From patchwork Wed Jul 26 19:47:52 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Konrad Rzeszutek Wilk X-Patchwork-Id: 9865731 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 597576038F for ; Wed, 26 Jul 2017 19:51:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C1EC281E1 for ; Wed, 26 Jul 2017 19:51:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4101C2866C; Wed, 26 Jul 2017 19:51:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,RCVD_IN_SORBS_SPAM,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3573A287BF for ; Wed, 26 Jul 2017 19:51:02 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1daSIW-0008UI-6c; Wed, 26 Jul 2017 19:48:44 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1daSIV-0008U1-6K for xen-devel@lists.xenproject.org; Wed, 26 Jul 2017 19:48:43 +0000 Received: from [193.109.254.147] by server-7.bemta-6.messagelabs.com id 33/04-03557-A12F8795; Wed, 26 Jul 2017 19:48:42 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrGIsWRWlGSWpSXmKPExsVyMfTGQV3JTxW RBk8/mFl83zKZyYHR4/CHKywBjFGsmXlJ+RUJrBkv3+1gLzjIX/Gn9SBrA+Nd7i5GLg4hgRmM Eodau5i6GDk5WAQ+sEj8nZABYksITGOVWLdYCsKOk+g8cYi5i5EDyK6Q+DUhECQsJKAksWXyY 0aIOc+ZJI60LWEBSQgL6ElM/nabEcRmE9CXeLr2GjOILSKQJ9G1vwHMZhZwk5jX8wmq3kbiz8 cWZogbVCXab20Cu4dXwEyi928vM8QN8hITe6eBzeQUMJd4/+wZE8QRZhLd95oZJzAKLmBkWMW oUZxaVJZapGtkqJdUlJmeUZKbmJmja2hgppebWlycmJ6ak5hUrJecn7uJERhuDECwg/HPsoBD jJIcTEqivJNMKyKF+JLyUyozEosz4otKc1KLDzHKcHAoSfC2fQDKCRalpqdWpGXmAAMfJi3Bw aMkwrsDJM1bXJCYW5yZDpE6xWjJceXKui9MHFMObAeSryb8/8YkxJKXn5cqJc5bDNIgANKQUZ oHNw4WnZcYZaWEeRmBDhTiKUgtys0sQZV/xSjOwagkzLsOZApPZl4J3NZXQAcxAR00Z0YpyEE liQgpqQbGwDV7/uqn3PJxnu2+YPGaY84fpy2wVlsTEfA1+Ph+S5eyP/Hhb8WVGlb3rk+dpnIj qYPhxvuwrjcfnt9oZEwSP2pqncS50sJ4YsATH94DDyffiI7+Vex8JIiRpVrzjOHzqDKlpbHWz mKWd+7Yai99IrjwscxEPXOWpGWP9wqEL+XbfWqNnuEnJZbijERDLeai4kQA8CIHtMkCAAA= X-Env-Sender: ketuzsezr@gmail.com X-Msg-Ref: server-6.tower-27.messagelabs.com!1501098520!109202023!1 X-Originating-IP: [209.85.216.193] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30680 invoked from network); 26 Jul 2017 19:48:41 -0000 Received: from mail-qt0-f193.google.com (HELO mail-qt0-f193.google.com) (209.85.216.193) by server-6.tower-27.messagelabs.com with AES128-GCM-SHA256 encrypted SMTP; 26 Jul 2017 19:48:41 -0000 Received: by mail-qt0-f193.google.com with SMTP id t37so5007690qtg.2 for ; Wed, 26 Jul 2017 12:48:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=YloT3Vl/6wQk9o/2HQgCKNa+5Bkk8CT+jgR1xOq2AAQ=; b=YZuK8ENibitbcn2wkxzFu4k9O+3cIuiVEp6Zl1++vWaOqjH6G6mjxzPC87oDpKGVHw QrtWcEqK4TUlUUkD8P7QHe0P/ulHVb/30R6KsElSA9F3LMmnxPUiJ8S1yGtOSit4SxDN 9ig2Mr5uHR9d5dN3cN5aBhHRAvlnZ22THRWFSVqRG+72ScQDW5jCScxX0rxkuP+bmNqT gHozj2s/JgGIXcZrPaYUWFfR3iUISDH/2PC0seMgT0rtLSxe2/G/otqY+e0B+9lU47Tn jawjfH6ssojb5hgWwa5fK3Dsz9NoL7eqCYPYCz5mZoVykuSUbfLTMGppGPkdylcJENyS 0VfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=YloT3Vl/6wQk9o/2HQgCKNa+5Bkk8CT+jgR1xOq2AAQ=; b=F14m1Y4YuO2yNel0tml7Qxs4vzWujEOECzJ5V8SscPvOZQNXipM2EuIhu0aASanZQ7 jKk57y/zx04o0CE7kr+IaBrnrcvknNYCOczuid/8ZIrFJnf/ZQ4dNjQ0CQj2y+qglJhJ ncS/nBVVszmZTMjMRgSldykxqMEaBke4+M5y5W9+TTzdCzoLF3PmtEafbixzA5jAbkTR IiI14arqXWu3KtaQMUhCn4TGQe01oW2/Idr1ttRfLfu47cvP2GJtUD/pq0xq4x23i/LE 7xxOJUiSNPkYsWH04YCmvOAeAYhu9WAZqorQ5O0LHQ+wyw9eMUQg+C/WNQDQsHuqdtRg tF4w== X-Gm-Message-State: AIVw113A3IbRFzolX9IwRuDLy2YfoOdlon9ATcF6o3sZcuEqZCoMwAeu c4xQoXnOSCzd6Bxs X-Received: by 10.200.43.21 with SMTP id 21mr3103624qtu.178.1501098520493; Wed, 26 Jul 2017 12:48:40 -0700 (PDT) Received: from dhcp-amer-vpn-adc-anyconnect-10-154-174-211.vpn.oracle.com (209-6-200-48.s4398.c3-0.smr-ubr2.sbo-smr.ma.cable.rcncustomer.com. [209.6.200.48]) by smtp.gmail.com with ESMTPSA id m22sm13305504qtm.15.2017.07.26.12.48.39 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 26 Jul 2017 12:48:39 -0700 (PDT) From: Konrad Rzeszutek Wilk To: xen-devel@lists.xenproject.org, julien.grall@arm.com, sstabellini@kernel.org, andrew.cooper3@citrix.com Date: Wed, 26 Jul 2017 15:47:52 -0400 Message-Id: <20170726194756.20265-2-konrad@kernel.org> X-Mailer: git-send-email 2.13.3 In-Reply-To: <20170726194756.20265-1-konrad@kernel.org> References: <20170726194756.20265-1-konrad@kernel.org> Cc: jbeulich@suse.com Subject: [Xen-devel] [PATCH v2 1/5] livepatch: Tighten alignment checks. X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Konrad Rzeszutek Wilk The ELF specification mentions nothing about the sh_size being modulo the sh_addralign. Only that sh_addr MUST be aligned on sh_addralign if sh_addralign is not zero or one. We on loading did not take this in-to account so this patch adds a check on the ELF file as it is being parsed. Signed-off-by: Konrad Rzeszutek Wilk --- v1: Initial patch v2: Drop the check when loading it in memory Add check for alignment being anything but power of two (ignoring 0, and 1) Change dprintk to include hex values and print addr not size. --- xen/common/livepatch_elf.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c index b69e2718dd..4dc1b68871 100644 --- a/xen/common/livepatch_elf.c +++ b/xen/common/livepatch_elf.c @@ -86,6 +86,19 @@ static int elf_resolve_sections(struct livepatch_elf *elf, const void *data) delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past end"); return -EINVAL; } + else if ( sec[i].sec->sh_addralign > 1 && + sec[i].sec->sh_addr % sec[i].sec->sh_addralign ) + { + dprintk(XENLOG_ERR, LIVEPATCH "%s: Section [%u] addr (%#"PRIxElfAddr") is not aligned properly (%#"PRIxElfAddr")\n", + elf->name, i, sec[i].sec->sh_addr, sec[i].sec->sh_addralign); + return -EINVAL; + } + else if ( sec[i].sec->sh_addralign > 1 && sec[i].sec->sh_addralign % 2 ) + { + dprintk(XENLOG_ERR, LIVEPATCH "%s: Section [%u] alignment (%#"PRIxElfAddr") is not supported\n", + elf->name, i, sec[i].sec->sh_addralign); + return -EOPNOTSUPP; + } else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) && sec[i].sec->sh_type == SHT_NOBITS && sec[i].sec->sh_size > LIVEPATCH_MAX_SIZE )