From patchwork Wed Oct 14 15:31:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Andryuk X-Patchwork-Id: 11837963 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F1DFE14B3 for ; Wed, 14 Oct 2020 15:32:59 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B30332222A for ; Wed, 14 Oct 2020 15:32:59 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="BFnSVUGu" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B30332222A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.6778.17839 (Exim 4.92) (envelope-from ) id 1kSiky-00075o-4H; Wed, 14 Oct 2020 15:32:00 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 6778.17839; Wed, 14 Oct 2020 15:32:00 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kSiky-00075h-17; Wed, 14 Oct 2020 15:32:00 +0000 Received: by outflank-mailman (input) for mailman id 6778; Wed, 14 Oct 2020 15:31:58 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kSikw-00075c-NH for xen-devel@lists.xenproject.org; Wed, 14 Oct 2020 15:31:58 +0000 Received: from mail-il1-x143.google.com (unknown [2607:f8b0:4864:20::143]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 5d3a6679-e39a-4e85-96f0-af1d0d789080; Wed, 14 Oct 2020 15:31:57 +0000 (UTC) Received: by mail-il1-x143.google.com with SMTP id y16so5653887ila.7 for ; Wed, 14 Oct 2020 08:31:57 -0700 (PDT) Received: from pm2-ws13.praxislan02.com ([2001:470:8:67e:ba27:ebff:fee8:ce27]) by smtp.gmail.com with ESMTPSA id 141sm3542028ile.28.2020.10.14.08.31.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Oct 2020 08:31:55 -0700 (PDT) Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kSikw-00075c-NH for xen-devel@lists.xenproject.org; Wed, 14 Oct 2020 15:31:58 +0000 X-Inumbo-ID: 5d3a6679-e39a-4e85-96f0-af1d0d789080 Received: from mail-il1-x143.google.com (unknown [2607:f8b0:4864:20::143]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 5d3a6679-e39a-4e85-96f0-af1d0d789080; Wed, 14 Oct 2020 15:31:57 +0000 (UTC) Received: by mail-il1-x143.google.com with SMTP id y16so5653887ila.7 for ; Wed, 14 Oct 2020 08:31:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=A231TBZ2Ivah9yjc9zzpIQqITm/85+M+9V1kUfCUUSo=; b=BFnSVUGuztDOl1NOlhPYRd20LtlvlhDxHd3bdOQP4eNv/E5yzhhbp9x8MAUBuO2dCh 4nmXEm1SkeaPwANH0C5hex8WjEOTXZrjgwY0DkwoQCFa6GoMS7qMuyBJz2AhWY3rMEoy V4DxZmE8g6K3wJxLNczxJDgB2KklQNASAchny4fVNLPamBZz1/7rCSFM+lAH9/XgMK81 lZLlELRXAZLy0B6mXHDIFKszFiLHsDE6YS5L4XaLxpGXoJ/Cx2k5qczBD2aACMh2nxSz 2nZ8eBkYlxLg9eZhYc/Exf4diSL0Y0j38zNQ1W3uq/SK2UzKNtiRda0zzpTCo4ugVhvP 0FbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=A231TBZ2Ivah9yjc9zzpIQqITm/85+M+9V1kUfCUUSo=; b=j9zVFrHAOmjZ23YrF+5oHak20WF7gtFe461dY6E+t/vLQ0HwcclmOx/etr/dkL1WyJ kTXR7Uqhldl9ynW9CtQENIvPvcJiz/dZaQiZvuuxoP2AMEu/CkY8kCoB3IVSh0l0a2DX YHZ4a6CjDFhz74yLKx/jfVYZdyBhm+wceZnMfMGnpZIJfJ7TR/SQMFiwcog9jrvAzCog ve+ZZfN8OcH2thPkbCC76b1ettAfxZaYXaGGBALYrMMJlrSc/81qUsXmL+8hzOUQHIP1 Id07KIAGgaFrpL4nfWLsuyYMlcZFF9FJq0axt4dRQnBWrdjFID36svcXMG/vQzT3xUnl jHkg== X-Gm-Message-State: AOAM533hx57jDbHL7v/UYoyZYmHuDvJElrynkQIh8vm1uQMDcuvkE6lo D9RIpEvqtc+HlhHipNhtbVJfdcsw5I8= X-Google-Smtp-Source: ABdhPJzsp9g+E+vLo8j/uENquVupd52HoH9TyanLD0kh6vg7z+YchUEKn1xkMdzWqAgQd2M9qiJf8w== X-Received: by 2002:a92:c88e:: with SMTP id w14mr4005759ilo.185.1602689516859; Wed, 14 Oct 2020 08:31:56 -0700 (PDT) Received: from pm2-ws13.praxislan02.com ([2001:470:8:67e:ba27:ebff:fee8:ce27]) by smtp.gmail.com with ESMTPSA id 141sm3542028ile.28.2020.10.14.08.31.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Oct 2020 08:31:55 -0700 (PDT) From: Jason Andryuk To: xen-devel@lists.xenproject.org Cc: Jason Andryuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu Subject: [PATCH] libelf: Handle PVH kernels lacking ENTRY elfnote Date: Wed, 14 Oct 2020 11:31:50 -0400 Message-Id: <20201014153150.83875-1-jandryuk@gmail.com> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Linux kernels only have an ENTRY elfnote when built with CONFIG_PV. A kernel build CONFIG_PVH=y CONFIG_PV=n lacks the note. In this case, virt_entry will be UNSET_ADDR, overwritten by the ELF header e_entry, and fail the check against the virt address range. Change the code to only check virt_entry against the virtual address range if it was set upon entry to the function. Signed-off-by: Jason Andryuk --- Maybe the overwriting of virt_entry could be removed, but I don't know if there would be unintended consequences where (old?) kernels don't have an elfnote, but do have an in-range e_entry? The failing kernel I just looked at has an e_entry of 0x1000000. Oh, it looks like Mini-OS doesn't set the entry ELFNOTE and relies on e_entry (of 0) to pass these checks. --- xen/common/libelf/libelf-dominfo.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/xen/common/libelf/libelf-dominfo.c b/xen/common/libelf/libelf-dominfo.c index 508f08db42..1ecf35166b 100644 --- a/xen/common/libelf/libelf-dominfo.c +++ b/xen/common/libelf/libelf-dominfo.c @@ -416,6 +416,7 @@ static elf_errorstatus elf_xen_note_check(struct elf_binary *elf, static elf_errorstatus elf_xen_addr_calc_check(struct elf_binary *elf, struct elf_dom_parms *parms) { + bool check_virt_entry = true; uint64_t virt_offset; if ( (parms->elf_paddr_offset != UNSET_ADDR) && @@ -456,8 +457,10 @@ static elf_errorstatus elf_xen_addr_calc_check(struct elf_binary *elf, parms->virt_kstart = elf->pstart + virt_offset; parms->virt_kend = elf->pend + virt_offset; - if ( parms->virt_entry == UNSET_ADDR ) + if ( parms->virt_entry == UNSET_ADDR ) { parms->virt_entry = elf_uval(elf, elf->ehdr, e_entry); + check_virt_entry = false; + } if ( parms->bsd_symtab ) { @@ -476,11 +479,17 @@ static elf_errorstatus elf_xen_addr_calc_check(struct elf_binary *elf, elf_msg(elf, " p2m_base = 0x%" PRIx64 "\n", parms->p2m_base); if ( (parms->virt_kstart > parms->virt_kend) || - (parms->virt_entry < parms->virt_kstart) || - (parms->virt_entry > parms->virt_kend) || (parms->virt_base > parms->virt_kstart) ) { - elf_err(elf, "ERROR: ELF start or entries are out of bounds\n"); + elf_err(elf, "ERROR: ELF start is out of bounds\n"); + return -1; + } + + if ( check_virt_entry && + ( (parms->virt_entry < parms->virt_kstart) || + (parms->virt_entry > parms->virt_kend) ) ) + { + elf_err(elf, "ERROR: ELF entry is out of bounds\n"); return -1; }