1. Patchew
  2. Xen
  3. View series

[PATCH v2] altcall: fix __alt_call_maybe_initdata so it's safe for livepatch

Roger Pau Monne posted 1 patch 3 weeks, 1 day ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20240411160838.73965-1-roger.pau@citrix.com
xen/include/xen/alternative-call.h | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
[PATCH v2] altcall: fix __alt_call_maybe_initdata so it's safe for livepatch
Posted by Roger Pau Monne 3 weeks, 1 day ago 
Setting alternative call variables as __init is not safe for use with
livepatch, as livepatches can rightfully introduce new alternative calls to
structures marked as __alt_call_maybe_initdata (possibly just indirectly due to
replacing existing functions that use those).  Attempting to resolve those
alternative calls then results in page faults as the variable that holds the
function pointer address has been freed.

When livepatch is supported use the __ro_after_init attribute instead of
__initdata for __alt_call_maybe_initdata.

Fixes: f26bb285949b ('xen: Implement xen/alternative-call.h for use in common code')
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Changes since v1:
 - Use #ifdef instead of #ifndef.
---
 xen/include/xen/alternative-call.h | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/xen/include/xen/alternative-call.h b/xen/include/xen/alternative-call.h
index 5c6b9a562b92..10f7d7637e1e 100644
--- a/xen/include/xen/alternative-call.h
+++ b/xen/include/xen/alternative-call.h
@@ -50,7 +50,12 @@
 
 #include <asm/alternative.h>
 
-#define __alt_call_maybe_initdata __initdata
+#ifdef CONFIG_LIVEPATCH
+/* Must keep for livepatches to resolve alternative calls. */
+# define __alt_call_maybe_initdata __ro_after_init
+#else
+# define __alt_call_maybe_initdata __initdata
+#endif
 
 #else
 
-- 
2.44.0
Re: [PATCH v2] altcall: fix __alt_call_maybe_initdata so it's safe for livepatch
Posted by Andrew Cooper 3 weeks, 1 day ago 
On 11/04/2024 5:08 pm, Roger Pau Monne wrote:
> Setting alternative call variables as __init is not safe for use with
> livepatch, as livepatches can rightfully introduce new alternative calls to
> structures marked as __alt_call_maybe_initdata (possibly just indirectly due to
> replacing existing functions that use those).  Attempting to resolve those
> alternative calls then results in page faults as the variable that holds the
> function pointer address has been freed.
>
> When livepatch is supported use the __ro_after_init attribute instead of
> __initdata for __alt_call_maybe_initdata.
>
> Fixes: f26bb285949b ('xen: Implement xen/alternative-call.h for use in common code')
> Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>

I really did screw up livepatching with the indirect-branch reduction
work, didn't I...

Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.