On 17.03.2022 11:00, Jiamei Xie wrote: >> -----Original Message----- >> From: Xen-devel <[email protected]> On Behalf Of >> Jiamei Xie >> Sent: 2022年3月17日 17:17 >> >>> -----Original Message----- >>> From: Xen-devel <[email protected]> On Behalf Of >>> Ross Lagerwall >>> Sent: 2022年3月10日 1:12 >>> To: Bjoern Doebel <[email protected]>; [email protected] >>> Cc: Michael Kurth <[email protected]>; Martin Pohlack >>> <[email protected]>; Roger Pau Monne <[email protected]>; >>> Andrew Cooper <[email protected]>; Konrad Rzeszutek Wilk >>> <[email protected]> >>> Subject: Re: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- >>> enhanced functions >>> >>>> From: Bjoern Doebel <[email protected]> >>>> Sent: Wednesday, March 9, 2022 2:53 PM >>>> To: [email protected] <[email protected]> >>>> Cc: Michael Kurth <[email protected]>; Martin Pohlack >>> <[email protected]>; Roger Pau Monne <[email protected]>; >>> Andrew Cooper <[email protected]>; Bjoern Doebel >>> <[email protected]>; Konrad Rzeszutek Wilk <[email protected]>; >>> Ross Lagerwall <[email protected]> >>>> Subject: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- >>> enhanced functions >>>> >>>> Xen enabled CET for supporting architectures. The control flow aspect of >>>> CET expects functions that can be called indirectly (i.e., via function >>>> pointers) to start with an ENDBR64 instruction. Otherwise a control flow >>>> exception is raised. >>>> >>>> This expectation breaks livepatching flows because we patch functions by >>>> overwriting their first 5 bytes with a JMP + <offset>, thus breaking the >>>> ENDBR64. We fix this by checking the start of a patched function for >>>> being ENDBR64. In the positive case we move the livepatch JMP to start >>>> behind the ENDBR64 instruction. >>>> >>>> To avoid having to guess the ENDBR64 offset again on patch reversal >>>> (which might race with other mechanisms adding/removing ENDBR >>>> dynamically), use the livepatch metadata to store the computed offset >>>> along with the saved bytes of the overwritten function. >>>> >>>> Signed-off-by: Bjoern Doebel <[email protected]> >>>> Acked-by: Konrad Rzeszutek Wilk <[email protected]> >>>> CC: Ross Lagerwall <[email protected]> >>> >>> Reviewed-by: Ross Lagerwall <[email protected]> >> >> Tested-by: Jiamei xie <[email protected]> >> >> Cheers, >> Jiamei > Sorry I forgot to add the scope I tested in last email. I tested it on > armv8a. It worked fine and didn't break arm. > Tested-by: Jiamei xie <[email protected]>
Yet in any event there's meanwhile been a v6, so I'm unsure of taking the tag over there. Jan
