Re: [Xen-devel] [PATCH v6 2/6] livepatch: Add limit of 2MB to payload .bss sections.

2016-09-19 Thread Jan Beulich 
>>> On 16.09.16 at 17:29,  wrote:
> --- a/xen/common/livepatch_elf.c
> +++ b/xen/common/livepatch_elf.c
> @@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, 
> const void *data)
>  delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past 
> end");
>  return -EINVAL;
>  }
> +else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
> +  sec[i].sec->sh_type == SHT_NOBITS &&
> +  sec[i].sec->sh_size > BSS_MAX_SIZE )
> +return -EINVAL;
>  
>  sec[i].data = data + delta;
>  /* Name is populated in elf_resolve_section_names. */
> --- a/xen/include/xen/livepatch.h
> +++ b/xen/include/xen/livepatch.h
> @@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
>  #define ELF_LIVEPATCH_FUNC".livepatch.funcs"
>  #define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
>  #define ELF_BUILD_ID_NOTE  ".note.gnu.build-id"
> +/* Arbitrary limit. */
> +#define BSS_MAX_SIZEMB(2)

Hmm, this wasn't quite what I was thinking about in the v5
comments: I really meant to unify this and the other 2Mb limit
into one (and then obviously with a name that's more generic).
I'm sorry for not having expressed this in an explicit enough
way.

Jan


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH v6 2/6] livepatch: Add limit of 2MB to payload .bss sections.

2016-09-16 Thread Konrad Rzeszutek Wilk 
The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
"xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
size of the binary at 2MB. We follow that in capping the size
of the .BSSes to be at maximum 2MB.

Reviewed-by: Ross Lagerwall 
Signed-off-by: Konrad Rzeszutek Wilk 
---
Cc: Ross Lagerwall 
Cc: Jan Beulich 

v5: Initial submission. Came about from conversation about
"livepatch: Clear .bss when payload is reverted"
   - Use only one sh_flags comparison instead of two.
   - And check for the _right_ combination (WA).
v6: Remove the logging
Move the MB(2) to a #define in the header file.
Add the newline after the addition in livepatch_elf.c.
Added Reviewed-by from Ross.
---
 xen/common/livepatch_elf.c  | 4 
 xen/include/xen/livepatch.h | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index cda9b27..79c290e 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, 
const void *data)
 delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past 
end");
 return -EINVAL;
 }
+else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
+  sec[i].sec->sh_type == SHT_NOBITS &&
+  sec[i].sec->sh_size > BSS_MAX_SIZE )
+return -EINVAL;
 
 sec[i].data = data + delta;
 /* Name is populated in elf_resolve_section_names. */
diff --git a/xen/include/xen/livepatch.h b/xen/include/xen/livepatch.h
index 243e240..46b9fc2 100644
--- a/xen/include/xen/livepatch.h
+++ b/xen/include/xen/livepatch.h
@@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
 #define ELF_LIVEPATCH_FUNC".livepatch.funcs"
 #define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
 #define ELF_BUILD_ID_NOTE  ".note.gnu.build-id"
+/* Arbitrary limit. */
+#define BSS_MAX_SIZEMB(2)
 
 struct livepatch_symbol {
 const char *name;
-- 
2.5.5


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel