From patchwork Tue Nov 26 12:25:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262099 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D52C917F0 for ; Tue, 26 Nov 2019 12:26:30 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B2FA52071E for ; Tue, 26 Nov 2019 12:26:30 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="qSiWVF4L" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B2FA52071E Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuT-0004VA-2O; Tue, 26 Nov 2019 12:25:37 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuS-0004V2-FG for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:25:36 +0000 X-Inumbo-ID: d8dd05b0-1047-11ea-a39f-12813bfff9fa Received: from smtp-fw-9101.amazon.com (unknown [207.171.184.25]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id d8dd05b0-1047-11ea-a39f-12813bfff9fa; Tue, 26 Nov 2019 12:25:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771136; x=1606307136; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=HR6Q25AMByjcPXEWxExppHvMoBR8pEutP1d1RwP/93Y=; b=qSiWVF4LN2glUlY0/0RB+dS27oVaA1VMCDAoUFU+6AHQfpgqi+s8/zf1 LY41wqm0BC3qvH6GJvEEGrKxKxWq+ZK8yjSwokhAn/oOIyYtgwehf/yo1 fb3YAXSMUOQ2SnO4dInWTGle8EYSkT+zNmwvxNmU5zkozyZ2erXHUZRXj g=; IronPort-SDR: y1wg3m7RdO4awonVWlyS/OkxtNs6M35IFQdD2WdIGVK/25JaMk/Is7SL2HiABi1RK+dAp5gRF8 3IXodFi76iiA== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="1534199" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-2c-2225282c.us-west-2.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 26 Nov 2019 12:25:24 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2c-2225282c.us-west-2.amazon.com (Postfix) with ESMTPS id B127AA28F7; Tue, 26 Nov 2019 12:25:23 +0000 (UTC) Received: from EX13D03EUC004.ant.amazon.com (10.43.164.33) by EX13MTAUEA001.ant.amazon.com (10.43.61.243) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:23 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D03EUC004.ant.amazon.com (10.43.164.33) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:22 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:19 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:05 +0000 Message-ID: <20191126122511.7409-2-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 1/7] livepatch-build: Embed hypervisor build id into every hotpatch X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This change is part of a independant stacked hotpatch modules feature. This feature allows to bypass dependencies between modules upon loading, but still verifies Xen build ID matching. With stacked hotpatch modules it is essential that each and every hotpatch is verified against the hypervisor build id upon upload. It must not be possible to successfully upload hotpatches built for incorrect version of the hypervisor. To achieve that always embed an additional ELF section: '.livpatch.xen_depends' containing the hypervisor build id. The hypervisor build id must be always provided as a command line parameter: --xen-depends. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Andra-Irina Paraschiv Reviewed-by: Bjoern Doebel Reviewed-by: Norbert Manthey Reviewed-by: Ross Lagerwall --- livepatch-build | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/livepatch-build b/livepatch-build index b198c97..b8a1728 100755 --- a/livepatch-build +++ b/livepatch-build @@ -30,6 +30,7 @@ DEBUG=n XEN_DEBUG=n SKIP= DEPENDS= +XEN_DEPENDS= PRELINK= XENSYMS=xen-syms @@ -163,6 +164,9 @@ function create_patch() # Create a dependency section perl -e "print pack 'VVVZ*H*', 4, 20, 3, 'GNU', '${DEPENDS}'" > depends.bin + # Create a Xen dependency section + perl -e "print pack 'VVVZ*H*', 4, 20, 3, 'GNU', '${XEN_DEPENDS}'" > xen_depends.bin + echo "Creating patch module..." if [ -z "$PRELINK" ]; then ld -r -o "${PATCHNAME}.livepatch" --build-id=sha1 $(find output -type f -name "*.o") || die @@ -174,6 +178,9 @@ function create_patch() objcopy --add-section .livepatch.depends=depends.bin "${PATCHNAME}.livepatch" objcopy --set-section-flags .livepatch.depends=alloc,readonly "${PATCHNAME}.livepatch" + + objcopy --add-section .livepatch.xen_depends=xen_depends.bin "${PATCHNAME}.livepatch" + objcopy --set-section-flags .livepatch.xen_depends=alloc,readonly "${PATCHNAME}.livepatch" } usage() { @@ -189,12 +196,13 @@ usage() { echo " --xen-debug Build debug Xen (if your .config does not have the options)" >&2 echo " --xen-syms Build against a xen-syms" >&2 echo " --depends Required build-id" >&2 + echo " --xen-depends Required Xen build-id" >&2 echo " --prelink Prelink" >&2 } find_tools || die "can't find supporting tools" -options=$(getopt -o hs:p:c:o:j:k:d -l "help,srcdir:,patch:,config:,output:,cpus:,skip:,debug,xen-debug,xen-syms:,depends:,prelink" -- "$@") || die "getopt failed" +options=$(getopt -o hs:p:c:o:j:k:d -l "help,srcdir:,patch:,config:,output:,cpus:,skip:,debug,xen-debug,xen-syms:,depends:,xen-depends:,prelink" -- "$@") || die "getopt failed" eval set -- "$options" @@ -253,6 +261,11 @@ while [[ $# -gt 0 ]]; do DEPENDS="$1" shift ;; + --xen-depends) + shift + XEN_DEPENDS="$1" + shift + ;; --prelink) PRELINK=--resolve shift @@ -269,6 +282,7 @@ done [ -z "$configarg" ] && die ".config not given" [ -z "$outputarg" ] && die "Output directory not given" [ -z "$DEPENDS" ] && die "Build-id dependency not given" +[ -z "$XEN_DEPENDS" ] && die "Xen Build-id dependency not given" SRCDIR="$(readlink -m -- "$srcarg")" # We need an absolute path because we move around, but we need to From patchwork Tue Nov 26 12:25:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262095 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1966E15AC for ; Tue, 26 Nov 2019 12:26:29 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EB01E207DD for ; Tue, 26 Nov 2019 12:26:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="IROM1UsJ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EB01E207DD Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuV-0004Vi-Aa; Tue, 26 Nov 2019 12:25:39 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuU-0004VK-2B for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:25:38 +0000 X-Inumbo-ID: d75a4c16-1047-11ea-9db0-bc764e2007e4 Received: from smtp-fw-9102.amazon.com (unknown [207.171.184.29]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id d75a4c16-1047-11ea-9db0-bc764e2007e4; Tue, 26 Nov 2019 12:25:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771133; x=1606307133; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=izKKA+wKwfEoVJTsKECFNVnL3wIEG5gMZMHaSWBgQe8=; b=IROM1UsJHTTi9n4gqxaQ1cBnBYxi/1su0NgbjlB2UxfhVTUjG1Ne4+jG OcDaH2761XeWzzkA8ZhB6iMSJ/sW0BVV1aI6DxXoHVHvIK88SMvzdMO8a IsO0SgVLDkrnhtqSYaJiiBaEGyLVEVitkNkmwfaqC6BIzb7Faov/Dk/zJ Q=; IronPort-SDR: 6Q3H4L8iLlR0JmPACp1hQcKwhOc26mOUqxNrcEvjImPY3pXDuWDN1yXKqNPo7mEGNw9zz3CG/x QtTLV5oOWopg== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="9942806" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-2a-119b4f96.us-west-2.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP; 26 Nov 2019 12:25:27 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2a-119b4f96.us-west-2.amazon.com (Postfix) with ESMTPS id D136C1A4DAA; Tue, 26 Nov 2019 12:25:26 +0000 (UTC) Received: from EX13D03EUC002.ant.amazon.com (10.43.164.60) by EX13MTAUEA001.ant.amazon.com (10.43.61.82) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:26 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D03EUC002.ant.amazon.com (10.43.164.60) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:24 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:22 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:06 +0000 Message-ID: <20191126122511.7409-3-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 2/7] create-diff-object: Handle extra pre-|post- hooks X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Include new sections containing optional pre-, post- action hooks. The following new section names are supported: - .livepatch.hooks.preapply - .livepatch.hooks.postapply - .livepatch.hooks.prerevert - .livepatch.hooks.postrevert Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Ross Lagerwall --- create-diff-object.c | 67 ++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 13 deletions(-) diff --git a/create-diff-object.c b/create-diff-object.c index 8d63940..7ff56c7 100644 --- a/create-diff-object.c +++ b/create-diff-object.c @@ -1102,6 +1102,22 @@ static struct special_section special_sections[] = { .name = ".livepatch.hooks.unload", .group_size = livepatch_hooks_group_size, }, + { + .name = ".livepatch.hooks.preapply", + .group_size = livepatch_hooks_group_size, + }, + { + .name = ".livepatch.hooks.postapply", + .group_size = livepatch_hooks_group_size, + }, + { + .name = ".livepatch.hooks.prerevert", + .group_size = livepatch_hooks_group_size, + }, + { + .name = ".livepatch.hooks.postrevert", + .group_size = livepatch_hooks_group_size, + }, {}, }; @@ -1465,23 +1481,44 @@ static void kpatch_include_debug_sections(struct kpatch_elf *kelf) } } -static void kpatch_include_hook_elements(struct kpatch_elf *kelf) +#define IS_HOOK_SECTION(section, hook) ({ \ + !strcmp(((section))->name, ".livepatch.hooks." hook) || \ + !strcmp(((section))->name, ".rela.livepatch.hooks." hook); \ +}) + +#define IS_ACTION_HOOK_SECTION(section, action) ({ \ + IS_HOOK_SECTION(section, "pre" action) || \ + IS_HOOK_SECTION(section, "post" action); \ +}) + +#define IS_HOOK_SYM_NAME(symbol, hook) ({ \ + !strcmp(((symbol))->name, "livepatch_" hook "_data"); \ +}) + +#define IS_ACTION_HOOK_SYM_NAME(symbol, action) ({ \ + IS_HOOK_SYM_NAME(symbol, "pre" action) || \ + IS_HOOK_SYM_NAME(symbol, "post" action); \ +}) + +static int kpatch_include_hook_elements(struct kpatch_elf *kelf) { struct section *sec; struct symbol *sym; struct rela *rela; + int num_new_functions = 0; - /* include load/unload sections */ + /* include all supported hooks sections */ list_for_each_entry(sec, &kelf->sections, list) { - if (!strcmp(sec->name, ".livepatch.hooks.load") || - !strcmp(sec->name, ".livepatch.hooks.unload") || - !strcmp(sec->name, ".rela.livepatch.hooks.load") || - !strcmp(sec->name, ".rela.livepatch.hooks.unload")) { + if (IS_HOOK_SECTION(sec, "load") || + IS_HOOK_SECTION(sec, "unload") || + IS_ACTION_HOOK_SECTION(sec, "apply") || + IS_ACTION_HOOK_SECTION(sec, "revert")) { sec->include = 1; + num_new_functions++; if (is_rela_section(sec)) { /* include hook dependencies */ rela = list_entry(sec->relas.next, - struct rela, list); + struct rela, list); sym = rela->sym; log_normal("found hook: %s\n",sym->name); kpatch_include_symbol(sym, 0); @@ -1497,13 +1534,17 @@ static void kpatch_include_hook_elements(struct kpatch_elf *kelf) } /* - * Strip temporary global load/unload function pointer objects - * used by the kpatch_[load|unload]() macros. + * Strip temporary global function pointer objects for all + * supported hooks, used by the kpatch_[load|unload]() macros. */ list_for_each_entry(sym, &kelf->symbols, list) - if (!strcmp(sym->name, "livepatch_load_data") || - !strcmp(sym->name, "livepatch_unload_data")) + if (IS_HOOK_SYM_NAME(sym, "load") || + IS_HOOK_SYM_NAME(sym, "unload") || + IS_ACTION_HOOK_SYM_NAME(sym, "apply") || + IS_ACTION_HOOK_SYM_NAME(sym, "revert")) sym->include = 0; + + return num_new_functions; } static int kpatch_include_new_globals(struct kpatch_elf *kelf) @@ -2298,11 +2339,11 @@ int main(int argc, char *argv[]) kpatch_include_standard_elements(kelf_patched); log_debug("Include changed functions\n"); num_changed = kpatch_include_changed_functions(kelf_patched); - log_debug("num_changed = %d\n", num_changed); log_debug("Include debug sections\n"); kpatch_include_debug_sections(kelf_patched); log_debug("Include hook elements\n"); - kpatch_include_hook_elements(kelf_patched); + num_changed += kpatch_include_hook_elements(kelf_patched); + log_debug("num_changed = %d\n", num_changed); log_debug("Include standard string elements\n"); kpatch_include_standard_string_elements(kelf_patched); log_debug("Include new globals\n"); From patchwork Tue Nov 26 12:25:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262097 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CD84A15AC for ; Tue, 26 Nov 2019 12:26:30 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id AAE662068E for ; Tue, 26 Nov 2019 12:26:30 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="gK679cuC" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AAE662068E Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuZ-0004Wv-TN; Tue, 26 Nov 2019 12:25:43 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuZ-0004Wg-2v for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:25:43 +0000 X-Inumbo-ID: d7a3849e-1047-11ea-b155-bc764e2007e4 Received: from smtp-fw-6001.amazon.com (unknown [52.95.48.154]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id d7a3849e-1047-11ea-b155-bc764e2007e4; Tue, 26 Nov 2019 12:25:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771133; x=1606307133; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=ea7azaT3YO7wOzipAnz9vVarYKbJ0yLWP4KNNBu9TQs=; b=gK679cuCJ4aqPA+azHKgpiWocCoTJd8WIP5JfiOZVq/bS0D/14hzap3Z qhXbnssdvqGYXeagMg91shchXObk5IiFqOpWFsa0Cv1LpPP8O+CFNcVJ4 EYF/bNgMoze9NoZLGGD1GYmVLE2poohJo504hppoSTg2ymcyu41oc49Bc Q=; IronPort-SDR: GeVVOOXk34nt5EtqBYXVtLAJvtJxwzSaY4McGfclNvBEyl9D5QLXxaY0CTEcTSAv7EggYnzOow +dIxvDVknkTA== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="6386604" Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2c-4e7c8266.us-west-2.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-6001.iad6.amazon.com with ESMTP; 26 Nov 2019 12:25:32 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2c-4e7c8266.us-west-2.amazon.com (Postfix) with ESMTPS id 0D4CFA0006; Tue, 26 Nov 2019 12:25:32 +0000 (UTC) Received: from EX13D03EUA003.ant.amazon.com (10.43.165.89) by EX13MTAUEA001.ant.amazon.com (10.43.61.243) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:31 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D03EUA003.ant.amazon.com (10.43.165.89) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:30 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:28 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:08 +0000 Message-ID: <20191126122511.7409-5-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 4/7] create-diff-object: Add support for applied/reverted marker X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" With version 2 of a payload structure additional field is supported to track whether given function has been applied or reverted. There also comes additional 8-byte alignment padding to reserve place for future flags and options. The new fields are zero-out upon .livepatch.funcs section creation. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Ross Lagerwall --- common.h | 2 ++ create-diff-object.c | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/common.h b/common.h index 300e508..9f9cb7b 100644 --- a/common.h +++ b/common.h @@ -124,6 +124,8 @@ struct livepatch_patch_func { uint32_t old_size; uint8_t version; unsigned char pad[31]; + uint8_t applied; + uint8_t _pad[7]; }; struct special_section { diff --git a/create-diff-object.c b/create-diff-object.c index fed47cd..e886d4c 100644 --- a/create-diff-object.c +++ b/create-diff-object.c @@ -2013,8 +2013,10 @@ static void livepatch_create_patches_sections(struct kpatch_elf *kelf, funcs[index].old_size = result.size; funcs[index].new_addr = 0; funcs[index].new_size = sym->sym.st_size; - funcs[index].version = 1; + funcs[index].version = 2; memset(funcs[index].pad, 0, sizeof funcs[index].pad); + funcs[index].applied = 0; + memset(funcs[index]._pad, 0, sizeof funcs[index]._pad); /* * Add a relocation that will populate From patchwork Tue Nov 26 12:25:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262101 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 75A611875 for ; Tue, 26 Nov 2019 12:26:31 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 525222068E for ; Tue, 26 Nov 2019 12:26:31 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="s9lwbRlb" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 525222068E Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuf-0004a6-J6; Tue, 26 Nov 2019 12:25:49 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZue-0004ZH-2S for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:25:48 +0000 X-Inumbo-ID: da0951fa-1047-11ea-83b8-bc764e2007e4 Received: from smtp-fw-6002.amazon.com (unknown [52.95.49.90]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id da0951fa-1047-11ea-83b8-bc764e2007e4; Tue, 26 Nov 2019 12:25:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771138; x=1606307138; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=FaiVGswvoyzVT2k8JNXfrHofMW8iQRHNbkD2nK28OcE=; b=s9lwbRlbl8IcXqJWZptzV74BWeWYxQbLlpsT3+HU9ej41No/G+XoLCoI /gxOGygiVl4htZhrdwW6uqJzQo58NMY+wnDqfhrlP6BJAYQX1PCw1N4/j BkLafwqlCjbtCJKg0QP52jPq1/jReBEsFedjHTTimJIxwsbrNCOh5dgXb 0=; IronPort-SDR: dAZ8QvixlXia8oISNQPS2vmsKH59axqyxqCUO99jX6WaByoDBgSAFmuPF8qDw/4lxWBoDJzsmM BCBR5S7/wmVQ== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="4943797" Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2b-81e76b79.us-west-2.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-6002.iad6.amazon.com with ESMTP; 26 Nov 2019 12:25:36 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2b-81e76b79.us-west-2.amazon.com (Postfix) with ESMTPS id 005B1A1793; Tue, 26 Nov 2019 12:25:34 +0000 (UTC) Received: from EX13D03EUC001.ant.amazon.com (10.43.164.245) by EX13MTAUEA001.ant.amazon.com (10.43.61.82) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:34 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D03EUC001.ant.amazon.com (10.43.164.245) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 04:25:33 -0800 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:31 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:09 +0000 Message-ID: <20191126122511.7409-6-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 5/7] create-diff-object: Add support for expectations X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Extend livepatch_patch_func to support a new field: expect. This new field describes the expected data, its length and whether expectation is enabled. The expectation's data is of opaque padding size. By default the expectation field is zero-out and the expectation is disabled unless explicitly specified in the patch. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Ross Lagerwall --- Changed since v1: * Do not bump the payload version again. --- common.h | 11 ++++++++++- create-diff-object.c | 1 + 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/common.h b/common.h index 9f9cb7b..b6489db 100644 --- a/common.h +++ b/common.h @@ -115,6 +115,14 @@ struct kpatch_elf { }; #define PATCH_INSN_SIZE 5 +#define MAX_REPLACEMENT_SIZE 31 +struct livepatch_expectation { + uint8_t enabled : 1; + uint8_t len : 5; + uint8_t pad : 2; + uint8_t data[MAX_REPLACEMENT_SIZE]; +}; +typedef struct livepatch_expectation livepatch_expectation_t; struct livepatch_patch_func { char *name; @@ -123,9 +131,10 @@ struct livepatch_patch_func { uint32_t new_size; uint32_t old_size; uint8_t version; - unsigned char pad[31]; + unsigned char pad[MAX_REPLACEMENT_SIZE]; uint8_t applied; uint8_t _pad[7]; + livepatch_expectation_t expect; }; struct special_section { diff --git a/create-diff-object.c b/create-diff-object.c index e886d4c..abf3cc7 100644 --- a/create-diff-object.c +++ b/create-diff-object.c @@ -2017,6 +2017,7 @@ static void livepatch_create_patches_sections(struct kpatch_elf *kelf, memset(funcs[index].pad, 0, sizeof funcs[index].pad); funcs[index].applied = 0; memset(funcs[index]._pad, 0, sizeof funcs[index]._pad); + memset(&funcs[index].expect, 0, sizeof funcs[index].expect); /* * Add a relocation that will populate From patchwork Tue Nov 26 12:25:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262105 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 193FE15AC for ; Tue, 26 Nov 2019 12:26:38 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EAD6F2068E for ; Tue, 26 Nov 2019 12:26:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="QP5+VWmD" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EAD6F2068E Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZup-0004h7-Tv; Tue, 26 Nov 2019 12:25:59 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuo-0004gB-2j for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:25:58 +0000 X-Inumbo-ID: e44c2584-1047-11ea-b155-bc764e2007e4 Received: from smtp-fw-4101.amazon.com (unknown [72.21.198.25]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id e44c2584-1047-11ea-b155-bc764e2007e4; Tue, 26 Nov 2019 12:25:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771155; x=1606307155; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=50AhAuBAE5m0jf5j6Fmj7aXkFQ8mnxULZxRdTlVDKHQ=; b=QP5+VWmDgU8xOR4jutIo0LDtflqOSrfSUhjRE7WuE+47uleBdnxan1G/ rXhmOdKDp7nPytg/wXxYpJgPEWz1O+1stSXEDm/2OYC73LuHfYs9YIqWo 6S3gIyEZ+kJEED28vZOYg8woLUP11vhr1bzxzhq6Jak2kXx0/v80n5e9a I=; IronPort-SDR: XYBvMYaqpiSxDt1V80n2S+aQOLKeSvX52wziuRzrwetkp0sA741L/bheqgAfq7o8cFzgiMvDmX 3ieBFH28imhw== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="5818610" Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2c-168cbb73.us-west-2.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-4101.iad4.amazon.com with ESMTP; 26 Nov 2019 12:25:54 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2c-168cbb73.us-west-2.amazon.com (Postfix) with ESMTPS id B11A7A1895; Tue, 26 Nov 2019 12:25:52 +0000 (UTC) Received: from EX13D05EUC002.ant.amazon.com (10.43.164.231) by EX13MTAUEA001.ant.amazon.com (10.43.61.82) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:37 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D05EUC002.ant.amazon.com (10.43.164.231) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:35 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:33 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:10 +0000 Message-ID: <20191126122511.7409-7-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 6/7] livepatch-build: Strip transient or unneeded symbols X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" In the process of creating a final hotpatch module file make sure to strip all transient symbols that have not been caught and removed by create-diff-object processing. For now these are only the hooks kpatch load/unload symbols. For all new object files that are carried along for the final linking the transient hooks symbols are not stripped and neither are any unneeded symbols. Strip the transient hooks symbols explicitly from resulting object file. Add a new option '--strip' to additionally strip all unneeded symbols from new object files. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Ross Lagerwall --- Changed since v2: * Added '--strip' option for stripping unneeded symbols optionally. --- livepatch-build | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/livepatch-build b/livepatch-build index b8a1728..9e5bad3 100755 --- a/livepatch-build +++ b/livepatch-build @@ -32,6 +32,7 @@ SKIP= DEPENDS= XEN_DEPENDS= PRELINK= +STRIP=0 XENSYMS=xen-syms warn() { @@ -111,6 +112,28 @@ function build_special() unset LIVEPATCH_CAPTURE_DIR } +strip_extra_symbols () +{ + local -r FILE="$1" + local -a STRIP_CMD_OPTS=() + local -a SYM_PREFIX=("livepatch_load_data_" + "livepatch_unload_data_" + "livepatch_preapply_data_" + "livepatch_apply_data_" + "livepatch_postapply_data_" + "livepatch_prerevert_data_" + "livepatch_revert_data_" + "livepatch_postrevert_data_") + + STRIP_CMD_OPTS+=("-w") + for sym in "${SYM_PREFIX[@]}"; do + STRIP_CMD_OPTS+=("-N") + STRIP_CMD_OPTS+=("\"${sym}*\"") + done + + strip "${STRIP_CMD_OPTS[@]}" "$FILE" +} + function create_patch() { echo "Extracting new and modified ELF sections..." @@ -150,6 +173,7 @@ function create_patch() NEW_FILES=$(comm -23 <(cd patched/xen && find . -type f -name '*.o' | sort) <(cd original/xen && find . -type f -name '*.o' | sort)) for i in $NEW_FILES; do cp "patched/$i" "output/$i" + [[ $STRIP -eq 1 ]] && strip --strip-unneeded "output/$i" CHANGED=1 done @@ -176,6 +200,8 @@ function create_patch() "${TOOLSDIR}"/prelink $debugopt output.o "${PATCHNAME}.livepatch" "$XENSYMS" &>> "${OUTPUT}/prelink.log" || die fi + strip_extra_symbols "${PATCHNAME}.livepatch" + objcopy --add-section .livepatch.depends=depends.bin "${PATCHNAME}.livepatch" objcopy --set-section-flags .livepatch.depends=alloc,readonly "${PATCHNAME}.livepatch" @@ -198,11 +224,12 @@ usage() { echo " --depends Required build-id" >&2 echo " --xen-depends Required Xen build-id" >&2 echo " --prelink Prelink" >&2 + echo " --strip Remove all symbols that are not needed for relocation processing." >&2 } find_tools || die "can't find supporting tools" -options=$(getopt -o hs:p:c:o:j:k:d -l "help,srcdir:,patch:,config:,output:,cpus:,skip:,debug,xen-debug,xen-syms:,depends:,xen-depends:,prelink" -- "$@") || die "getopt failed" +options=$(getopt -o hs:p:c:o:j:k:d -l "help,srcdir:,patch:,config:,output:,cpus:,skip:,debug,xen-debug,xen-syms:,depends:,xen-depends:,prelink,strip" -- "$@") || die "getopt failed" eval set -- "$options" @@ -270,6 +297,10 @@ while [[ $# -gt 0 ]]; do PRELINK=--resolve shift ;; + --strip) + STRIP=1 + shift + ;; --) shift break From patchwork Tue Nov 26 12:25:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Wieczorkiewicz, Pawel" X-Patchwork-Id: 11262107 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 167C3913 for ; Tue, 26 Nov 2019 12:26:51 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E82E62068E for ; Tue, 26 Nov 2019 12:26:50 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="UaGzxFlg" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E82E62068E Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuz-0004mn-8x; Tue, 26 Nov 2019 12:26:09 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iZZuy-0004mE-2s for xen-devel@lists.xenproject.org; Tue, 26 Nov 2019 12:26:08 +0000 X-Inumbo-ID: e4d8f9be-1047-11ea-83b8-bc764e2007e4 Received: from smtp-fw-6002.amazon.com (unknown [52.95.49.90]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id e4d8f9be-1047-11ea-83b8-bc764e2007e4; Tue, 26 Nov 2019 12:25:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1574771156; x=1606307156; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=/laFxNcH/lbdJyRn9B6n9rnY/QQHFJTi9mwBzFuoGHE=; b=UaGzxFlgy8x0IKWTAu6eDkseVwh1qucNZIoaxCca/eDx7AOUbdLLdObX olqbwGau2LJGJN1jNWD/HqINT0HMnDwEQu+dFnbN1W5gJIdtyKtJQlnhw Cnye4NelOXrSxAbPARA7Gaj++d0ir07TfkRtOxtCUB9GHAgzTvxG6t6Cd 8=; IronPort-SDR: 6E7xrhbiOQ/DdYaJigipAOiMqN+rbjtdrpv2ZxRtdMhvu/etKUARgV848/TNlbkdMFgiqmZj75 0M+RGGeBD3QQ== X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="4943831" Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2b-81e76b79.us-west-2.amazon.com) ([10.124.125.6]) by smtp-border-fw-out-6002.iad6.amazon.com with ESMTP; 26 Nov 2019 12:25:55 +0000 Received: from EX13MTAUEA001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2b-81e76b79.us-west-2.amazon.com (Postfix) with ESMTPS id A17F2A1E84; Tue, 26 Nov 2019 12:25:54 +0000 (UTC) Received: from EX13D05EUB001.ant.amazon.com (10.43.166.87) by EX13MTAUEA001.ant.amazon.com (10.43.61.243) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:40 +0000 Received: from EX13MTAUWC001.ant.amazon.com (10.43.162.135) by EX13D05EUB001.ant.amazon.com (10.43.166.87) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 26 Nov 2019 12:25:38 +0000 Received: from dev-dsk-wipawel-1a-0c4e6d58.eu-west-1.amazon.com (10.4.134.33) by mail-relay.amazon.com (10.43.162.232) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Tue, 26 Nov 2019 12:25:36 +0000 From: Pawel Wieczorkiewicz To: Date: Tue, 26 Nov 2019 12:25:11 +0000 Message-ID: <20191126122511.7409-8-wipawel@amazon.de> X-Mailer: git-send-email 2.16.5 In-Reply-To: <20191126122511.7409-1-wipawel@amazon.de> References: <20191126122511.7409-1-wipawel@amazon.de> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3 7/7] livepatch-build: Strip all metadata symbols from hotpatch modules X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Pawel Wieczorkiewicz , Ross Lagerwall , mpohlack@amazon.com, Konrad Rzeszutek Wilk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Strip all unneeded metadata symbols from generated hotpatch modules. The metadata symbols are the symbols from metadata-like sections (e.g. '.livepatch.funcs') or livepatch hooks symbols (defined by a set of prefixes. E.g. 'livepatch_load_data_'). By default the create-diff-object does not create symbols in metadata sections. However, such symbols may be implicitly added by speciying extra entries in the sections manually (in a given patch). The symbols are not needed for the hotpatch modules and should be stripped to avoid symbol names collisions and to save hotpatch files space. Signed-off-by: Pawel Wieczorkiewicz Reviewed-by: Ross Lagerwall --- livepatch-build | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 53 insertions(+), 2 deletions(-) diff --git a/livepatch-build b/livepatch-build index 9e5bad3..e1715ea 100755 --- a/livepatch-build +++ b/livepatch-build @@ -112,10 +112,39 @@ function build_special() unset LIVEPATCH_CAPTURE_DIR } -strip_extra_symbols () +elf_section_exists () +{ + local ELF="$1" + local SEC="$2" + + objdump -h -j "$SEC" "$ELF" &> /dev/null +} + +# Extract a set of unique symbols for a specified section. +elf_extract_section_symbols () +{ + local -r ELF="$1" + local -r SEC="$2" + + if elf_section_exists "$ELF" "$SEC" + then + # Example objdump command output to be parsed: + # + # SYMBOL TABLE: + # 0000000000000000 l d .livepatch.funcs 0000000000000000 .livepatch.funcs + objdump -w -j "$SEC" -t "$ELF" | awk '/^SYMBOL TABLE:/ {seen = 1; next} seen && $NF {print $NF}' | sort -u + fi +} + +# Strip all metadata symbols belonging to a metadata section +# or whose name starts with a livepatch hook prefix. +# The function constructs the 'strip' utility command line +# and then invokes strip with that command line. +strip_metadata_symbols () { local -r FILE="$1" local -a STRIP_CMD_OPTS=() + local -a SYM_SECTIONS=(".livepatch.funcs") local -a SYM_PREFIX=("livepatch_load_data_" "livepatch_unload_data_" "livepatch_preapply_data_" @@ -124,13 +153,35 @@ strip_extra_symbols () "livepatch_prerevert_data_" "livepatch_revert_data_" "livepatch_postrevert_data_") + local -a SYMS=() + # Enable wildcard STRIP_CMD_OPTS+=("-w") + + # Strip all livepatch hooks metadata symbols for sym in "${SYM_PREFIX[@]}"; do STRIP_CMD_OPTS+=("-N") STRIP_CMD_OPTS+=("\"${sym}*\"") done + # Find all symbols from metadata sections + # Note: There may be name conflicts between global + # and local symbols belonging to the same section. + # For the '.livepatch.funcs' section it is not a + # problem. Think about it before adding more sections. + for sec in "${SYM_SECTIONS[@]}"; do + SYMS+=($(elf_extract_section_symbols "$FILE" "$sec")) + done + + # Strip metadata sections' symbols + if [ ${#SYMS[@]} -gt 0 ] + then + for sym in "${SYMS[@]}"; do + STRIP_CMD_OPTS+=("-N") + STRIP_CMD_OPTS+=("${sym}") + done + fi + strip "${STRIP_CMD_OPTS[@]}" "$FILE" } @@ -200,7 +251,7 @@ function create_patch() "${TOOLSDIR}"/prelink $debugopt output.o "${PATCHNAME}.livepatch" "$XENSYMS" &>> "${OUTPUT}/prelink.log" || die fi - strip_extra_symbols "${PATCHNAME}.livepatch" + strip_metadata_symbols "${PATCHNAME}.livepatch" objcopy --add-section .livepatch.depends=depends.bin "${PATCHNAME}.livepatch" objcopy --set-section-flags .livepatch.depends=alloc,readonly "${PATCHNAME}.livepatch"