mbox series

[v5,00/12] livepatch: new features and fixes

Message ID 20191114130653.51185-1-wipawel@amazon.de (mailing list archive)
Headers show
Series livepatch: new features and fixes | expand

Message

Wieczorkiewicz, Pawel Nov. 14, 2019, 1:06 p.m. UTC
This series introduces new features to the livepatch functionality as
briefly discussed during Xen Developer Summit 2019: [a] and [b].
It also provides a few fixes and some small improvements.

Main changes in v4:
- Fix various typos and minor issues
- Simplify arch_livepatch_{apply,revert} by using
  common_livepatch_{apply,revert}
- Improve python bindings and fix few issues

Main changes in v3:
- Fix expectation test to work on Arm
- Add test for metadata (Konrad)
- Minor fixes to documentation

Main changes in v2:
- added new features to livepatch documentation
- added livepatch tests
- enabled Arm support for [5]
- make .modinfo optional for [11]
- fixed typos

FEATURES:

1. independent modules (patches: [1], [2])

  * livepatch-build-tools repo dependency [A]

  Livepatch enforces the following buildid-based dependency chain
  between hotpatch modules:
    1) first module depends on given hypervisor buildid
    2) every consecutive module depends on previous module's buildid
  This way proper hotpatch stack order is maintained and enforced.
  While it is important for production hotpatches it limits agility and
  blocks usage of testing or debug hotpatches. These kinds of hotpatch
  modules are typically expected to be loaded at any time irrespective
  of current state of the modules stack.

  [A] livepatch-build: Embed hypervisor build id into every hotpatch

2. pre- and post- apply|revert actions hooks (patches: [3], [4])

  * livepatch-build-tools repo dependency [B]

  This is an implementation of 4 new livepatch module vetoing hooks,
  that can be optionally supplied along with modules.
  Hooks that currently exists in the livepatch mechanism aren't agile
  enough and have various limitations:
  * run only from within a quiescing zone
  * cannot conditionally prevent applying or reverting
  * do not have access to the module context
  To address these limitations the following has been implemented:
  1) pre-apply hook
  2) post-apply hook
  3) pre-revert hook
  4) post-revert hook

  [B] create-diff-object: Handle extra pre-|post- hooks

3. apply|revert actions replacement hooks (patches: [5], [6], [7])

  * livepatch-build-tools repo dependency: [C], [D], [E]

  To increase hotpatching system's agility and provide more flexiable
  long-term hotpatch solution, allow to overwrite the default apply
  and revert action functions with hook-like supplied alternatives.
  The alternative functions are optional and the default functions are
  used by default.

  [C] create-diff-object: Do not create empty .livepatch.funcs section
  [D] create-diff-object: Handle optional apply|revert hooks
  [E] create-diff-object: Add support for applied/reverted marker

4. inline asm hotpatching expectations (patches: [8])

  * livepatch-build-tools repo dependency: [F]

  Expectations are designed as optional feature, since the main use of
  them is planned for inline asm hotpatching.
  The payload structure is modified as each expectation structure is
  part of the livepatch_func structure and hence extends the payload.
  The payload version is bumped to 3 with this change to highlight the
  ABI modification and enforce proper support.
  The expectation is manually enabled during inline asm module
  construction. If enabled, expectation ensures that the expected
  content of memory is to be found at a given patching (old_addr)
  location.

  [F] create-diff-object: Add support for expectations

5. runtime hotpatch metadata support (patches: [9], [10], [11])

  Having detailed hotpatch metadata helps to properly identify module's
  origin and version. It also allows to keep track of the history of
  hotpatch loads in the system (at least within dmesg buffer size
  limits).
  Extend the livepatch list operation to fetch also payloads' metadata.
  This is achieved by extending the sysctl list interface with 2 extra
  guest handles:
  * metadata     - an array of arbitrary size strings
  * metadata_len - an array of metadata strings' lengths (uin32_t each)
  To unify and simplify the interface, handle the modules' name strings
  of arbitrary size by copying them in adhering chunks to the userland.

6. python bindings for livepatch operations (patches: [12])

  Extend the XC python bindings library to support all common livepatch
  operations and actions:
  - status (pyxc_livepatch_status):
  - action (pyxc_livepatch_action):
  - upload (pyxc_livepatch_upload):
  - list (pyxc_livepatch_list):

[a] https://wiki.xenproject.org/wiki/Design_Sessions_2019#LivePatch_improvements_and_features
[b] https://lists.xenproject.org/archives/html/xen-devel/2019-07/msg00846.html

Merged in v1:
  python: Add XC binding for Xen build ID
  livepatch: always print XENLOG_ERR information

Pawel Wieczorkiewicz (12):
  [1] livepatch: Always check hypervisor build ID upon hotpatch upload
  [2] livepatch: Allow to override inter-modules buildid dependency
  [3] livepatch: Export payload structure via livepatch_payload.h
  [4] livepatch: Implement pre-|post- apply|revert hooks
  [5] livepatch: Add support for apply|revert action replacement hooks
  [6] livepatch: Do not enforce ELF_LIVEPATCH_FUNC section presence
  [7] livepatch: Add per-function applied/reverted state tracking marker
  [8] livepatch: Add support for inline asm hotpatching expectations
  [9] livepatch: Add support for modules .modinfo section metadata
  [10] livepatch: Handle arbitrary size names with the list operation
  [11] livepatch: Add metadata runtime retrieval mechanism
  [12] livepatch: Add python bindings for livepatch operations

 .gitignore                                     |   6 +-
 docs/misc/livepatch.pandoc                     | 248 +++++++++-
 tools/libxc/include/xenctrl.h                  |  68 ++-
 tools/libxc/xc_misc.c                          | 162 ++++--
 tools/misc/xen-livepatch.c                     | 257 +++++++---
 tools/python/xen/lowlevel/xc/xc.c              | 268 ++++++++++
 xen/common/livepatch.c                         | 656 +++++++++++++++++++++----
 xen/include/public/sysctl.h                    |  63 ++-
 xen/include/xen/livepatch.h                    |  43 +-
 xen/include/xen/livepatch_payload.h            |  83 ++++
 xen/test/livepatch/Makefile                    | 121 ++++-
 xen/test/livepatch/xen_action_hooks.c          | 102 ++++
 xen/test/livepatch/xen_action_hooks_marker.c   | 112 +++++
 xen/test/livepatch/xen_action_hooks_noapply.c  | 136 +++++
 xen/test/livepatch/xen_action_hooks_nofunc.c   |  86 ++++
 xen/test/livepatch/xen_action_hooks_norevert.c | 143 ++++++
 xen/test/livepatch/xen_expectations.c          |  41 ++
 xen/test/livepatch/xen_expectations_fail.c     |  42 ++
 xen/test/livepatch/xen_prepost_hooks.c         | 122 +++++
 xen/test/livepatch/xen_prepost_hooks_fail.c    |  75 +++
 20 files changed, 2555 insertions(+), 279 deletions(-)
 create mode 100644 xen/test/livepatch/xen_action_hooks.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_marker.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_noapply.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_nofunc.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_norevert.c
 create mode 100644 xen/test/livepatch/xen_expectations.c
 create mode 100644 xen/test/livepatch/xen_expectations_fail.c
 create mode 100644 xen/test/livepatch/xen_prepost_hooks.c
 create mode 100644 xen/test/livepatch/xen_prepost_hooks_fail.c

Comments

Konrad Rzeszutek Wilk Nov. 20, 2019, 2:25 a.m. UTC | #1
On Thu, Nov 14, 2019 at 01:06:41PM +0000, Pawel Wieczorkiewicz wrote:
> This series introduces new features to the livepatch functionality as
> briefly discussed during Xen Developer Summit 2019: [a] and [b].
> It also provides a few fixes and some small improvements.
> 
> Main changes in v4:
> - Fix various typos and minor issues
> - Simplify arch_livepatch_{apply,revert} by using
>   common_livepatch_{apply,revert}
> - Improve python bindings and fix few issues

This is https://github.com/konradwilk/xen.git (your patches on top of staging):

On ARM64:
root@hikey960:/home/linaro# xl info
host                   : hikey960
release                : 4.12.0-linaro-hikey960+
version                : #3 SMP PREEMPT Mon Jul 17 13:26:13 EDT 2017
machine                : aarch64
nr_cpus                : 8
max_cpu_id             : 7
nr_nodes               : 1
cores_per_socket       : 1
threads_per_core       : 1
cpu_mhz                : 1.920
hw_caps                : 00000000:00000000:00000000:00000000:00000000:00000000:00000000:00000000
virt_caps              : hvm hap
total_memory           : 2262
free_memory            : 713
sharing_freed_memory   : 0
sharing_used_memory    : 0
outstanding_claims     : 0
free_cpus              : 0
xen_major              : 4
xen_minor              : 13
xen_extra              : .0-rc
xen_version            : 4.13.0-rc
xen_caps               : xen-3.0-aarch64 xen-3.0-armv7l 
xen_scheduler          : credit2
xen_pagesize           : 4096
platform_params        : virt_start=0x200000
xen_changeset          : Thu Nov 14 13:06:52 2019 +0000 git:9f5f25f07a
xen_commandline        : console=dtuart dtuart=/soc/serial@fff32000 efi=no-rs dom0_mem=1500M hmp-unsafe=true
cc_compiler            : gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
cc_compile_by          : linaro
cc_compile_domain      : lan
cc_compile_date        : Wed Nov 20 02:06:10 UTC 2019
build_id               : 8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
xend_config_format     : 4
root@hikey960:/home/linaro# cd xen.git
root@hikey960:/home/linaro/xen.git# readelf -n xen-sy
readelf: Error: 'xen-sy': No such file
root@hikey960:/home/linaro/xen.git# cd xen
root@hikey960:/home/linaro/xen.git/xen# readelf -n xen-syms

Displaying notes found in: .note.gnu.build-id
  Owner                 Data size	Description
  GNU                  0x00000014	NT_GNU_BUILD_ID (unique build ID bitstring)
    Build ID: 8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
root@hikey960:/home/linaro/xen.git/xen# cd test/livepatch/
root@hikey960:/home/linaro/xen.git/xen/test/livepatch# xen-livepatch list
Nothing to list
root@hikey960:/home/linaro/xen.git/xen/test/livepatch# xen-livepatch load xen_hello_world.livepatch 
Uploading xen_hello_world.livepatch... completed
Applying xen_hello_world... failed
Error 22: Invalid argument
Unloading xen_hello_world... failed
Error 22: Invalid argument
root@hikey960:/home/linaro/xen.git/xen/test/livepatch# git log
commit 9f5f25f07a64e1b447f7bd124182a1c5ef422d6f
Author: Pawel Wieczorkiewicz <wipawel@amazon.de>
Date:   Thu Nov 14 13:06:52 2019 +0000

    livepatch: Add metadata runtime retrieval mechanism
...

root@hikey960:/home/linaro/xen.git/xen/test/livepatch#xl dmesg -c
(XEN) Checking for initrd in /chosen
(XEN) RAM: 0000000000000000 - 000000001abfffff
(XEN) RAM: 000000001ad88000 - 0000000031ffffff
(XEN) RAM: 0000000032101000 - 000000003dffffff
(XEN) RAM: 0000000040000000 - 000000005af25fff
(XEN) RAM: 0000000089cc0000 - 00000000b8767fff
(XEN) RAM: 00000000b9ac0000 - 00000000b9ac8fff
(XEN) RAM: 00000000b9bfb000 - 00000000b9cbffff
(XEN) RAM: 00000000b9d62000 - 00000000b9e0ffff
(XEN) RAM: 00000000ba1d0000 - 00000000ba1dbfff
(XEN) RAM: 00000000ba1dc000 - 00000000bdc46fff
(XEN) RAM: 00000000bdc47000 - 00000000bdd06fff
(XEN) RAM: 00000000bdd07000 - 00000000bddd6fff
(XEN) RAM: 00000000bddd7000 - 00000000bf00ffff
(XEN) RAM: 00000000bf010000 - 00000000bf012fff
(XEN) RAM: 00000000bf013000 - 00000000bf19ffff
(XEN) RAM: 00000000bf1a0000 - 00000000bf1effff
(XEN) RAM: 00000000bf240000 - 00000000bf24efff
(XEN) RAM: 00000000bf24f000 - 00000000bfffffff
(XEN) 
(XEN) MODULE[0]: 00000000b8773000 - 00000000b88be900 Xen         
(XEN) MODULE[1]: 00000000b8768000 - 00000000b8773000 Device Tree 
(XEN) MODULE[2]: 00000000b88c9000 - 00000000b9885a00 Kernel      
(XEN)  RESVD[0]: 0000000032000000 - 00000000320fffff
(XEN) 
(XEN) CMDLINE[00000000b88c9000]:chosen console=tty0 console=hvc0 root=/dev/sdd10 rw efi=noruntime
(XEN) 
(XEN) Command line: console=dtuart dtuart=/soc/serial@fff32000 efi=no-rs dom0_mem=1500M hmp-unsafe=true
(XEN) parameter "efi" unknown!
(XEN) Domain heap initialised
(XEN) Booting using Device Tree
(XEN) Platform: Generic System
(XEN) Looking for dtuart at "/soc/serial@fff32000", options ""
 Xen 4.13.0-rc
(XEN) Xen version 4.13.0-rc (linaro@lan) (gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516) debug=y  Wed Nov 20 02:06:10 UTC 2019
(XEN) Latest ChangeSet: Thu Nov 14 13:06:52 2019 +0000 git:9f5f25f07a
(XEN) build-id: 8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
(XEN) Processor: 410fd034: "ARM Limited", variant: 0x0, part 0xd03, rev 0x4
(XEN) 64-bit Execution:
(XEN)   Processor Features: 0000000000002222 0000000000000000
(XEN)     Exception Levels: EL3:64+32 EL2:64+32 EL1:64+32 EL0:64+32
(XEN)     Extensions: FloatingPoint AdvancedSIMD
(XEN)   Debug Features: 0000000010305106 0000000000000000
(XEN)   Auxiliary Features: 0000000000000000 0000000000000000
(XEN)   Memory Model Features: 0000000000001122 0000000000000000
(XEN)   ISA Features:  0000000000011120 0000000000000000
(XEN) 32-bit Execution:
(XEN)   Processor Features: 00000131:00011011
(XEN)     Instruction Sets: AArch32 A32 Thumb Thumb-2 Jazelle
(XEN)     Extensions: GenericTimer Security
(XEN)   Debug Features: 03010066
(XEN)   Auxiliary Features: 00000000
(XEN)   Memory Model Features: 10201105 40000000 01260000 02102211
(XEN)  ISA Features: 02101110 13112111 21232042 01112131 00011142 00011121
(XEN) Using SMC Calling Convention v1.0
(XEN) Using PSCI v1.0
(XEN) SMP: Allowing 8 CPUs
(XEN) Generic Timer IRQ: phys=30 hyp=26 virt=27 Freq: 1920 KHz
(XEN) GICv2 initialization:
(XEN)         gic_dist_addr=00000000e82b1000
(XEN)         gic_cpu_addr=00000000e82b2000
(XEN)         gic_hyp_addr=00000000e82b4000
(XEN)         gic_vcpu_addr=00000000e82b6000
(XEN)         gic_maintenance_irq=25
(XEN) GICv2: 384 lines, 8 cpus, secure (IID 0200143b).
(XEN) XSM Framework v1.0.0 initialized
(XEN) Initialising XSM SILO mode
(XEN) Using scheduler: SMP Credit Scheduler rev2 (credit2)
(XEN) Initializing Credit2 scheduler
(XEN)  load_precision_shift: 18
(XEN)  load_window_shift: 30
(XEN)  underload_balance_tolerance: 0
(XEN)  overload_balance_tolerance: -3
(XEN)  runqueues arrangement: socket
(XEN)  cap enforcement granularity: 10ms
(XEN) load tracking window length 1073741824 ns
(XEN) Allocated console ring of 64 KiB.
(XEN) CPU0: Guest atomics will try 9 times before pausing the domain
(XEN) Bringing up CPU1
(XEN) CPU1: Guest atomics will try 18 times before pausing the domain
(XEN) CPU 1 booted.
(XEN) Bringing up CPU2
(XEN) CPU2: Guest atomics will try 17 times before pausing the domain
(XEN) CPU 2 booted.
(XEN) Bringing up CPU3
(XEN) CPU3: Guest atomics will try 13 times before pausing the domain
(XEN) CPU 3 booted.
(XEN) Bringing up CPU4
(XEN) CPU4: Guest atomics will try 15 times before pausing the domain
(XEN) CPU 4 booted.
(XEN) Bringing up CPU5
(XEN) CPU5: Guest atomics will try 17 times before pausing the domain
(XEN) CPU 5 booted.
(XEN) Bringing up CPU6
(XEN) CPU6: Guest atomics will try 11 times before pausing the domain
(XEN) CPU 6 booted.
(XEN) Bringing up CPU7
(XEN) CPU7: Guest atomics will try 16 times before pausing the domain
(XEN) CPU 7 booted.
(XEN) Brought up 8 CPUs
(XEN) I/O virtualisation disabled
(XEN) P2M: 40-bit IPA with 40-bit PA and 8-bit VMID
(XEN) P2M: 3 levels with order-1 root, VTCR 0x80023558
(XEN) Adding cpu 0 to runqueue 0
(XEN)  First cpu on runqueue, activating
(XEN) Adding cpu 1 to runqueue 0
(XEN) Adding cpu 2 to runqueue 0
(XEN) Adding cpu 3 to runqueue 0
(XEN) Adding cpu 4 to runqueue 0
(XEN) Adding cpu 5 to runqueue 0
(XEN) Adding cpu 6 to runqueue 0
(XEN) Adding cpu 7 to runqueue 0
(XEN) alternatives: Patching with alt table 00000000002dc0c8 -> 00000000002dc7dc
(XEN) *** LOADING DOMAIN 0 ***
(XEN) Loading d0 kernel from boot module @ 00000000b88c9000
(XEN) Allocating 1:1 mappings totalling 1500MB for dom0:
(XEN) BANK[0] 0x00000008000000-0x00000018000000 (256MB)
(XEN) BANK[1] 0x00000020000000-0x00000030000000 (256MB)
(XEN) BANK[2] 0x00000040000000-0x00000058000000 (384MB)
(XEN) BANK[3] 0x00000090000000-0x000000b4000000 (576MB)
(XEN) BANK[4] 0x000000ba800000-0x000000bc000000 (24MB)
(XEN) BANK[5] 0x000000bf800000-0x000000bfc00000 (4MB)
(XEN) Grant table range: 0x000000b8773000-0x000000b87b3000
(XEN) Allocating PPI 16 for event channel interrupt
(XEN) Loading zImage from 00000000b88c9000 to 0000000008080000-000000000903ca00
(XEN) Loading d0 DTB to 0x0000000010000000-0x00000000100082b1
(XEN) Initial low memory virq threshold set at 0x4000 pages.
(XEN) Scrubbing Free RAM in background
(XEN) Std. Loglevel: All
(XEN) Guest Loglevel: All
(XEN) ***************************************************
(XEN) WARNING: HMP COMPUTING HAS BEEN ENABLED.
(XEN) It has implications on the security and stability of the system,
(XEN) unless the cpu affinity of all domains is specified.
(XEN) ***************************************************
(XEN) No support for ARM_SMCCC_ARCH_WORKAROUND_1.
(XEN) Please update your firmware.
(XEN) ***************************************************
(XEN) No support for ARM_SMCCC_ARCH_WORKAROUND_1.
(XEN) Please update your firmware.
(XEN) ***************************************************
(XEN) 3... 2... 1... 
(XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input)
(XEN) Freed 336kB init memory.
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER4
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER8
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER12
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER16
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER20
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER24
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER28
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER32
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER36
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER40
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER44
(XEN) d0v0: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v1: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v2: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v3: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v4: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v5: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v6: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) d0v7: vGICD: unhandled word write 0x000000ffffffff to ICACTIVER0
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .note.gnu.build-id at 0000000000a04000
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .text at 0000000000a02000
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .rodata at 0000000000a04028
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .altinstructions at 0000000000a04052
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .altinstr_replacement at 0000000000a04060
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .rodata.str1.8 at 0000000000a04068
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .rodata.str at 0000000000a040e8
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .bug_frames.1 at 0000000000a040fc
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .livepatch.depends at 0000000000a0410c
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .livepatch.xen_depends at 0000000000a04130
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .modinfo at 0000000000a04154
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .livepatch.funcs at 0000000000a03000
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .livepatch.hooks.load at 0000000000a03068
(XEN) livepatch.c:379: livepatch: xen_hello_world: Loaded .livepatch.hooks.unload at 0000000000a03078
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04000 (.note.gnu.build-id)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa02000 (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04028 (.rodata)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04052 (.altinstructions)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04060 (.altinstr_replacement)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04068 (.rodata.str1.8)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa040e8 (.rodata.str)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa040fc (.bug_frames.1)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa0410c (.livepatch.depends)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04130 (.livepatch.xen_depends)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa04154 (.modinfo)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa03000 (.livepatch.funcs)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa03068 (.livepatch.hooks.load)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa03078 (.livepatch.hooks.unload)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved:  => 0xa03090 (.bss)
(XEN) livepatch_elf.c:319: livepatch: xen_hello_world: Absolute symbol: xen_hello_world_func.c => 0
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $x => 0xa02000 (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $x => 0xa04060 (.altinstr_replacement)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa04068 (.rodata.str1.8)
(XEN) livepatch_elf.c:319: livepatch: xen_hello_world: Absolute symbol: xen_hello_world.c => 0
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $x => 0xa02010 (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: apply_hook => 0xa02010 (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: revert_hook => 0xa0202c (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: hi_func => 0xa02048 (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: check_fnc => 0xa0207c (.text)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa040fc (.bug_frames.1)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa04028 (.rodata)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: __func__.4898 => 0xa04028 (.rodata)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: __func__.4902 => 0xa04030 (.rodata)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: hello_world_patch_this_fnc => 0xa04040 (.rodata)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa03090 (.bss)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: cnt => 0xa03090 (.bss)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa03000 (.livepatch.funcs)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa03068 (.livepatch.hooks.load)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa03078 (.livepatch.hooks.unload)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: $d => 0xa04078 (.rodata.str1.8)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: .L21 => 0xa040e8 (.rodata.str)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: .L31 => 0xa040fa (.rodata.str)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_load_data_hi_func => 0xa03068 (.livepatch.hooks.load)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: xen_hello_world => 0xa02000 (.text)
(XEN) livepatch_elf.c:314: livepatch: xen_hello_world: Undefined symbol resolved: xen_extra_version => 0x242158
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_unload_data_check_fnc => 0xa03078 (.livepatch.hooks.unload)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_load_data_apply_hook => 0xa03070 (.livepatch.hooks.load)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_unload_data_revert_hook => 0xa03088 (.livepatch.hooks.unload)
(XEN) livepatch_elf.c:314: livepatch: xen_hello_world: Undefined symbol resolved: printk => 0x2473fc
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_xen_hello_world => 0xa03000 (.livepatch.funcs)
(XEN) livepatch_elf.c:343: livepatch: xen_hello_world: Symbol resolved: livepatch_unload_data_hi_func => 0xa03080 (.livepatch.hooks.unload)
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.preapply is missing
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.apply is missing
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.postapply is missing
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.prerevert is missing
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.revert is missing
(XEN) livepatch.c:533: livepatch: xen_hello_world: .livepatch.hooks.postrevert is missing
(XEN) alternatives: Patching with alt table 0000000000a04052 -> 0000000000a0405e
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol apply_hook
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol revert_hook
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol hi_func
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol check_fnc
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol __func__.4898
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol __func__.4902
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol hello_world_patch_this_fnc
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol cnt
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_load_data_hi_func
(XEN) livepatch.c:988: livepatch: xen_hello_world: overriding symbol xen_hello_world
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_unload_data_check_fnc
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_load_data_apply_hook
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_unload_data_revert_hook
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_xen_hello_world
(XEN) livepatch.c:982: livepatch: xen_hello_world: new symbol livepatch_unload_data_hi_func
oot@hikey960:/# xen-livepatch list
 ID                                     | status     | metadata
----------------------------------------+------------+---------------
xen_hello_world                         | CHECKED    | LIVEPATCH_RULEZ
root@hikey960:/# xl debug-keys x
(XEN) 'x' pressed - Dumping all livepatch patches
(XEN) build-id: 8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
(XEN)  name=xen_hello_world state=CHECKED(1) 0000000000a02000 (.data=0000000000a03000, .rodata=0000000000a04000) using 3 pages.
(XEN) livepatch: module metadata:
(XEN) livepatch:   LIVEPATCH_RULEZ
(XEN)     xen_extra_version patch 0000000000242158(12) with 0000000000a02000 (16)
(XEN) build-id=50159adec7aaec9dae8a6ce3ac6c2d5f9e825bff
(XEN) depend-on=8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
(XEN) depend-on-xen=8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
root@hikey960:/# xen-livepatch unload xen_hello_world
Unloading xen_hello_world... failed
Error 22: Invalid argument
root@hikey960:/# xen-livepatch list
 ID                                     | status     | metadata
----------------------------------------+------------+---------------
xen_hello_world                         | CHECKED    | LIVEPATCH_RULEZ


Thoughts?
Wieczorkiewicz, Pawel Nov. 20, 2019, 10:05 a.m. UTC | #2
> On 20. Nov 2019, at 03:25, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> wrote:
> 
> On Thu, Nov 14, 2019 at 01:06:41PM +0000, Pawel Wieczorkiewicz wrote:
>> This series introduces new features to the livepatch functionality as
>> briefly discussed during Xen Developer Summit 2019: [a] and [b].
>> It also provides a few fixes and some small improvements.
>> 
>> Main changes in v4:
>> - Fix various typos and minor issues
>> - Simplify arch_livepatch_{apply,revert} by using
>>  common_livepatch_{apply,revert}
>> - Improve python bindings and fix few issues
> 
> This is https://github.com/konradwilk/xen.git (your patches on top of staging):
> 
> On ARM64:
> root@hikey960:/home/linaro# xl info
> 

<snip>

> root@hikey960:/home/linaro/xen.git/xen/test/livepatch# xen-livepatch load xen_hello_world.livepatch 
> Uploading xen_hello_world.livepatch... completed
> Applying xen_hello_world... failed
> Error 22: Invalid argument
> Unloading xen_hello_world... failed
> Error 22: Invalid argument
> root@hikey960:/home/linaro/xen.git/xen/test/livepatch# git log
> commit 9f5f25f07a64e1b447f7bd124182a1c5ef422d6f
> Author: Pawel Wieczorkiewicz <wipawel@amazon.de>
> Date:   Thu Nov 14 13:06:52 2019 +0000
> 
>    livepatch: Add metadata runtime retrieval mechanism
> ...
> 
> 

<snip>

> oot@hikey960:/# xen-livepatch list
> ID                                     | status     | metadata
> ----------------------------------------+------------+---------------
> xen_hello_world                         | CHECKED    | LIVEPATCH_RULEZ
> root@hikey960:/# xl debug-keys x
> (XEN) 'x' pressed - Dumping all livepatch patches
> (XEN) build-id: 8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
> (XEN)  name=xen_hello_world state=CHECKED(1) 0000000000a02000 (.data=0000000000a03000, .rodata=0000000000a04000) using 3 pages.
> (XEN) livepatch: module metadata:
> (XEN) livepatch:   LIVEPATCH_RULEZ
> (XEN)     xen_extra_version patch 0000000000242158(12) with 0000000000a02000 (16)
> (XEN) build-id=50159adec7aaec9dae8a6ce3ac6c2d5f9e825bff
> (XEN) depend-on=8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
> (XEN) depend-on-xen=8bf9ec5fc0053f4d4fc3b7d256b66ec86f8e5ccc
> root@hikey960:/# xen-livepatch unload xen_hello_world
> Unloading xen_hello_world... failed
> Error 22: Invalid argument
> root@hikey960:/# xen-livepatch list
> ID                                     | status     | metadata
> ----------------------------------------+------------+---------------
> xen_hello_world                         | CHECKED    | LIVEPATCH_RULEZ
> 
> 
> Thoughts? 

Yes, this hunk is missing (somehow it did not make it to the v5 patchset, sorry):

diff --git a/tools/libxc/xc_misc.c b/tools/libxc/xc_misc.c
index 7747ea83aa..0b21a6aca4 100644
--- a/tools/libxc/xc_misc.c
+++ b/tools/libxc/xc_misc.c
@@ -976,6 +976,7 @@ static int _xc_livepatch_action(xc_interface *xch,
     sysctl.u.livepatch.u.action.cmd = action;
     sysctl.u.livepatch.u.action.timeout = timeout;
     sysctl.u.livepatch.u.action.flags = flags;
+    sysctl.u.livepatch.u.action.pad = 0;

     sysctl.u.livepatch.u.action.name = def_name;
     set_xen_guest_handle(sysctl.u.livepatch.u.action.name.name, name);


Best Regards,
Pawel Wieczorkiewicz






Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Ralf Herbrich
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Konrad Rzeszutek Wilk Nov. 21, 2019, 1:09 a.m. UTC | #3
> Yes, this hunk is missing (somehow it did not make it to the v5 patchset, sorry):
> 
> diff --git a/tools/libxc/xc_misc.c b/tools/libxc/xc_misc.c
> index 7747ea83aa..0b21a6aca4 100644
> --- a/tools/libxc/xc_misc.c
> +++ b/tools/libxc/xc_misc.c
> @@ -976,6 +976,7 @@ static int _xc_livepatch_action(xc_interface *xch,
>      sysctl.u.livepatch.u.action.cmd = action;
>      sysctl.u.livepatch.u.action.timeout = timeout;
>      sysctl.u.livepatch.u.action.flags = flags;
> +    sysctl.u.livepatch.u.action.pad = 0;
> 
>      sysctl.u.livepatch.u.action.name = def_name;
>      set_xen_guest_handle(sysctl.u.livepatch.u.action.name.name, name);

That did it! With that I can test the livepatches on ARM[32,64].

Let me squash that in "livepatch: Allow to override inter-modules buildid dependency"

See:
https://github.com/konradwilk/xen.git  #livepatch.aws.v5