From nobody Fri May 17 01:43:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1713521063; cv=none; d=zohomail.com; s=zohoarc; b=YT8M5MzufYEbsjrjj7s05yQjpahlgqJpw2nWzaIV1Hnd1H5nr0dFC+QnTY46ewZ/BvtMuFDgBeURXoIiCI0i7jBFEIIBaYH3rgkUODEyIol6iPfv2LEtYdP/HHxXpiRf/m/hwHz9KL1J9UM+zqxdgtuhKjSCFv2diJr4EkBCykE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1713521063; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=S7mjp33WpBhabm3Id1MQ0ozfzCKuhgzqE8mZPDJPVPI=; b=jISPU9VzmWfoCwhZAMSDiWp1I/VH8trjgHoq4ArOIC/eiuiBRb7SN/upvw502oIUzDNNsu8AnI3R5ZE4qkUZKozs8jLXOQclZXxH7eIhb77GF/ndqI1S0POpLF4kwot7ly+SVBFRlD13ThwMV+H26nHAA/GgozE+3KYu+rh9zA8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1713521063646876.5952289489566; Fri, 19 Apr 2024 03:04:23 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.708908.1108098 (Exim 4.92) (envelope-from ) id 1rxl6F-0002bF-Vc; Fri, 19 Apr 2024 10:04:07 +0000 Received: by outflank-mailman (output) from mailman id 708908.1108098; Fri, 19 Apr 2024 10:04:07 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rxl6F-0002b6-Sb; Fri, 19 Apr 2024 10:04:07 +0000 Received: by outflank-mailman (input) for mailman id 708908; Fri, 19 Apr 2024 10:04:07 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rxl6F-0002MX-7L for xen-devel@lists.xenproject.org; Fri, 19 Apr 2024 10:04:07 +0000 Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [2607:f8b0:4864:20::82b]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 28019673-fe34-11ee-b909-491648fe20b8; Fri, 19 Apr 2024 12:04:06 +0200 (CEST) Received: by mail-qt1-x82b.google.com with SMTP id d75a77b69052e-434d0f63c31so11068411cf.1 for ; Fri, 19 Apr 2024 03:04:06 -0700 (PDT) Received: from localhost ([85.31.135.62]) by smtp.gmail.com with ESMTPSA id y3-20020ac87c83000000b00434f6c1458bsm1456526qtv.17.2024.04.19.03.04.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 03:04:04 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 28019673-fe34-11ee-b909-491648fe20b8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1713521045; x=1714125845; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=S7mjp33WpBhabm3Id1MQ0ozfzCKuhgzqE8mZPDJPVPI=; b=bvxg+fbOOjG1RVwMpbb3WKF6B+y8+Upfl9nRORLwJMa1PrOq0k1ip3ijLrId8lQz/1 uCaS+8pztTz2tr0/LRaVBSoAEoAzdoiz/Y9HYCQ0911aWSG/VrJ4fap8uPZid0Yq0wKA P+V+ZuargtsFQqFL/qLwO3D9nrBU8NZrLjmQo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713521045; x=1714125845; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=S7mjp33WpBhabm3Id1MQ0ozfzCKuhgzqE8mZPDJPVPI=; b=mbJUjfV32kFozvVom6Qno1sUlPr1pj8VJEW46GCA1EWtyS5iV1SaHiA0YnGeW5O18o ZCxMEYPXFWDuBa0ZonQgWT/LAThKAA0DnRm87KeHzA290cQc5fw5zJp7PDhZqyOQRlgN Z2qRNaNMFVXwyTU1rKy0fGggiF8hW1KvOj7mOHUs4lDO8vTQBrjFWATES85q4dJf+6pq RDpuxfY5XINpynx2B2zKnHSR965/Q8f9CEtHLR9wTDjmcMDDGoP7SapXMB154EyQ0NxX WxYkU7B3sPxjtcglsV7RkHxfMGnm17UfWiW87Ud6AWtvGiIArrbATPM0Loj5lWM6l2yf lltg== X-Gm-Message-State: AOJu0Yy2qGtnHZRNOrQQ5HiMVrd1tDBxHNq/7reRVY3548JEHivVAOhh tIE6dR+DSiRdcUiGd5jZa6sgcRKlp2pFJdppAStE5PLF87cNv7hvqP2TZRiEc8KIqxGXNlyaZia G X-Google-Smtp-Source: AGHT+IEgt1x7AwSVTqJ5ET+Y/tJF5F5j5c9iPm3TUgRsvlxZq8dumUcHT/9DgBFnQWlxs+lhgiyvrQ== X-Received: by 2002:a05:622a:189c:b0:434:aed1:844b with SMTP id v28-20020a05622a189c00b00434aed1844bmr1675139qtc.37.1713521044738; Fri, 19 Apr 2024 03:04:04 -0700 (PDT) From: Roger Pau Monne To: xen-devel@lists.xenproject.org Cc: Roger Pau Monne , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Jan Beulich Subject: [PATCH v2 1/2] xen: introduce header file with section related symbols Date: Fri, 19 Apr 2024 12:02:16 +0200 Message-ID: <20240419100217.12072-2-roger.pau@citrix.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240419100217.12072-1-roger.pau@citrix.com> References: <20240419100217.12072-1-roger.pau@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1713521064248100001 Start by declaring the beginning and end of the init section. No functional change intended. Requested-by: Andrew Cooper Signed-off-by: Roger Pau Monn=C3=A9 Reviewed-by: Andrew Cooper --- xen/arch/arm/mmu/setup.c | 3 +-- xen/arch/x86/setup.c | 3 +-- xen/include/xen/sections.h | 17 +++++++++++++++++ 3 files changed, 19 insertions(+), 4 deletions(-) create mode 100644 xen/include/xen/sections.h diff --git a/xen/arch/arm/mmu/setup.c b/xen/arch/arm/mmu/setup.c index c0cb17ca2ecf..f4bb424c3c91 100644 --- a/xen/arch/arm/mmu/setup.c +++ b/xen/arch/arm/mmu/setup.c @@ -7,6 +7,7 @@ =20 #include #include +#include #include #include =20 @@ -62,8 +63,6 @@ vaddr_t directmap_virt_start __read_mostly; unsigned long directmap_base_pdx __read_mostly; #endif =20 -extern char __init_begin[], __init_end[]; - /* Checking VA memory layout alignment. */ static void __init __maybe_unused build_assertions(void) { diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 86cd8b999774..dd4d1b2887ee 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -5,6 +5,7 @@ #include #include #include +#include #include #include #include @@ -309,8 +310,6 @@ void __init discard_initial_images(void) initial_images =3D NULL; } =20 -extern unsigned char __init_begin[], __init_end[]; - static void __init init_idle_domain(void) { scheduler_init(); diff --git a/xen/include/xen/sections.h b/xen/include/xen/sections.h new file mode 100644 index 000000000000..b6cb5604c285 --- /dev/null +++ b/xen/include/xen/sections.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef __XEN_SECTIONS_H__ +#define __XEN_SECTIONS_H__ + +/* SAF-0-safe */ +extern char __init_begin[], __init_end[]; + +#endif /* !__XEN_SECTIONS_H__ */ +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.44.0 From nobody Fri May 17 01:43:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1713521070; cv=none; d=zohomail.com; s=zohoarc; b=cYg4zwYO9T2JqS4ihEypuxG5u+fSvd2QkQVfMqylWm3rgW/bVZROqypt0be7TpO0em0N423RkDEAdJh9KtDyfECb4Pzb87/wnU+XH7+ECm59IC6AK/wLQKRlIE0PAxjA7072We/nX7BkStaCmMedOhtagt1xF9kfmkjkeBXnXQc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1713521070; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=x5kH8Om+131aQ6l7YhoG07i/m9A16YqFxu4+5E8EjzA=; b=cTmYljNUeVkRwxyqXLFAenbPGAUp0qAauCCmhM4x+CariA8cEfaJz/QtKqKPEpk4nPrGtNQY56LEhSn9HDBmPE2xi/b+PlmbiYfMIERzIEtn+YkYhjOJAoMVeiMeKq9qscHX9ctSqNeSy15YQys5vP4GcgrYdw3ONiXz0O27A74= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1713521069901889.6984279375877; Fri, 19 Apr 2024 03:04:29 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.708909.1108107 (Exim 4.92) (envelope-from ) id 1rxl6J-0002rw-6B; Fri, 19 Apr 2024 10:04:11 +0000 Received: by outflank-mailman (output) from mailman id 708909.1108107; Fri, 19 Apr 2024 10:04:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rxl6J-0002rn-3Q; Fri, 19 Apr 2024 10:04:11 +0000 Received: by outflank-mailman (input) for mailman id 708909; Fri, 19 Apr 2024 10:04:09 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rxl6H-0002MX-SA for xen-devel@lists.xenproject.org; Fri, 19 Apr 2024 10:04:09 +0000 Received: from mail-ot1-x32b.google.com (mail-ot1-x32b.google.com [2607:f8b0:4864:20::32b]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 297a4e20-fe34-11ee-b909-491648fe20b8; Fri, 19 Apr 2024 12:04:09 +0200 (CEST) Received: by mail-ot1-x32b.google.com with SMTP id 46e09a7af769-6eb86aeeb2cso1021548a34.3 for ; Fri, 19 Apr 2024 03:04:09 -0700 (PDT) Received: from localhost ([85.31.135.62]) by smtp.gmail.com with ESMTPSA id a8-20020a05620a124800b0078f28a08785sm265765qkl.88.2024.04.19.03.04.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 03:04:06 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 297a4e20-fe34-11ee-b909-491648fe20b8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1713521047; x=1714125847; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=x5kH8Om+131aQ6l7YhoG07i/m9A16YqFxu4+5E8EjzA=; b=Tuv1lFVgUUNC55M1L+U8Adgf6CbVIk9nUDcky6mtaEHqaeBd1UBBeI5vFdmJvnhjpO Tm7w/+9XMfXGTehYgzYcmgNa+82qnJWf1H1/scKfd5zV7iFHdia9benCYQJ1/85hxpzS jMRLEgEj0ZrbqbY987YKHLVYVIvKg+L9wjHzU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713521047; x=1714125847; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x5kH8Om+131aQ6l7YhoG07i/m9A16YqFxu4+5E8EjzA=; b=rkXJYiQkXuN86PRg1wfX2PLfSNAM6/PkH1wZb/lhQnTAQhKboH/crGbLiGrg2vczLK rO6oggiO4e52lSn6l1NBfQmyOEpxNeaRZ6seg7qnYCimvwMgPvhdRZLZj69yUAY7a2E7 6kvMK8tiyQk3o3mDvXGQo4l6KnRIBJ4yOckUKIHbnYuzv/Khfshfb1yuUpOLx2jDGkiH ApeJOGT2kGbs+nnINT0uQQG433JgtvUPcblFP/ceKKw96vuAsgogcI1CT7Wa60sChRka t1F7he+WzqwBoqf3bfrNw46byUKv4im4/ViJrRXsziBXePPTgjnV1Dczi0l/WLxTFl0p f4NQ== X-Gm-Message-State: AOJu0Yzxf+G9v89shFBSSBSml5ltfCWI1DZSjldO343Q35BsPLkLBykW srS+W3Y+gWrgU8Rf/3WLXFhE8TRoNRErQBRV6G71WPz6/KZHgarvDdj/TrDql+snsMEUaPjDgkc 8 X-Google-Smtp-Source: AGHT+IHIqQ+mDPN5RImm6mlw6ZtoIwpNtH0j0ljEo2EdwPFYoDQgHaxEYWaya6PemXrsZORkOrFW+A== X-Received: by 2002:a05:6830:4413:b0:6eb:7e60:6028 with SMTP id q19-20020a056830441300b006eb7e606028mr1967521otv.30.1713521047293; Fri, 19 Apr 2024 03:04:07 -0700 (PDT) From: Roger Pau Monne To: xen-devel@lists.xenproject.org Cc: Roger Pau Monne , Ross Lagerwall Subject: [PATCH v2 2/2] livepatch: refuse to resolve symbols that belong to init sections Date: Fri, 19 Apr 2024 12:02:17 +0200 Message-ID: <20240419100217.12072-3-roger.pau@citrix.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240419100217.12072-1-roger.pau@citrix.com> References: <20240419100217.12072-1-roger.pau@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1713521070179100001 Livepatch payloads containing symbols that belong to init sections can only lead to page faults later on, as by the time the livepatch is loaded init sections have already been freed. Refuse to resolve such symbols and return an error instead. Note such resolutions are only relevant for symbols that point to undefined sections (SHN_UNDEF), as that implies the symbol is not in the current payl= oad and hence must either be a Xen or a different livepatch payload symbol. Do not allow to resolve symbols that point to __init_begin, as that address= is also unmapped. On the other hand, __init_end is not unmapped, and hence al= low resolutions against it. Signed-off-by: Roger Pau Monn=C3=A9 Reviewed-by: Andrew Cooper , although ... --- Changes since v1: - Fix off-by-one in range checking. --- xen/common/livepatch_elf.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c index 45d73912a3cd..a67101eadc02 100644 --- a/xen/common/livepatch_elf.c +++ b/xen/common/livepatch_elf.c @@ -4,6 +4,7 @@ =20 #include #include +#include #include #include #include @@ -310,6 +311,21 @@ int livepatch_elf_resolve_symbols(struct livepatch_elf= *elf) break; } } + + /* + * Ensure not an init symbol. Only applicable to Xen symbols,= as + * livepatch payloads don't have init sections or equivalent. + */ + else if ( st_value >=3D (uintptr_t)&__init_begin && + st_value < (uintptr_t)&__init_end ) + { + printk(XENLOG_ERR LIVEPATCH + "%s: symbol %s is in init section, not resolving\n", + elf->name, elf->sym[i].name); + rc =3D -ENXIO; + break; + } + dprintk(XENLOG_DEBUG, LIVEPATCH "%s: Undefined symbol resolved= : %s =3D> %#"PRIxElfAddr"\n", elf->name, elf->sym[i].name, st_value); break; --=20 2.44.0