9e5318 100644
--- a/xen/common/livepatch.c
+++ b/xen/common/livepatch.c
@@ -123,7 +123,7 @@ static int verify_payload(const xen_sysctl_livepatch_upload_t *upload, char *n)
if ( !upload->size )
return -EINVAL;
- if ( upload->size > MB(2) )
+ if ( upload->size > LIVEPATCH_MAX_SIZE )
return -EINVAL;
if ( !guest_handle_okay(upload->payload, upload->size) )
diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index 303115f..f46990e 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, const void *data)
delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past end");
return -EINVAL;
}
+ else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
+ sec[i].sec->sh_type == SHT_NOBITS &&
+ sec[i].sec->sh_size > LIVEPATCH_MAX_SIZE )
+ return -EINVAL;
sec[i].data = data + delta;
/* Name is populated in elf_resolve_section_names. */
diff --git a/xen/include/xen/livepatch.h b/xen/include/xen/livepatch.h
index 243e240..29c9b31 100644
--- a/xen/include/xen/livepatch.h
+++ b/xen/include/xen/livepatch.h
@@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
#define ELF_LIVEPATCH_FUNC ".livepatch.funcs"
#define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
#define ELF_BUILD_ID_NOTE ".note.gnu.build-id"
+/* Arbitrary limit for payload size and .bss section size. */
+#define LIVEPATCH_MAX_SIZE MB(2)
struct livepatch_symbol {
const char *name;
--
2.4.11
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-09-21 16:57 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-21 16:57 [PATCH v7] Livepatch fixes and general features for Xen 4.8 Konrad Rzeszutek Wilk
2016-09-21 16:57 ` [PATCH v7 1/5] livepatch: Disallow applying after an revert Konrad Rzeszutek Wilk
2016-09-22 9:21 ` Jan Beulich
2016-09-22 10:16 ` Konrad Rzeszutek Wilk
2016-09-22 23:55 ` Konrad Rzeszutek Wilk
2016-09-23 6:18 ` Jan Beulich
2016-09-21 16:57 ` Konrad Rzeszutek Wilk [this message]
2016-09-22 9:21 ` [PATCH v7 2/5] livepatch: Add limit of 2MB to payload .bss sections Jan Beulich
2016-09-21 16:57 ` [PATCH v7 3/5] livepatch: NOP if func->new_addr is zero Konrad Rzeszutek Wilk
2016-09-22 9:23 ` Jan Beulich
2016-09-21 16:57 ` [PATCH v7 4/5] livepatch: Drop _jmp from arch_livepatch_[apply, revert]_jmp Konrad Rzeszutek Wilk
2016-09-22 9:24 ` Ross Lagerwall
2016-09-21 16:57 ` [PATCH v7 5/5] livepach: Add .livepatch.hooks functions and test-case Konrad Rzeszutek Wilk
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1474477030-10722-3-git-send-email-konrad.wilk@oracle.com \
--to=konrad.wilk@oracle.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=konrad@kernel.org \
--cc=ross.lagerwall@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).