From nobody Fri Dec 19 19:01:27 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1745370194; cv=none; d=zohomail.com; s=zohoarc; b=k/zuPAe0SzKmcRp1LblR2qd2QyaaBSW6orjU1RcfJ4cysJ0OKdSe89F2KfKSzWwAxY26auFg6uclXemWu8Fk+ThiMY1f/ftX7R+vjTd91GCWLENPvVadBkHjD9ef1WG4QqlHV7D9W2YdjUKoJWZqbGjBM+1nDtaSr/3atXzJI4M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1745370194; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Car784Mg7m/YLG0YJpvUcaWm7zKGiPIHLzmw/ReGrpU=; b=IKH1FY/4qrfCKe5Z0ieg3V2gB1bmsNBRPm/0/rJoOEe7PadJwEatDP8YTZnaOJaatxe0Gfpv0tOvEqUMKrk4avPl2K8NYk6yNFh3vqR6LDGbe4IYsP0B+9RWbduePeKlicjZvjYJ86Ctsb17M7yfLugVdO2go3xbkSwvKHMxxAo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1745370194797806.763058843065; Tue, 22 Apr 2025 18:03:14 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.963782.1354763 (Exim 4.92) (envelope-from ) id 1u7OVr-0002GJ-Td; Wed, 23 Apr 2025 01:02:55 +0000 Received: by outflank-mailman (output) from mailman id 963782.1354763; Wed, 23 Apr 2025 01:02:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1u7OVr-0002FT-Pd; Wed, 23 Apr 2025 01:02:55 +0000 Received: by outflank-mailman (input) for mailman id 963782; Wed, 23 Apr 2025 01:02:54 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1u7OVq-0000o7-Nd for xen-devel@lists.xenproject.org; Wed, 23 Apr 2025 01:02:54 +0000 Received: from mail-wm1-x335.google.com (mail-wm1-x335.google.com [2a00:1450:4864:20::335]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id aeb9fdbb-1fde-11f0-9ffb-bf95429c2676; Wed, 23 Apr 2025 03:02:52 +0200 (CEST) Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-43edecbfb94so60202285e9.1 for ; Tue, 22 Apr 2025 18:02:53 -0700 (PDT) Received: from localhost.localdomain ([83.104.178.215]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-44092d2326dsm6707635e9.15.2025.04.22.18.02.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Apr 2025 18:02:51 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: aeb9fdbb-1fde-11f0-9ffb-bf95429c2676 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1745370172; x=1745974972; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Car784Mg7m/YLG0YJpvUcaWm7zKGiPIHLzmw/ReGrpU=; b=CchcjBVMooWXmEQy5dnwCxDF+wmyKeycAw1nqkWwRgBpHFIrilg2DV26YWhiaUcz9x RyiT6wFA1ia9K8n3nRqHSw5ab0CjApJUCJ6UOPFLGzm07aUcwNi7a4MYltR2AYIYT4Te zlYE0qk3ubAx6lA6GvC+nv6nShUj1dU8un2n4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745370172; x=1745974972; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Car784Mg7m/YLG0YJpvUcaWm7zKGiPIHLzmw/ReGrpU=; b=IWlIsdV2ZA9vC54S7wKFpnh0EOg9ige8JoWE/4zrLXBBunyLOWxZxJFXLHuBx7U09F N7+KwQk4JjKR3XTSiK493yz5kl+8yfMq/wL+Ac5eohmwBelJeHGXLh0lNn6aRm9lUy3g 6nCuwQomD6KpLcmRGzyOrevVRJj8qzbDW5KwGPXNDrkP4bQOtI3W25fO0Cf+9rx3pwVA tbUPczEpjqbPWzgRW1V148suNctEi6o3fboWQnQ4GOckV4SoNxHpy28E0wCqvTJw2Ya0 HMJIelRMcV0ONuNSXypacuj2p4DJJriMJ67IKAPidrKtZpywSsYj6bnVDF7Y14X9rsAA sBrA== X-Gm-Message-State: AOJu0YzHtA6qcuZWK/GoASWXZ94QpUysqzqUAEeW7wVG8xKO+xYl6g8u N9QXevOOjc0y2/WtQP5Q7V7udc4Sqvyo+Kh0OBjQCY1ATZucqNox8Y06DRV8msGcKhACBKHZ28M E X-Gm-Gg: ASbGncuLUJS7CDpOfRIHujcEBHt1QivF46JqZdWqGtFtTAV/o47/3lvFg8BC30sXQBM B+cgXKK0f/9F9kjqhgUgKxhN2Ce7bStqNEXpnqJyWbT4h2i+wdGvr8RWG3E6qE4eDfE2PkZrb1v VaQ5tWNSI4pAH4vF33YG7cC8pH0SdaBALxEPxgh7dh/z+RmLrtjLC2vGqE0gcP9dBKM86sLJvJs tfcTklBzb6NOM485X1WB3MM5LvCW5bJy+MgFJqdfIFN047GVuboLBzNgwShgXGmh+aEhWhi20vI RH1Y24GJ/Uiny86SgfcGUzM5ewmWbbBpMnOqcmXClnmaTkRKXkhAJ+8y7HjuzA== X-Google-Smtp-Source: AGHT+IHCwz6HUV+NnETadrfzXBEL0LGCaI1Bo4OwY8mvAP0xChdNkPdYskXTtgnH8JOWTKFH6CTRLw== X-Received: by 2002:a05:600c:1c28:b0:440:6a37:be30 with SMTP id 5b1f17b1804b1-4406aba5c25mr143876665e9.16.1745370172253; Tue, 22 Apr 2025 18:02:52 -0700 (PDT) From: Andrew Cooper To: Xen-devel Cc: Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Ross Lagerwall Subject: [PATCH 6/8] xen/livepatch: Support new altcall scheme Date: Wed, 23 Apr 2025 02:02:35 +0100 Message-Id: <20250423010237.1528582-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250423010237.1528582-1-andrew.cooper3@citrix.com> References: <20250423010237.1528582-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1745370195597019000 The new altcall scheme uses an .alt_call_sites section. Wire this up in ve= ry much the same way as the .altinstructions section, although there is less sanity checking necessary. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich Reviewed-by: Roger Pau Monn=C3=A9 --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Ross Lagerwall --- xen/arch/x86/alternative.c | 6 ++++ xen/common/livepatch.c | 58 ++++++++++++++++++++++++++++++ xen/include/xen/alternative-call.h | 8 +++-- 3 files changed, 70 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/alternative.c b/xen/arch/x86/alternative.c index f6594e21a14c..22af224f08f7 100644 --- a/xen/arch/x86/alternative.c +++ b/xen/arch/x86/alternative.c @@ -479,6 +479,12 @@ int apply_alternatives(struct alt_instr *start, struct= alt_instr *end) { return _apply_alternatives(start, end, true); } + +int livepatch_apply_alt_calls(const struct alt_call *start, + const struct alt_call *end) +{ + return apply_alt_calls(start, end); +} #endif =20 #define ALT_INSNS (1U << 0) diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c index 6ce77bf021b7..be9b7e367553 100644 --- a/xen/common/livepatch.c +++ b/xen/common/livepatch.c @@ -905,6 +905,64 @@ static int prepare_payload(struct payload *payload, #endif } =20 + sec =3D livepatch_elf_sec_by_name(elf, ".alt_call_sites"); + if ( sec ) + { +#ifdef CONFIG_ALTERNATIVE_CALL + const struct alt_call *a, *start, *end; + + if ( !section_ok(elf, sec, sizeof(*a)) ) + return -EINVAL; + + /* Tolerate an empty .alt_call_sites section... */ + if ( sec->sec->sh_size =3D=3D 0 ) + goto alt_call_done; + + /* ... but otherwise, there needs to be something to alter... */ + if ( payload->text_size =3D=3D 0 ) + { + printk(XENLOG_ERR LIVEPATCH "%s Alternative calls provided, bu= t no .text\n", + elf->name); + return -EINVAL; + } + + start =3D sec->addr; + end =3D sec->addr + sec->sec->sh_size; + + for ( a =3D start; a < end; a++ ) + { + const void *orig =3D ALT_CALL_PTR(a); + size_t len =3D ALT_CALL_LEN(a); + + /* orig must be fully within .text. */ + if ( orig < payload->text_addr || + len > payload->text_size || + orig + len > payload->text_addr + payload->text_size ) + { + printk(XENLOG_ERR LIVEPATCH + "%s: Alternative call %p+%#zx outside payload text = %p+%#zx\n", + elf->name, orig, len, + payload->text_addr, payload->text_size); + return -EINVAL; + } + } + + rc =3D livepatch_apply_alt_calls(start, end); + if ( rc ) + { + printk(XENLOG_ERR LIVEPATCH "%s: Applying alternative calls fa= iled: %d\n", + elf->name, rc); + return rc; + } + + alt_call_done:; +#else /* CONFIG_ALTERNATIVE_CALL */ + printk(XENLOG_ERR LIVEPATCH "%s: Alternative calls not supported\n= ", + elf->name); + return -EOPNOTSUPP; +#endif /* !CONFIG_ALTERNATIVE_CALL */ + } + sec =3D livepatch_elf_sec_by_name(elf, ".ex_table"); if ( sec ) { diff --git a/xen/include/xen/alternative-call.h b/xen/include/xen/alternati= ve-call.h index 3c855bfa44f5..767c2149bce7 100644 --- a/xen/include/xen/alternative-call.h +++ b/xen/include/xen/alternative-call.h @@ -17,8 +17,8 @@ * generation requirements are to emit a function pointer call at build * time, and stash enough metadata to simplify the call at boot once the * implementation has been resolved. - * - Implement boot_apply_alt_calls() to convert the function pointer calls - * into direct calls on boot. + * - Implement {boot,livepatch}_apply_alt_calls() to convert the function + * pointer calls into direct calls on boot/livepatch. * - Select ALTERNATIVE_CALL in Kconfig. * * To use: @@ -65,6 +65,10 @@ */ void boot_apply_alt_calls(void); =20 +/* As per boot_apply_alt_calls() but for a livepatch. */ +int livepatch_apply_alt_calls(const struct alt_call *start, + const struct alt_call *end); + #else /* CONFIG_ALTERNATIVE_CALL */ =20 #define alternative_call(func, args...) (func)(args) --=20 2.39.5