From patchwork Thu Mar 17 11:08:53 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 12783889 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 02C09C433EF for ; Thu, 17 Mar 2022 11:09:54 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.291507.494787 (Exim 4.92) (envelope-from ) id 1nUo0l-0000aX-Gf; Thu, 17 Mar 2022 11:09:43 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 291507.494787; Thu, 17 Mar 2022 11:09:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nUo0l-0000aQ-B7; Thu, 17 Mar 2022 11:09:43 +0000 Received: by outflank-mailman (input) for mailman id 291507; Thu, 17 Mar 2022 11:09:42 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nUo0j-0000K7-QH for xen-devel@lists.xenproject.org; Thu, 17 Mar 2022 11:09:42 +0000 Received: from esa6.hc3370-68.iphmx.com (esa6.hc3370-68.iphmx.com [216.71.155.175]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id bc8f1d8a-a5e2-11ec-8eba-a37418f5ba1a; Thu, 17 Mar 2022 12:09:40 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: bc8f1d8a-a5e2-11ec-8eba-a37418f5ba1a DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1647515380; h=from:to:cc:subject:date:message-id:in-reply-to: references:content-transfer-encoding:mime-version; bh=lfeyPSkSe0Jsl+f2Ot+4QHS7ZQQP6Mss8udTQ8D37jk=; b=YgVBeEdGlo1a4M0nokBaWdiyrpVh+vZEtqsVnnFqLPU53QhdGKwQe8Sz mfw4ncTpikywonH02j+nOx6PIscDZ6yBOc3VwpfsFTEN71alR+vozRB/z +TcH2bth8Qt8RVjsBMcdE+Fp80qFcjUV3T2R9JotzR7mHnb8zPBiDc+mb o=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com X-SBRS: 5.1 X-MesageID: 66412180 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:17lIz6CJMzfqLhVW/yfjw5YqxClBgxIJ4kV8jS/XYbTApDx31D0Ay zRNUD+DPq7YZGOnf9tzOt6y9koG6pHQy99lQQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMZiaA4E/raNANlFEkvU2ybuOU5NXsZ2YgHWeIdA970Ug5w7Vg3dYy6TSEK1jlV e3a8pW31GCNg1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJMt3yZWKB2n5WuFp8tuSH I4v+l0bElTxpH/BAvv9+lryn9ZjrrT6ZWBigVIOM0Sub4QrSoXfHc/XOdJFAXq7hQllkPgh2 tJ8i568QD0wP6nJutQHSQFxIzlHaPguFL/veRBTsOSWxkzCNXDt3+9vHAc9OohwFuRfWD8Us 6ZCcXZUM07F17neLLGTE4GAguw5K8bmJsUHs2xIxjDFF/c2B5vERs0m4PcGgmtp3JkeRZ4yY eIbNhlzVhH8UydON28ZVJcdw8Km3UDgJmgwRFW9+vNsvjm7IBZK+LvqNsDcdpqVRMFWtkGCr 2nC8iLyBRRyHMySz3+J/2yhgsfLnDjnQ8QCGbug7PlojVaPgGsJB3UruUCT+KfjzBTkApQGd hJSqnFGQbUOGFKDHsv6biO6rHe+px8YXvhgCfciwTGV8/+Bi+qGPVQsQjlEYd0gkcY5Qz02y 1OE9+/U6SxTXK69EizEqOrNxd+mEW1MdDJZO3dYJecQy4O7yLzfmC4jWTqK/ESdqtTuUQ/9z DmRxMTVr+VC1JVbv0lXEL2uvt5NmnQrZlNtjuk0djj8hu+cWGJDT9b0gbQ8xawcRLt1tnHb4 BA5dzG2tYji962lmi2XW/kqF7q0/fuDOzC0qQcxQ8Z9qmv0oSD7It04DNRCyKFBaJpsldjBO hO7hO+szMULYCvCgVFfPupd9PjGPYC/TI+4B5g4n/JFY4RrdR/vwc2dTRX44owZq2B1yftXE c7CKa6EVC9GYYw6nGveb7pMitcDm3FhrV4/sLimlnxLJ5LFPyXLIVrEWXPTBt0EAFSs+1yEr YwAa5PUl32ykoTWO0HqzGLaFnhTRVATDpHqsc1HMOmFJwttAmY6DPHNh7gmfuRYc259xo8kI lnVtpdk9WfC IronPort-HdrOrdr: A9a23:jp/JwquZvmKdmnKJd7xxppmn7skClIMji2hC6mlwRA09TyXGra +TdaUguSMc1gx9ZJhBo7G90KnpewK5yXcT2/hsAV7CZniahILMFu9fBOTZslvd8kHFh4xgPO JbAtND4b7LfClHZKTBkXCF+r8bqbHtmsDY5ts2jU0dNz2CA5sQkTuRYTzrdXGeKjM2YKbQQ/ Gnl7V6TnebCDwqR/X+IkNAc/nIptXNmp6jSRkaByQ/4A3LqT+z8rb1HzWRwx9bClp0sP0f2F mAtza8yrSosvm9xBOZ/2jP765OkN+k7tdYHsSDhuUcNz2poAe1Y4ZKXaGEoVkO0aqSwWdvtO OJjwYrPsx15X+UVmapoSH10w2l6zoq42+K8y7uvVLT5ejCAB4qActIgoxUNjHD7VA7gd162K VXm0qEqpt+F3r77WvAzumNcysvulu/oHIkn+JWpWdYS5EiZLhYqpFa1F9JEa0HADnx5OkcYa VT5fnnlbdrmG6hHjDkVjEF+q3uYp1zJGbKfqE6gL3a79AM90oJjXfxx6Qk7wM9HdwGOtx5Dt //Q9dVfYF1P78rhJ1GdZU8qLOMexTwqDL3QRSvyAfcZeg600ykke+D3Fxy3pDvRKA1 X-IronPort-AV: E=Sophos;i="5.90,188,1643691600"; d="scan'208";a="66412180" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VNFV2uhM0plfg7RVctUL964KvWj+H03331tOTTfNhss8TRLqb+cOSC0+Rzh6gcL8WMRGyEV9nuasNljgD0g+tFgwaxWiO25HW/mfea+ApU06EQOg1ppd0+I4ZNItV56k2hu5aE87DWHCYEcyQ5HTIEXiHDugtl2MWLnHXyyja1TQqCMzLGHTLotRgTf20RFXEqMl9nqSPxcSkuexaYb43mBfKt5xx63hgHiuc9BYiVn0TXmfA3pALiwMu95F5jkVA6wWRBc8nzNkTT6X5U+eF/EoXfqHqKE/uZ0xxkVB1WPod/CbdMFWemGhzGZKmJchN5AZSIFh+Xgo7HNnlmgDZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=x3+aTgeZKg2AgprDOZi02cilZw8eZZMU3TEy+Ao1rUk=; b=Q//jYNhZfHODPLNie+A5fJ/LELLpBoM7Bxw7ei6+WMFvReWjatn/gIbkHPHYMiKLdUzTF49ZMeDgVXEnG1Sa2UDkZXuKNBmJtfjM3vjPLr/3mTJzpKXNFA5BZ00qSsVGJ4BrCfZuVt4TCX4p0IrHrbSHsO8TV1dAn1CTy91tTsnrTHOE1e5HV6UlYaXlLJipAymKW0Ppdg3a7RYbis+J1bLyjUizw0or6FV3BD7RjcuGdIBjs10PqpZvfys0i1ariV5wtDy7V/Z/n7pU7soA8emxrYdDtZtmqtAFL+wrNy0qpdxHUFd/DfgLTHjBzNJ0EctD90TTwfiyXJHj9WHxgw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x3+aTgeZKg2AgprDOZi02cilZw8eZZMU3TEy+Ao1rUk=; b=WNu84WxGi2leEyM+gID+RarSZFVpPsIc7k9SDEY1sfE86+hw3JorWAxM8WwDJ36QW5WRbOQdBB6ZnNtQVN08AHyj+pBLJdJIgpKUfp807Y6wLE3Qqjly448JP/xYGit1qXEJF1d1w53slJhDXHuVek8SnWzrSMS3LLNFn8Ol2UM= From: Roger Pau Monne To: CC: Roger Pau Monne , Konrad Rzeszutek Wilk , Ross Lagerwall Subject: [PATCH 1/2] livepatch: do not ignore sections with 0 size Date: Thu, 17 Mar 2022 12:08:53 +0100 Message-ID: <20220317110854.39050-2-roger.pau@citrix.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220317110854.39050-1-roger.pau@citrix.com> References: <20220317110854.39050-1-roger.pau@citrix.com> X-ClientProxiedBy: LO2P265CA0338.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:d::14) To DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cc3440af-383b-4fdd-e79f-08da08068f91 X-MS-TrafficTypeDiagnostic: BL1PR03MB6102:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3MN4TM0zmkjgQeCjSMfBMt6DAUrBtHRRXo/RCeO6/1aOXelvLnGEfd738hdO9EI6vbaGRe81b9djajenVcbtc3DdmE2L65l+JOxGR/Vist3uhq+eghuiP3aqVIgyfs4i1HwMkSV/H3y7XGykLkdfwrQXlC4mVXwH9UeGzdg1wLZIFg+86MGq6gH0KICybZWtsjByphjBK6lowoN7xQEuPZ5p0n04Q+R9DP83G4JLNtx2vk5QrvBt5BoQlfNlsSOvqkM1I9RboRYFuY0efyZMOUtal88cyaiQByHjD0QpXr8PndP/3AjQltqHKFwMYnNFpe5s+ZXhkXY82Liil0wdCKB2Zd8/puIRtJjuaVf394SCOxK/EFxUE+1Ro/mVnzkBLJ6hM9rVmKwDXrLCq/vEdKkHu1Nw6QXA9ExGahuCRHFoIUplwgc1yuQvmJvHQFUQpuImg5L/5Wmj3MgF//u1UVBdoLc4aRwpagXzu/O2VWKrFbYz4L1CmgsKOqxEujrnkIC8FGipNdR/u0b01rzofknZKs8rPbKM/FvNf2MOXcFhOQhGnQnQWQ+VUmfws3lnaUCDqmQmpl4o2z47iwLxAFTbvHy9ottBzuM0nPqrhw+Fufjt8PsDdIY1drTEfbCcFjN5ylni+xisq+4w8406pA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(83380400001)(2906002)(4326008)(508600001)(8676002)(82960400001)(6512007)(86362001)(6506007)(5660300002)(6666004)(6916009)(8936002)(107886003)(26005)(66946007)(66476007)(316002)(66556008)(186003)(36756003)(2616005)(6486002)(38100700002)(1076003)(54906003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?2laLxcxEwQ0cwN0TvGDMsaB85KWR?= =?utf-8?q?h9kLtfS/Xsryjno0Osr59dPMm+ylxWk7448Giw66Lt6GzL6ZniyX2UMloW5dB/r0A?= =?utf-8?q?79bV1ZvpA2+hikFhrlVqLbNTH31N0GeQuGa40hMOOli4916a1JIkZ2ZHCd6EADmai?= =?utf-8?q?N/5UWzEp7DcuFudtQq12ZNY59TdCx8XbFhEpv3f1pFpJPrSQWLCxf+UDoh/DzVhxW?= =?utf-8?q?TQERtBJ00+h8I41Pk+k+18cVe44gUsQM16UoOqEsqr6gHRvkmWTuelRbhxhLt8H8M?= =?utf-8?q?MDPZ2qtYrFKI3FVpm49N3fr6rJL/hz7ZZ2fWev+0esRU1RKtPWBsW/L7o1ws93VZC?= =?utf-8?q?e4f4QBlFJYXFeCznhw8G+xOi0r3FbuN9G0zgcKl4hnVPkyNAlEYeJT07SmY1GuP4r?= =?utf-8?q?FdxqG8829/bieC4ZImTMDXXGKY/BfVr8wUqCW2RUbCgY0wPNAV2fJGZM55oz84EFa?= =?utf-8?q?QZ3frN8w1BIvu9tSLfsFyYPhJkIcpT3LRpDSjoSf9hjqjtlG9OHQ3YQYU+ZUHvi1b?= =?utf-8?q?PgfJG617BPB37OEKiNHj6YrIq0TifsqTfnNgAYi1c2dO9R3YODZuErdwAipEfIbpz?= =?utf-8?q?U3EYrBJAmK5+isNX8B7wUiPeIsbfcv3h2LXtBFhPZaJ4hK/f5YRI5FSIj/mqvBqNR?= =?utf-8?q?15Pe2/lCr5XQghu0+Yw6XQ6TvsWJWuymdesY4F6qvB949YxihFEUgCwkzWDCRnon8?= =?utf-8?q?eaV0BcSv1IQfFaDvhXQPEV/mdIw2EL3vSZocgUOhk3EYgrCvG/zcI6N3Ge/k+7ugs?= =?utf-8?q?IWCbx9ew/HswRWmmBmSvbEzVQUyi7oHwXbobTC1zxAbeadpb1K8ln4b0mT3bNjZt4?= =?utf-8?q?vsMVvcmDl2A5SlSW9ZZQwgBy5JAMwT1wkFZSlqlOd9csaTtZvIblc3LOGs/yeGaEX?= =?utf-8?q?WrUonU0LnlFPRfY+0akC/h5lNXusabmfs8r6LDF+7Pi4oleI2SHrVama/tcm/M2C2?= =?utf-8?q?tZwbp57B7B3HRO3YT1QAmqOE0jqMvsjaQK+zZoIr/j1NonTAlgw79HJFjvlrfahAp?= =?utf-8?q?6ILNpo5OYQH6kOlF5bMBCNuMsmDaxO2WkAtdJYdK5RVPdUoyQ7pRULfkx+IdsZhlg?= =?utf-8?q?/z0orMsB8ri143OZxTApN4ZFOmDLTEPLPMmWuCIlC+bwVSopkoeTGww/nCMeTtADm?= =?utf-8?q?fJEi7f9fzDc1lgT6UBTOtKHl29DyscIP3qNvtxg/mNQcwAbc9UmxS76EhQrEqOANz?= =?utf-8?q?R/pwAE7cWe6s/ozOKIxII7pys+o10z3/fXvIsg8+dXtDUgS/m08ealB7lCFWlEe6n?= =?utf-8?q?QqSnrSjO4hPO9U/ZUUP/vbpRTBUGKyrBwqF00SGXUVfT3ye/7le4Q7FwyHQ1E0ijI?= =?utf-8?q?7EZBAYnYcwXzNghNUmQW+iHfAiMrZc9bSbwoDvZKJrsbEBG05KNj/9McDZUfbVujJ?= =?utf-8?q?O70lYTeNnw8Bo41C1yX2r5oelf9aAdB1d09g=3D=3D?= X-MS-Exchange-CrossTenant-Network-Message-Id: cc3440af-383b-4fdd-e79f-08da08068f91 X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Mar 2022 11:09:09.9437 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: jc+CK+2MSOgVS2bcao+2/hv6wVF46xYU2kfGFsneM7V5BOvrscHhtDqPvCvg42QHMjBkH30F/4dJ88K42EshEg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR03MB6102 X-OriginatorOrg: citrix.com A side effect of ignoring such sections is that symbols belonging to them won't be resolved, and that could make relocations belonging to other sections that reference those symbols fail. For example it's likely to have an empty .altinstr_replacement with symbols pointing to it, and marking the section as ignored will prevent the symbols from being resolved, which in turn will cause any relocations against them to fail. In order to solve this do not ignore sections with 0 size, only ignore sections that don't have the SHF_ALLOC flag set. Special case such empty sections in move_payload so they are not taken into account in order to decide whether a livepatch can be safely re-applied after a revert. Fixes: 98b728a7b2 ('livepatch: Disallow applying after an revert') Signed-off-by: Roger Pau Monné Reviewed-by: Ross Lagerwall --- xen/common/livepatch.c | 16 +++++++++++----- xen/include/xen/livepatch_elf.h | 2 +- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c index be2cf75c2d..abc1cae136 100644 --- a/xen/common/livepatch.c +++ b/xen/common/livepatch.c @@ -300,9 +300,6 @@ static int move_payload(struct payload *payload, struct livepatch_elf *elf) * and .shstrtab. For the non-relocate we allocate and copy these * via other means - and the .rel we can ignore as we only use it * once during loading. - * - * Also ignore sections with zero size. Those can be for example: - * data, or .bss. */ if ( livepatch_elf_ignore_section(elf->sec[i].sec) ) offset[i] = UINT_MAX; @@ -361,8 +358,17 @@ static int move_payload(struct payload *payload, struct livepatch_elf *elf) else if ( elf->sec[i].sec->sh_flags & SHF_WRITE ) { buf = rw_buf; - rw_buf_sec = i; - rw_buf_cnt++; + if ( elf->sec[i].sec->sh_size ) + { + /* + * Special handling of RW empty regions: do not account for + * them in order to decide whether a patch can safely be + * re-applied, but assign them a load address so symbol + * resolution and relocations work. + */ + rw_buf_sec = i; + rw_buf_cnt++; + } } else buf = ro_buf; diff --git a/xen/include/xen/livepatch_elf.h b/xen/include/xen/livepatch_elf.h index 9ad499ee8b..5b1ec469da 100644 --- a/xen/include/xen/livepatch_elf.h +++ b/xen/include/xen/livepatch_elf.h @@ -48,7 +48,7 @@ int livepatch_elf_perform_relocs(struct livepatch_elf *elf); static inline bool livepatch_elf_ignore_section(const Elf_Shdr *sec) { - return !(sec->sh_flags & SHF_ALLOC) || sec->sh_size == 0; + return !(sec->sh_flags & SHF_ALLOC); } #endif /* __XEN_LIVEPATCH_ELF_H__ */ From patchwork Thu Mar 17 11:08:54 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 12783888 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BE718C433F5 for ; Thu, 17 Mar 2022 11:09:37 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.291501.494775 (Exim 4.92) (envelope-from ) id 1nUo0S-0008NP-4z; Thu, 17 Mar 2022 11:09:24 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 291501.494775; Thu, 17 Mar 2022 11:09:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nUo0S-0008NI-1Y; Thu, 17 Mar 2022 11:09:24 +0000 Received: by outflank-mailman (input) for mailman id 291501; Thu, 17 Mar 2022 11:09:22 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1nUo0Q-00080x-Jb for xen-devel@lists.xenproject.org; Thu, 17 Mar 2022 11:09:22 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id b16bb2bb-a5e2-11ec-853c-5f4723681683; Thu, 17 Mar 2022 12:09:21 +0100 (CET) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: b16bb2bb-a5e2-11ec-853c-5f4723681683 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1647515361; h=from:to:cc:subject:date:message-id:in-reply-to: references:content-transfer-encoding:mime-version; bh=fpKWCCUtR+/R9d1fr17rKD/uI5IeMN8VnwhiJs0DQeI=; b=Yw7CtvRkwwZk/udo9kE2Sp8uRvIJQS5rt3jLtChBIzLIb0QuhdMGE4W/ hpXRxMjf0jGE6jm/4WxeXnvHPBOYgounVtKBcf6BV2vhNkrajwLZuSrc2 J6mpvWPOTOeaGddLOyGCB9mivuPdIu9fSa3ua/SWJI6lPFZ9KqaGjtrDP 8=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com X-SBRS: 5.1 X-MesageID: 66496270 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:xAxTwK8imfBwi2eYLQAADrUDDX6TJUtcMsCJ2f8bNWPcYEJGY0x3n WYeCz3TPKzfZjHwf9x+b4zl8UoPu8fQnNQ3Hgpk+X88E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si+Fa+Sn9T8mvU2xbuKU5NTsY0idfic5DnZ54f5fs7Rh2NQw2oHmW1nlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnYaiRTszHojRpNQceRJBFTFPOaFi+JaSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFJkYtXx6iynQEN4tQIzZQrWM7thdtNs1rp4QQaeAP ZVBAdZpREybOzlRHAwPM5IVu/uQjGfPfSNpq13A8MLb5ECMlVcsgdABKuH9RNuOQslEm1eCk UjP9W/5HxIyOcSWzHyO9XfEruXChz/hUYQeUrix7Od3gUa7z3YWThYRUDOTvv2RmkO4HdVFJ CQ8+CAjsKwz/0yDVcTmUluzp3vslh0bXcBZH6sl6QWO4q3O6g2dCy4PSTspQMwrsoo6SCIn0 neNnsj1Hnp/vbuNU3Wf+7yI6zSoNkA9L3IGZCICZRsI5Z/kuo5bpgnUUt9pHaqxj9v0MTL92 TaHqG45nbp7sCIQ//zlpxad2Wvq/8WXCF5ujunKYo67xhlraLK/R6m11Wjax/1ZKpaoSlWlv FFRzqBy89syJZ2KkSWMRsAEE7eo++uJPVXgvLJ/I3Uy32/zoiD+JOi89Bk7fR40aZhcJVcFd WeJ4WtsCIlv0GxGhEOdS6a4EIwUwKfpDrwJvdiEP4MVMvCdmOJqlRyChHJ8PUiwyCDAcollY P93lPpA615AVcyLKxLsG48gPUcDnHxW+I8qbcmTI+6b+bSffmWJbrwOLUGDaOs0hIvd/lmKr 4sAbpHUk0oCOAEbXsUx2dRPRbztBSJnba0aVuQNLrLTSuaYMDxJ5wDtLUMJJNU+wvU9ehbg9 XChQE5IoGcTdlWcQThmnktLMeu1Nb4m9CpTFXV1YT6AhihyCa7yvfx3X8ZmItEaGBlLkKcco w8tIJ7bXJyii13vplwgUHUKhNc7JUrx2l7WYXbNjfpWV8cIejElM+TMJ2PH3CIPEjC2pY05p bih3RncWp0NW0JpC8O+VR5l5wrZUaQ18A6qY3b1Hw== IronPort-HdrOrdr: A9a23:ZMq3MKo0ZwdJ+A+PZTyyPsoaV5vPL9V00zEX/kB9WHVpm5Oj+f xGzc516farslossREb+expOMG7MBThHPlOkPYs1NaZLXXbUQ6TTb2KgrGSugEIdxeOk9K1kJ 0QCZSWa+eAfWSS7/yKmDVQeuxIqLLsndHK9IXjJjVWPHxXgslbnnZE422gYytLrWd9dP4E/M 323Ls4m9PsQwVdUu2LQl0+G8TTrdzCk5zrJTYAGh4c8QGLyRel8qTzHRS01goXF2on+8ZuzU H11yjCoomzufCyzRHRk0fV8pRtgdPkjv9OHtaFhMQ5IijlziyoeINicbufuy1dmpDk1H8a1P 335zswNcV67H3cOkmzvBvWwgHllA0j7nfzoGXo90fLkIjcfnYXGsBBjYVWfl/y8Ew7puxx16 pNwiawq4dXJQmoplWy2/H4EzVR0makq3srluAey1ZFV5EFVbNXpYsDuGtIDZY7Gj7g4oxPKp ggMCjl3ocXTbqmVQGbgoE2q+bcHEjbXy32DnTqg/blkgS/xxtCvg4lLM92pAZ2yHtycegB2w 3+CNUbqFh/dL5kUUtDPpZ1fSLOMB23ffvtChPaHb21LtBOB5ryw6SHlIndotvaP6A18A== X-IronPort-AV: E=Sophos;i="5.90,188,1643691600"; d="scan'208";a="66496270" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Xn2LMnkCgqbd1tMp4K/L4L5ni8CsCeu2FZcrK8C0In4KiBb8ESTsaXunzZYaxWQcUx3xHxrWhdB33aRW/Z/qs6XMGlEkDsFDdsxq5DRt9GgRcb23aQVdJXD6RxXadP/eRHOExbXwabE+eVBS/eXDPl/bkjssSRQmjaNG6/LJSJBIz+2Ju0aRv/DrQdnRH56lBZAnATEKi+4FE89F8i7UIkARL1jgGzgPc5BfsZSOipgg7tXEoL78dDuge76ZgXBK7kZc7E7QWLiEwYWlUwU/M0BeH1EcVd64hldqIz8O5Y3gE4fY31XSb7gX41MF05qatXMC0qRGHCB0w3hpHGRIPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ThI7FNLNj1qjzQJ85InJ5XwxtR+RxYNzUMMHvZI+Xew=; b=c2n1vAhBtjbvFq0pzUDZ4xTqD2eWCadALKWopb73NVqIOuAlgSRVHU91A4/B2AjIx3v4BFxOqf1iulIQ9wR8a5W/HbyOh3OssavggInXUbgZ7j2PRUvONZ1eJL/+7TsUSqBuYIQGnJYBU9mBY0+rlx6dj187KI4lefSN6cK6L2XCg4IfbVEsrs8ntY1/F0KVe8BBJW5hdH8U1zmbSc5rsfpaOuurMd5PyH/1qsiid2eZcgLj7uEn6Kty7XeWXOz65zM5rb0yirkvdLA4cUpnCav0R43dhHH8ybW9lquKZyQgw1DCrFpkT5h+WdK654Pp/jgie4XC31zAPIEPJUPJpQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ThI7FNLNj1qjzQJ85InJ5XwxtR+RxYNzUMMHvZI+Xew=; b=ACm97TaiD+KOsOX0HVQtgqd3U1M9MlT/MXC7KtcuAqe73oTITPm6s+8cccXdrYQlBX1qKgJuYx8kWE450omD9PeTTCqb0BqI0VOgt96V+wBnX8xdl3KWytll4Xtscg9kLD+XEfAyPBBvKNKUpjteEyFLRL6FHmeQXDxyKaHyF2E= From: Roger Pau Monne To: CC: Roger Pau Monne , Konrad Rzeszutek Wilk , Ross Lagerwall , "Stefano Stabellini" , Julien Grall , "Bertrand Marquis" , Volodymyr Babchuk , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 2/2] livepatch: avoid relocations referencing ignored section symbols Date: Thu, 17 Mar 2022 12:08:54 +0100 Message-ID: <20220317110854.39050-3-roger.pau@citrix.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220317110854.39050-1-roger.pau@citrix.com> References: <20220317110854.39050-1-roger.pau@citrix.com> X-ClientProxiedBy: LO2P265CA0267.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a1::15) To DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f79d9085-d628-4113-1a46-08da08069218 X-MS-TrafficTypeDiagnostic: BL1PR03MB6102:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: pPgnejJ9C/oWZ0ZlHwxVHEA3YlAR6nZeOLn5S+6KqzfXiUT52GmmC//O/Fj6hsyk4J9RsMQrpMaPQF6wIg4wpLDoV2MpeFzNa/PxtIL0m/W6NOZ55gH4tWpq23JVDy8KZ+5g2n+UZr77QSexZmwmnyOl5FPX8+8DV2k/q/Y71gDsF5vpVSxUp1cxwmzHW1R+KmDCgtc4OeNbPtBPuIqprPyo1tRj+SSYGZAyk1bvgqEXzRL92kKIKoWRlYCFbptJ0RjgBa6Lj8OR47i7AjHZpe5CelWhlxvWNMA2POs3hGyrxbqJwiApUVVNcVlVIGR8oB/uB/brc84Cg+ITfV64cfZT3q6Rj+FsvnBPCvFPUR5M0V+DHniRpQcceQmFWR/myRS2Y8fZZGGrI2+Ju1nTpcHbN+29u9r5I+/cix2N05NGykTSC7hvi6wg7Q89fWnh+xp1h6BEO2kLHHkECCs67t/iP2ac2MUgZI7QaoVdZ3EJeYfIIwtaTWKejpsz5roICyH1sdYCnGQLS5CqNXIF85ZNVMnz2/YGZi7udnrh8x23oKznHKdN2Fh+QfYnRu4F6zKqBj9kP6F+iaHNtBABZYQNgwySVzt8QR7BPS1FuPRQe9tpqafuJDk+jJXDdLYmEycpDi5Y0iuNnDxFpEdM5w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(83380400001)(2906002)(4326008)(508600001)(8676002)(82960400001)(6512007)(86362001)(6506007)(5660300002)(6666004)(6916009)(8936002)(26005)(66946007)(66476007)(316002)(66556008)(186003)(36756003)(2616005)(6486002)(38100700002)(1076003)(54906003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?cywkV0b2sCBP5TARNh3GDPcFrnte?= =?utf-8?q?AfxcQF/FSo5LGDu/NzWZtdoW6ckZbpepu5DXw2kzNBfbUZ27F5x+LdSUUk9kQZQnG?= =?utf-8?q?FixoGBEiDLSzxCuB4scr7KOet2KDxwrau47+h3VgdUcbFmH/j06NKxKMPnK/Sqpkd?= =?utf-8?q?kvH/vPYTX1bNlBgYHEoPkfN3XxfvjlZ5jD2xfamZJMfrn0x7bhbRsVv47g87Z6fJc?= =?utf-8?q?gcDd9lzHGap/e7FFA7oZkeV3iWbUqsdwa7zq5nLlAaa/dtYdJOoKOeH/hrywcuhGF?= =?utf-8?q?pDDL1/9LunJpj/pVrNyF0E5zz+8YIVqXQJgsCvHklp5UtUcAFr0FMqgcUYnlvmhf4?= =?utf-8?q?yuZ0nJIupCT7o/eKDjiS275lVJukVC81wYGvR6fCZZ3FE5O9YdUqBWSRrZy1qfcd/?= =?utf-8?q?MNduCS8lTXScAlnhtPHtULupZljEj0Wg6cj8V1G7SqjS3fbSRQKLOJ5hdpNps/yKg?= =?utf-8?q?Q6Nw0WcJg1FSv9/FYUPDa6DyXceelj8LkKBvfpEr4+h+q9xXm8ducgSFqhJ/4ezDu?= =?utf-8?q?TTa7OhcI6M0nIQ4Gdg0IV4tn+ZasXkiWAX5/8GKgPbWJw9ZanhrlPQjzKlW80lbBw?= =?utf-8?q?iNq3gVeNfQv+yHdzefOfX5lGFohBc8L0ecfTOJGoPNHeHZ3NhQGvCkj1RzGndp4+p?= =?utf-8?q?+LG1N825IeB1xwKRcaNLz3dikyl8/LQC0Iyj3NBtihF1yNLtTZhFa8ZGOi5o2WrL/?= =?utf-8?q?TqF3DCBpOBtxQ8tUF4fYgin0hu7Vh6TDdlCKkO7mQAU9K9LgMqwjmwXnftB98sY2+?= =?utf-8?q?fmUNSuPxpaDIv5m750xhwKzUlrh0Qzjj45i+8oCZZSIKiGpIT2mpNW40gJbvgWls1?= =?utf-8?q?DGKNn7iNsDbJqtEi36FWKoRKMj4j7jQRBJuaobxw29sUsRU7X3B3zirYx0Ee6KIlG?= =?utf-8?q?aHQaPBFhLhSUGozlmsvgvgJthbcMJ5IbBIpnL8zOuKhXA2YmHmKmXvJLtGY3ZNBcK?= =?utf-8?q?iP2G9TeE6wH+ps1UBM4jAqdlTISWDtVMc2C3eZduJn1TEJEwoVAmpRp5p9HmLyQl3?= =?utf-8?q?P5oXbwjZp8XrFUq6b9zMfBnjVPjLaN19fD3BMzEziQqRICFpS1tqclw2qlctLsWaz?= =?utf-8?q?ifj0ll9BAZtyh51+v12e8musRCxyPZBoZxa38nrzV72T73ByFMzvkN19J/aZCe0Ie?= =?utf-8?q?/YEzILZqDMYOcxH0TRq7hA6LtFkQpUKqN6XINU0d7XgtnlzAbf8mnEqhw2kyWnQN3?= =?utf-8?q?NPAO3eMHOzHou4yZ49Xa3x7W/C+4YWdtOgYadaKnWwKGCUfNjChYMrYqrigd7QSGc?= =?utf-8?q?sm3Z7mgJILb8c3AHM1t30/diYkruCasz4MgokcMqw7YwahLLfxG5ZP3dS21ldcNEp?= =?utf-8?q?KIV/hwQhJsCyipYnYXLQWskv2jxO21DyybTuE21S8TmEgjFpCvvZ99sHjhYuYXhTe?= =?utf-8?q?Vz9lDD2+UQj3kxIoh6ZmL5sbOxD4iOxajLJA=3D=3D?= X-MS-Exchange-CrossTenant-Network-Message-Id: f79d9085-d628-4113-1a46-08da08069218 X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Mar 2022 11:09:14.1174 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: CCxUG53zduJ8rvKhDmhAHfsZpE8T8s45J9rBwamCnl00wWkY7X2CX5rYgom9oICh55R6OI4hX3gu8c4+En+Bvg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR03MB6102 X-OriginatorOrg: citrix.com Track whether symbols belong to ignored sections in order to avoid applying relocations referencing those symbols. The address of such symbols won't be resolved and thus the relocation will likely fail or write garbage to the destination. Return an error in that case, as leaving unresolved relocations would lead to malfunctioning payload code. Signed-off-by: Roger Pau Monné Reviewed-by: Jan Beulich Reviewed-by: Ross Lagerwall --- xen/arch/arm/arm32/livepatch.c | 7 +++++++ xen/arch/arm/arm64/livepatch.c | 7 +++++++ xen/arch/x86/livepatch.c | 7 +++++++ xen/common/livepatch_elf.c | 6 ++++++ xen/include/xen/livepatch_elf.h | 1 + 5 files changed, 28 insertions(+) diff --git a/xen/arch/arm/arm32/livepatch.c b/xen/arch/arm/arm32/livepatch.c index 5a06467008..6aed227818 100644 --- a/xen/arch/arm/arm32/livepatch.c +++ b/xen/arch/arm/arm32/livepatch.c @@ -272,6 +272,13 @@ int arch_livepatch_perform(struct livepatch_elf *elf, elf->name, symndx); return -EINVAL; } + else if ( elf->sym[symndx].ignored ) + { + printk(XENLOG_ERR LIVEPATCH + "%s: Relocation against ignored symbol %s cannot be resolved\n", + elf->name, elf->sym[symndx].name); + return -EINVAL; + } val = elf->sym[symndx].sym->st_value; /* S */ diff --git a/xen/arch/arm/arm64/livepatch.c b/xen/arch/arm/arm64/livepatch.c index 6ec8dc60f0..655ded33d2 100644 --- a/xen/arch/arm/arm64/livepatch.c +++ b/xen/arch/arm/arm64/livepatch.c @@ -270,6 +270,13 @@ int arch_livepatch_perform_rela(struct livepatch_elf *elf, elf->name, symndx); return -EINVAL; } + else if ( elf->sym[symndx].ignored ) + { + printk(XENLOG_ERR LIVEPATCH + "%s: Relocation against ignored symbol %s cannot be resolved\n", + elf->name, elf->sym[symndx].name); + return -EINVAL; + } val = elf->sym[symndx].sym->st_value + r->r_addend; /* S+A */ diff --git a/xen/arch/x86/livepatch.c b/xen/arch/x86/livepatch.c index 37c9b8435e..a928e5bfcd 100644 --- a/xen/arch/x86/livepatch.c +++ b/xen/arch/x86/livepatch.c @@ -262,6 +262,13 @@ int arch_livepatch_perform_rela(struct livepatch_elf *elf, elf->name, symndx); return -EINVAL; } + else if ( elf->sym[symndx].ignored ) + { + printk(XENLOG_ERR LIVEPATCH + "%s: Relocation against ignored symbol %s cannot be resolved\n", + elf->name, elf->sym[symndx].name); + return -EINVAL; + } val = r->r_addend + elf->sym[symndx].sym->st_value; diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c index b089cacb1c..45d73912a3 100644 --- a/xen/common/livepatch_elf.c +++ b/xen/common/livepatch_elf.c @@ -334,7 +334,13 @@ int livepatch_elf_resolve_symbols(struct livepatch_elf *elf) } if ( livepatch_elf_ignore_section(elf->sec[idx].sec) ) + { + dprintk(XENLOG_DEBUG, LIVEPATCH + "%s: Symbol %s from section %s ignored\n", + elf->name, elf->sym[i].name, elf->sec[idx].name); + elf->sym[i].ignored = true; break; + } st_value += (unsigned long)elf->sec[idx].load_addr; if ( elf->sym[i].name ) diff --git a/xen/include/xen/livepatch_elf.h b/xen/include/xen/livepatch_elf.h index 5b1ec469da..7116deaddc 100644 --- a/xen/include/xen/livepatch_elf.h +++ b/xen/include/xen/livepatch_elf.h @@ -22,6 +22,7 @@ struct livepatch_elf_sec { struct livepatch_elf_sym { const Elf_Sym *sym; const char *name; + bool ignored; }; struct livepatch_elf {