Hi Bjoern, > -----Original Message----- > From: Xen-devel <[email protected]> On Behalf Of > Ross Lagerwall > Sent: 2022年3月10日 1:12 > To: Bjoern Doebel <[email protected]>; [email protected] > Cc: Michael Kurth <[email protected]>; Martin Pohlack > <[email protected]>; Roger Pau Monne <[email protected]>; > Andrew Cooper <[email protected]>; Konrad Rzeszutek Wilk > <[email protected]> > Subject: Re: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- > enhanced functions > > > From: Bjoern Doebel <[email protected]> > > Sent: Wednesday, March 9, 2022 2:53 PM > > To: [email protected] <[email protected]> > > Cc: Michael Kurth <[email protected]>; Martin Pohlack > <[email protected]>; Roger Pau Monne <[email protected]>; > Andrew Cooper <[email protected]>; Bjoern Doebel > <[email protected]>; Konrad Rzeszutek Wilk <[email protected]>; > Ross Lagerwall <[email protected]> > > Subject: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- > enhanced functions > > > > Xen enabled CET for supporting architectures. The control flow aspect of > > CET expects functions that can be called indirectly (i.e., via function > > pointers) to start with an ENDBR64 instruction. Otherwise a control flow > > exception is raised. > > > > This expectation breaks livepatching flows because we patch functions by > > overwriting their first 5 bytes with a JMP + <offset>, thus breaking the > > ENDBR64. We fix this by checking the start of a patched function for > > being ENDBR64. In the positive case we move the livepatch JMP to start > > behind the ENDBR64 instruction. > > > > To avoid having to guess the ENDBR64 offset again on patch reversal > > (which might race with other mechanisms adding/removing ENDBR > > dynamically), use the livepatch metadata to store the computed offset > > along with the saved bytes of the overwritten function. > > > > Signed-off-by: Bjoern Doebel <[email protected]> > > Acked-by: Konrad Rzeszutek Wilk <[email protected]> > > CC: Ross Lagerwall <[email protected]> > > Reviewed-by: Ross Lagerwall <[email protected]>
Tested-by: Jiamei xie <[email protected]> Cheers, Jiamei
