From patchwork Thu Aug 8 12:48:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11084089 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5A3AA14DB for ; Thu, 8 Aug 2019 12:50:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4684328A8F for ; Thu, 8 Aug 2019 12:50:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 380AB28B21; Thu, 8 Aug 2019 12:50:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_ADSP_ALL, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C5EA428A8F for ; Thu, 8 Aug 2019 12:50:28 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hvhqT-0005h1-BG; Thu, 08 Aug 2019 12:48:41 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hvhqR-0005gw-Tb for xen-devel@lists.xen.org; Thu, 08 Aug 2019 12:48:39 +0000 X-Inumbo-ID: d7c595f7-b9da-11e9-8980-bc764e045a96 Received: from smtp-fw-2101.amazon.com (unknown [72.21.196.25]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTPS id d7c595f7-b9da-11e9-8980-bc764e045a96; Thu, 08 Aug 2019 12:48:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1565268518; x=1596804518; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=eAv3PQrHbGS7ayoKuo5sudyqQS72GJzUecBqKPQzui4=; b=Dg1VaLrLzGByeWN9lfzOhcbF3eECsVcAomOKjNOw8HEgdLZ8bMNioKpn 0g5cKZ+c/tv8SEDaVB+4U6RQvwhe4XEfxFvD+mFmo/AFG5LBlZFP8kgFr kem6XQkiaL+MHgsfGJANE0HJElGlxDmSxlRBAcf1J/vyzlTPoLilVGVG+ 4=; X-IronPort-AV: E=Sophos;i="5.64,361,1559520000"; d="scan'208";a="745774240" Received: from iad6-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-2a-c5104f52.us-west-2.amazon.com) ([10.124.125.2]) by smtp-border-fw-out-2101.iad2.amazon.com with ESMTP; 08 Aug 2019 12:48:37 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2a-c5104f52.us-west-2.amazon.com (Postfix) with ESMTPS id 28B02A274A; Thu, 8 Aug 2019 12:48:37 +0000 (UTC) Received: from EX13D05EUB003.ant.amazon.com (10.43.166.253) by EX13MTAUEA001.ant.amazon.com (10.43.61.82) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 8 Aug 2019 12:48:36 +0000 Received: from EX13MTAUEA001.ant.amazon.com (10.43.61.82) by EX13D05EUB003.ant.amazon.com (10.43.166.253) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 8 Aug 2019 12:48:35 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.61.243) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Thu, 8 Aug 2019 12:48:34 +0000 From: Pawel Wieczorkiewicz To: Date: Thu, 8 Aug 2019 12:48:31 +0000 Message-ID: <20190808124831.10094-1-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20190416122241.28342-2-wipawel@amazon.de> References: <20190416122241.28342-2-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [livepatch-build-tools part3 v2 2/3] create-diff-object: Extend patchability verification: STN_UNDEF X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: mpohlack@amazon.de, ross.lagerwall@citrix.com, Pawel Wieczorkiewicz , konrad.wilk@oracle.com Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP During verification check if all sections do not contain any entries with undefined symbols (STN_UNDEF). This situation can happen when a section is copied over from its original object to a patched object, but various symbols related to the section are not copied along. This scenario happens typically during stacked hotpatches creation (between 2 different hotpatch modules). Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Martin Pohlack Reviewed-by: Bjoern Doebel Reviewed-by: Norbert Manthey Reviewed-by: Andra-Irina Paraschiv --- v2: * Refactored code by creating a new function kpatch_section_has_undef_symbols() for the complicated multi-loop code of kpatch_verify_patchability(). Hopefully this makes code more readable and easier to maintain. * Kept lines limits to 80 chars (whereever possible) * Detection of an undefined symbol counts as a single error --- create-diff-object.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/create-diff-object.c b/create-diff-object.c index 41adb09..e905131 100644 --- a/create-diff-object.c +++ b/create-diff-object.c @@ -1531,6 +1531,61 @@ static void kpatch_print_changes(struct kpatch_elf *kelf) } } +static inline int get_section_entry_size(const struct section *sec, + struct kpatch_elf *kelf) +{ + int entry_size; + + /* + * Base sections typically do not define fixed size elements. + * Detect section's element size in case it's a special section. + * Otherwise, skip it due to an unknown sh_entsize. + */ + entry_size = sec->sh.sh_entsize; + if (entry_size == 0) { + struct special_section *special; + + /* Find special section group_size. */ + for (special = special_sections; special->name; special++) { + if (!strcmp(sec->name, special->name)) + return special->group_size(kelf, 0); + } + } + + return entry_size; +} + +static int kpatch_section_has_undef_symbols(struct kpatch_elf *kelf, + const struct section *sec) +{ + int offset, entry_size; + struct rela *rela; + size_t d_size; + + entry_size = get_section_entry_size(sec, kelf); + if (entry_size == 0) + return false; + + d_size = sec->base->data->d_size; + for ( offset = 0; offset < d_size; offset += entry_size ) { + list_for_each_entry(rela, &sec->relas, list) { + if (rela->offset < offset || + rela->offset >= offset + entry_size) { + continue; + } + + if ((GELF_R_SYM(rela->rela.r_info) == STN_UNDEF) || + (!rela->sym->include && rela->sym->status == SAME)) { + log_normal("section %s has an entry with a STN_UNDEF symbol: %s\n", + sec->name, rela->sym->name ?: "none"); + return true; + } + } + } + + return false; +} + static void kpatch_verify_patchability(struct kpatch_elf *kelf) { struct section *sec; @@ -1563,6 +1618,17 @@ static void kpatch_verify_patchability(struct kpatch_elf *kelf) errs++; } } + + /* Check if a RELA section does not contain any entries with + * undefined symbols (STN_UNDEF). This situation can happen + * when a section is copied over from its original object to + * a patched object, but various symbols related to the section + * are not copied along. + */ + if (is_rela_section(sec)) { + if (kpatch_section_has_undef_symbols(kelf, sec)) + errs++; + } } /* From patchwork Thu Aug 8 12:51:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11084091 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E6A7614DB for ; Thu, 8 Aug 2019 12:53:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D65F828B24 for ; Thu, 8 Aug 2019 12:53:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CABB528B2A; Thu, 8 Aug 2019 12:53:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_ADSP_ALL, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 391F728B24 for ; Thu, 8 Aug 2019 12:53:10 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hvhtO-0006ZI-EH; Thu, 08 Aug 2019 12:51:42 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hvhtN-0006ZC-RR for xen-devel@lists.xen.org; Thu, 08 Aug 2019 12:51:41 +0000 X-Inumbo-ID: 43c9a89c-b9db-11e9-825c-5fd9348e5a7e Received: from smtp-fw-9102.amazon.com (unknown [207.171.184.29]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 43c9a89c-b9db-11e9-825c-5fd9348e5a7e; Thu, 08 Aug 2019 12:51:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1565268700; x=1596804700; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=OqYDu0bXY1dyBC/BERETSK+NvkzclTuq/w1ObidLevs=; b=TNAHMkODdpVMXAgLsegAoMx6Qf/yHsZuvBCML71lhM0U6U0gOYC7v5U4 eezsfbJ8XbYjgKHkA8RYciNyQ0PMqiYQaN5tFkudpnIImZmffqwaHYcqd PG6B9cV53gVJA+c+hFfoecfh1mNyhKcZ1QkD5nf+D2V3WQHExVqM3gIau 0=; X-IronPort-AV: E=Sophos;i="5.64,361,1559520000"; d="scan'208";a="692038391" Received: from sea3-co-svc-lb6-vlan3.sea.amazon.com (HELO email-inbound-relay-2a-c5104f52.us-west-2.amazon.com) ([10.47.22.38]) by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP; 08 Aug 2019 12:51:39 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2a-c5104f52.us-west-2.amazon.com (Postfix) with ESMTPS id CEB55A25F6; Thu, 8 Aug 2019 12:51:38 +0000 (UTC) Received: from EX13D05EUC002.ant.amazon.com (10.43.164.231) by EX13MTAUEA001.ant.amazon.com (10.43.61.82) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 8 Aug 2019 12:51:37 +0000 Received: from EX13MTAUEB001.ant.amazon.com (10.43.60.96) by EX13D05EUC002.ant.amazon.com (10.43.164.231) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Thu, 8 Aug 2019 12:51:36 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.60.129) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Thu, 8 Aug 2019 12:51:35 +0000 From: Pawel Wieczorkiewicz To: Date: Thu, 8 Aug 2019 12:51:32 +0000 Message-ID: <20190808125132.10484-1-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20190416122241.28342-3-wipawel@amazon.de> References: <20190416122241.28342-3-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [livepatch-build-tools part3 v2 3/3] create-diff-object: Strip all undefined entires of known size X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: mpohlack@amazon.de, ross.lagerwall@citrix.com, Pawel Wieczorkiewicz , konrad.wilk@oracle.com Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP The patched ELF object file contains all sections and symbols as resulted from the compilation. However, certain symbols may not be copied over to the resulting object file, due to being unchanged or not included for other reasons. In such situation the resulting object file has the entire sections copied along (with all their entries unchanged), while some of the corresponding symbols are not copied along at all. This leads to having incorrect undefined (STN_UNDEF) entries in the final hotpatch ELF file. The newly added function livepatch_strip_undefined_elements() detects and removes all undefined RELA entries as well as their corresponding PROGBITS section entries. Since the sections may contain elements of unknown size (sh.sh_entsize == 0), perform the strip only on sections with well defined entry sizes. After replacing the stripped rela list, it is assumed that the next invocation of the kpatch_rebuild_rela_section_data() will adjust all section header parameters according to the current state. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Martin Pohlack Reviewed-by: Bjoern Doebel Reviewed-by: Norbert Manthey Reviewed-by: Andra-Irina Paraschiv --- v2: * Kept lines limits to 80 chars (whereever possible) * Fixed commit message --- create-diff-object.c | 131 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 129 insertions(+), 2 deletions(-) diff --git a/create-diff-object.c b/create-diff-object.c index e905131..f352704 100644 --- a/create-diff-object.c +++ b/create-diff-object.c @@ -1555,6 +1555,13 @@ static inline int get_section_entry_size(const struct section *sec, return entry_size; } +/* Check if RELA entry has undefined or unchanged/not-included symbols. */ +static inline bool has_rela_undefined_symbol(const struct rela *rela) +{ + return (GELF_R_SYM(rela->rela.r_info) == STN_UNDEF) || + (!rela->sym->include && (rela->sym->status == SAME)); +} + static int kpatch_section_has_undef_symbols(struct kpatch_elf *kelf, const struct section *sec) { @@ -1574,8 +1581,7 @@ static int kpatch_section_has_undef_symbols(struct kpatch_elf *kelf, continue; } - if ((GELF_R_SYM(rela->rela.r_info) == STN_UNDEF) || - (!rela->sym->include && rela->sym->status == SAME)) { + if (has_rela_undefined_symbol(rela)) { log_normal("section %s has an entry with a STN_UNDEF symbol: %s\n", sec->name, rela->sym->name ?: "none"); return true; @@ -1989,6 +1995,125 @@ static void livepatch_create_patches_sections(struct kpatch_elf *kelf, } +/* + * The patched ELF object file contains all sections and symbols as resulted + * from the compilation. However, certain symbols may not be copied over to + * the resulting object file, due to being unchanged or not included for other + * reasons. + * In such situation the resulting object file has the entire sections copied + * along (with all their entries unchanged), while some of the corresponding + * symbols are not copied along at all. + * This leads to having incorrect dummy (STN_UNDEF) entries in the final + * hotpatch ELF file. + * This functions removes all undefined entries of known size from both + * RELA and PROGBITS sections of the patched elf object. + */ +static void livepatch_strip_undefined_elements(struct kpatch_elf *kelf) +{ + struct section *sec; + + list_for_each_entry(sec, &kelf->sections, list) { + struct rela *rela, *safe; + int src_offset = 0, dst_offset = 0; + int entry_size, align, aligned_size; + char *src, *dst; + LIST_HEAD(newrelas); + + /* use RELA section to find all its undefined entries */ + if (!is_rela_section(sec)) + continue; + + /* only known, fixed-size entries can be stripped */ + entry_size = get_section_entry_size(sec->base, kelf); + if (entry_size == 0) + continue; + + /* alloc buffer for new base section */ + dst = malloc(sec->base->sh.sh_size); + if (!dst) + ERROR("malloc"); + + /* + * Iterate through all entries of a corresponding base section + * for this RELA section. + */ + for ( src = sec->base->data->d_buf; + src_offset < sec->base->sh.sh_size; + src_offset += entry_size ) { + bool found_valid = false; + + list_for_each_entry_safe(rela, safe, &sec->relas, list) { + /* + * Check all RELA elements looking for + * corresponding entry references. + */ + if (rela->offset < src_offset || + rela->offset >= src_offset + entry_size) { + continue; + } + + /* + * Ignore all undefined (STN_UNDEF) or + * unchanged/not-included elements. + */ + if (has_rela_undefined_symbol(rela)) { + log_normal("Found a STN_UNDEF symbol %s in section %s\n", + rela->sym->name, sec->name); + continue; + } + + /* + * A correct match has been found, so move it + * to a new list. Original list will be destroyed + * along with the entire kelf object, so the + * reference must be preserved. + */ + found_valid = true; + list_del(&rela->list); + list_add_tail(&rela->list, &newrelas); + + rela->offset -= src_offset - dst_offset; + rela->rela.r_offset = rela->offset; + } + + /* there is a valid RELA entry, so copy current entry */ + if (found_valid) { + /* copy base section group */ + memcpy(dst + dst_offset, src + src_offset, entry_size); + dst_offset += entry_size; + } + } + + /* verify that entry_size is a divisor of aligned section size */ + align = sec->base->sh.sh_addralign; + aligned_size = ((sec->base->sh.sh_size + align - 1) / align) * align; + if (src_offset != aligned_size) { + ERROR("group size mismatch for section %s\n", + sec->base->name); + } + + if (!dst_offset) { + /* no changed or global functions referenced */ + sec->status = sec->base->status = SAME; + sec->include = sec->base->include = 0; + free(dst); + continue; + } + + /* overwrite with new relas list */ + list_replace(&newrelas, &sec->relas); + + /* + * Update text section data buf and size. + * + * The rela section's data buf and size will be + * regenerated in kpatch_rebuild_rela_section_data(). + */ + sec->base->data->d_buf = dst; + sec->base->data->d_size = dst_offset; + } +} + static int is_null_sym(struct symbol *sym) { return !strlen(sym->name); @@ -2185,6 +2310,8 @@ int main(int argc, char *argv[]) log_debug("Process special sections\n"); kpatch_process_special_sections(kelf_patched); + log_debug("Strip undefined elements of known size\n"); + livepatch_strip_undefined_elements(kelf_patched); log_debug("Verify patchability\n"); kpatch_verify_patchability(kelf_patched);