Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Andrew Cooper
On 26/06/2020 16:07, Ross Lagerwall wrote: > On 2020-06-26 15:46, Andrew Cooper wrote: >> On 26/06/2020 15:26, Jan Beulich wrote: >>> On 26.06.2020 15:59, Ross Lagerwall wrote: On 2020-06-26 13:24, Andrew Cooper wrote: > @@ -56,18 +57,48 @@ int arch_livepatch_safety_check(void) >

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Ross Lagerwall
On 2020-06-26 15:46, Andrew Cooper wrote: > On 26/06/2020 15:26, Jan Beulich wrote: >> On 26.06.2020 15:59, Ross Lagerwall wrote: >>> On 2020-06-26 13:24, Andrew Cooper wrote: @@ -56,18 +57,48 @@ int arch_livepatch_safety_check(void) return -EBUSY; } -int

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Jan Beulich
On 26.06.2020 16:46, Andrew Cooper wrote: > On 26/06/2020 15:26, Jan Beulich wrote: >> On 26.06.2020 15:59, Ross Lagerwall wrote: >>> On 2020-06-26 13:24, Andrew Cooper wrote: @@ -56,18 +57,48 @@ int arch_livepatch_safety_check(void) return -EBUSY; } -int

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Andrew Cooper
On 26/06/2020 15:26, Jan Beulich wrote: > On 26.06.2020 15:59, Ross Lagerwall wrote: >> On 2020-06-26 13:24, Andrew Cooper wrote: >>> @@ -56,18 +57,48 @@ int arch_livepatch_safety_check(void) >>> return -EBUSY; >>> } >>> >>> -int arch_livepatch_quiesce(void) >>> +int noinline

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Jan Beulich
On 26.06.2020 15:59, Ross Lagerwall wrote: > On 2020-06-26 13:24, Andrew Cooper wrote: >> @@ -56,18 +57,48 @@ int arch_livepatch_safety_check(void) >> return -EBUSY; >> } >> >> -int arch_livepatch_quiesce(void) >> +int noinline arch_livepatch_quiesce(void) >> { >> +/* If Shadow Stacks

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Ross Lagerwall
On 2020-06-26 13:24, Andrew Cooper wrote: > Just like the alternatives infrastructure, the livepatch infrastructure > disables CR0.WP to perform patching, which is not permitted with CET active. > > Modify arch_livepatch_{quiesce,revive}() to disable CET before disabling WP, > and reset the dirty

RE: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Paul Durrant
> -Original Message- > From: Jan Beulich > Sent: 26 June 2020 14:15 > To: Andrew Cooper > Cc: Xen-devel ; Wei Liu ; Roger > Pau Monné > ; Konrad Rzeszutek Wilk ; Ross > Lagerwall > ; Pawel Wieczorkiewicz ; Paul > Durrant > Subject: Re: [PATCH

Re: [PATCH v2 for-4.14] x86/livepatch: Make livepatching compatible with CET Shadow Stacks

2020-06-26 Thread Jan Beulich
On 26.06.2020 14:24, Andrew Cooper wrote: > Just like the alternatives infrastructure, the livepatch infrastructure > disables CR0.WP to perform patching, which is not permitted with CET active. > > Modify arch_livepatch_{quiesce,revive}() to disable CET before disabling WP, > and reset the dirty