On 18/03/2025 7:05 pm, Frediano Ziglio wrote: > On Tue, Mar 18, 2025 at 5:36 PM Roger Pau Monne <roger....@citrix.com> wrote: >> Change the order relocations are applied. Currently the trampoline is >> patched for relocations before being copied to the low 1MB region. Change >> the order and instead copy the trampoline first to the low 1MB region and >> then apply the relocations. >> >> This will allow making .init.text section read-only (so read and execute >> permissions only), which is relevant when Xen is built as a PE image. >> > This change is not enough to make the section read-only, some other > code writes directly into the trampoline at the not-relocated > position. > But this improves the situation. > The code looks fine, I'll try the code if it passes some tests I did.
Which other writes are there? Strictly speaking it only matters for writes while we're still on the EFI BS pagetables, because they're the only ones which enforce R/O on .init. The moment we drop into 32bit (the MB2+EFI path) or get into __start_xen (all paths), writes into either trampoline should work. There are definitely bits of logic which depend on the trampoline being placed, and ideally wouldn't, but they're quite easy to find now with bootsym(). There's also definitely bits of logic which have temporaries in the trampoline which shouldn't be there, and now that some of the Hyperlaunch prep work is in place, can be moved out relatively easily. ~Andrew
