[0/2] Livepatch: support for livepatching CET functions

Message ID	cover.1646653825.git.doebel@amazon.de (mailing list archive)
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Bjoern Doebel <doebel@amazon.de> To: <xen-devel@lists.xenproject.org> CC: Michael Kurth <mku@amazon.de>, Martin Pohlack <mpohlack@amazon.de>, Roger Pau Monne <roger.pau@citrix.com>, Andrew Cooper <Andrew.Cooper3@citrix.com>, Bjoern Doebel <doebel@amazon.de> Subject: [PATCH 0/2] Livepatch: support for livepatching CET functions Date: Mon, 7 Mar 2022 11:53:51 +0000 Message-ID: <cover.1646653825.git.doebel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit
Series	Livepatch: support for livepatching CET functions \| expand [0/2] Livepatch: support for livepatching CET functions [1/2] Livepatch: resolve old address before function verification [2/2] xen/x86: Livepatch: support patching CET-enhanced functions

Message ID

cover.1646653825.git.doebel@amazon.de (mailing list archive)

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Bjoern Doebel <doebel@amazon.de>
To: <xen-devel@lists.xenproject.org>
CC: Michael Kurth <mku@amazon.de>, Martin Pohlack <mpohlack@amazon.de>, Roger
 Pau Monne <roger.pau@citrix.com>, Andrew Cooper <Andrew.Cooper3@citrix.com>,
	Bjoern Doebel <doebel@amazon.de>
Subject: [PATCH 0/2] Livepatch: support for livepatching CET functions
Date: Mon, 7 Mar 2022 11:53:51 +0000
Message-ID: <cover.1646653825.git.doebel@amazon.de>
MIME-Version: 1.0
Precedence: Bulk
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Series

Livepatch: support for livepatching CET functions | expand

Message

Doebel, Bjoern March 7, 2022, 11:53 a.m. UTC

This series enables support for livepatching functions compiled with
Intel CET support where we have to make sure we leave a potential
leading ENDBR64 instruction intact on livepatch application.

The series also requires a change to generic livepatching code: we need
to make sure that the address of the patched function is known at the
time Xen tries to verify the livepatch for applicability, hence we need
to resolve this address before verifying the patch.

Bjoern Doebel (2):
  Livepatch: resolve old address before function verification
  xen/x86: Livepatch: support patching CET-enhanced functions

 xen/arch/x86/livepatch.c | 63 +++++++++++++++++++++++++++++++++++-----
 xen/common/livepatch.c   |  4 +--
 2 files changed, 57 insertions(+), 10 deletions(-)