From patchwork Sun Apr 10 21:14:48 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Konrad Rzeszutek Wilk X-Patchwork-Id: 8795061 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id E6AFCC0554 for ; Sun, 10 Apr 2016 21:17:31 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id AA8EC20303 for ; Sun, 10 Apr 2016 21:17:30 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B32B720268 for ; Sun, 10 Apr 2016 21:17:27 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1apMhx-0000PB-H9; Sun, 10 Apr 2016 21:15:49 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1apMhw-0000Jm-26 for xen-devel@lists.xenproject.org; Sun, 10 Apr 2016 21:15:48 +0000 Received: from [85.158.137.68] by server-3.bemta-3.messagelabs.com id 80/41-03294-382CA075; Sun, 10 Apr 2016 21:15:47 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmplkeJIrShJLcpLzFFi42LpnVTnqtt0iCv c4N01PYvvWyYzOTB6HP5whSWAMYo1My8pvyKBNWPh1W6mgoPuFRsunGZpYLxl0cXIxSEk0MEk 8e9NByuE841R4vjlFpYuRk4gZyOjxPbuNIhEN6PE7+NLoRJFEhOfX2XrYuTgYBMwkXizyhGkR kRgOaPE131zWEFqmAXKJVbPeM8GYgsL2Es8vLgMrJdFQFXi+7LJjCA2r4CbxMO1fYwgcyQE5C QWXEgHMTmBwjMPa0BscpU4sv8eO4gtIWAs0Terj2UCI/8CRoZVjOrFqUVlqUW6JnpJRZnpGSW 5iZk5uoYGxnq5qcXFiempOYlJxXrJ+bmbGIHBwwAEOxgbvzgdYpTkYFIS5bV6yREuxJeUn1KZ kVicEV9UmpNafIhRhoNDSYI3bxtXuJBgUWp6akVaZg4wjGHSEhw8SiK8tSBp3uKCxNzizHSI1 ClGRSlx3qUgCQGQREZpHlwbLHYuMcpKCfMyAh0ixFOQWpSbWYIq/4pRnINRSZi3F2QKT2ZeCd z0V0CLmYAWP/vHCbK4JBEhJdXAuMp3q9DGBRNutib0ZXS+ebj5qaNcyM13e60zGURyLHm8/Ko jBRqa4w2mRRcvd9xWUmP8cBdHAMuesOrDu6ItTUsvLpr64vach4Hrs3T/bp5667LFhJnCHK8C vE1WvXc5kLbdmmHLLs6bp3S2Ne9jV+HjnLtIpsWCU2Jz6mGjlg5f+5ZXsQIzlFiKMxINtZiLi hMBCVfqIpgCAAA= X-Env-Sender: konrad@char.us.oracle.com X-Msg-Ref: server-5.tower-31.messagelabs.com!1460322944!34027773!1 X-Originating-IP: [141.146.126.69] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogMTQxLjE0Ni4xMjYuNjkgPT4gMjc3MjE4\n X-StarScan-Received: X-StarScan-Version: 8.28; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3624 invoked from network); 10 Apr 2016 21:15:46 -0000 Received: from aserp1040.oracle.com (HELO aserp1040.oracle.com) (141.146.126.69) by server-5.tower-31.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 10 Apr 2016 21:15:46 -0000 Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id u3ALF8pu015347 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 10 Apr 2016 21:15:08 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0021.oracle.com (8.13.8/8.13.8) with ESMTP id u3ALF8hO016296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 10 Apr 2016 21:15:08 GMT Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id u3ALF70o003439; Sun, 10 Apr 2016 21:15:08 GMT Received: from char.us.oracle.com (/10.137.176.158) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Sun, 10 Apr 2016 14:15:07 -0700 Received: by char.us.oracle.com (Postfix, from userid 1000) id 7532C6A011C; Sun, 10 Apr 2016 17:15:05 -0400 (EDT) From: Konrad Rzeszutek Wilk To: xen-devel@lists.xenproject.org, konrad@kernel.org, sasha.levin@oracle.com, andrew.cooper3@citrix.com, ross.lagerwall@citrix.com, mpohlack@amazon.de Date: Sun, 10 Apr 2016 17:14:48 -0400 Message-Id: <1460322896-1115-17-git-send-email-konrad.wilk@oracle.com> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1460322896-1115-1-git-send-email-konrad.wilk@oracle.com> References: <1460322896-1115-1-git-send-email-konrad.wilk@oracle.com> X-Source-IP: aserv0021.oracle.com [141.146.126.233] Cc: Keir Fraser , Jan Beulich , Konrad Rzeszutek Wilk Subject: [Xen-devel] [PATCH v7 16/24] xsplice: Add support for alternatives X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Ross Lagerwall Add support for applying alternative sections within xsplice payload. At payload load time, apply an alternative sections that are found. Also we add an test-case exercising a rather useless alternative (patching a NOP with a NOP) - but it does exercise the code-path. Signed-off-by: Ross Lagerwall Signed-off-by: Konrad Rzeszutek Wilk Reviewed-by: Andrew Cooper --- Cc: Keir Fraser Cc: Jan Beulich Cc: Andrew Cooper v2: Make a new alternative function that does not ASSERT on IRQs and don't disable IRQs in the code when loading payload. v4: Include test-case Include check for size of alternatives and that it is not a 0 size section. v6: Add #define INIT to preserve __initness on alternative code. Double check that alt_instr are only patching payload code. v7: Move cr0 manipulation in apply_alternatives. ifdef around alternative.o in Makefile Pick X86_FEATURE_LM in test-case Drop casting from load_addr It is alternative.init.o, not alternative_init.o (thanks Andrew!) --- --- xen/arch/x86/Makefile | 4 +++ xen/arch/x86/alternative.c | 42 ++++++++++++++++++++------------ xen/arch/x86/test/xen_hello_world_func.c | 5 ++++ xen/common/xsplice.c | 34 ++++++++++++++++++++++++++ xen/include/asm-x86/alternative.h | 4 +++ 5 files changed, 74 insertions(+), 15 deletions(-) diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile index 57c93e1..d210bb7 100644 --- a/xen/arch/x86/Makefile +++ b/xen/arch/x86/Makefile @@ -6,7 +6,11 @@ subdir-y += mm subdir-$(CONFIG_XENOPROF) += oprofile subdir-y += x86_64 +ifdef CONFIG_XSPLICE +obj-y += alternative.o +else obj-bin-y += alternative.init.o +endif obj-y += apic.o obj-y += bitops.o obj-bin-y += bzimage.init.o diff --git a/xen/arch/x86/alternative.c b/xen/arch/x86/alternative.c index f735ff8..366ad86 100644 --- a/xen/arch/x86/alternative.c +++ b/xen/arch/x86/alternative.c @@ -22,13 +22,14 @@ #include #include #include +#include #define MAX_PATCH_LEN (255-1) extern struct alt_instr __alt_instructions[], __alt_instructions_end[]; #ifdef K8_NOP1 -static const unsigned char k8nops[] __initconst = { +static const unsigned char k8nops[] __INITCONST = { K8_NOP1, K8_NOP2, K8_NOP3, @@ -52,7 +53,7 @@ static const unsigned char * const k8_nops[ASM_NOP_MAX+1] __initconstrel = { #endif #ifdef P6_NOP1 -static const unsigned char p6nops[] __initconst = { +static const unsigned char p6nops[] __INITCONST = { P6_NOP1, P6_NOP2, P6_NOP3, @@ -75,7 +76,7 @@ static const unsigned char * const p6_nops[ASM_NOP_MAX+1] __initconstrel = { }; #endif -static const unsigned char * const *ideal_nops __initdata = k8_nops; +static const unsigned char * const *ideal_nops __INITDATA = k8_nops; static int __init mask_nmi_callback(const struct cpu_user_regs *regs, int cpu) { @@ -100,7 +101,7 @@ static void __init arch_init_ideal_nops(void) } /* Use this to add nops to a buffer, then text_poke the whole buffer. */ -static void __init add_nops(void *insns, unsigned int len) +static void __INIT add_nops(void *insns, unsigned int len) { while ( len > 0 ) { @@ -114,7 +115,7 @@ static void __init add_nops(void *insns, unsigned int len) } /* - * text_poke_early - Update instructions on a live kernel at boot time + * text_poke - Update instructions on a live kernel or non-executed code. * @addr: address to modify * @opcode: source of the copy * @len: length to copy @@ -125,9 +126,10 @@ static void __init add_nops(void *insns, unsigned int len) * instructions. And on the local CPU you need to be protected again NMI or MCE * handlers seeing an inconsistent instruction while you patch. * - * This routine is called with local interrupt disabled. + * You should run this with interrupts disabled or on code that has never + * been executed. */ -static void *__init text_poke_early(void *addr, const void *opcode, size_t len) +static void *__INIT text_poke(void *addr, const void *opcode, size_t len) { memcpy(addr, opcode, len); sync_core(); @@ -142,20 +144,14 @@ static void *__init text_poke_early(void *addr, const void *opcode, size_t len) * APs have less capabilities than the boot processor are not handled. * Tough. Make sure you disable such features by hand. */ -static void __init apply_alternatives(struct alt_instr *start, struct alt_instr *end) +void __INIT apply_alternatives_nocheck(struct alt_instr *start, struct alt_instr *end) { struct alt_instr *a; u8 *instr, *replacement; u8 insnbuf[MAX_PATCH_LEN]; - unsigned long cr0 = read_cr0(); - - ASSERT(!local_irq_is_enabled()); printk(KERN_INFO "alt table %p -> %p\n", start, end); - /* Disable WP to allow application of alternatives to read-only pages. */ - write_cr0(cr0 & ~X86_CR0_WP); - /* * The scan order should be from start to end. A later scanned * alternative code can overwrite a previous scanned alternative code. @@ -183,8 +179,24 @@ static void __init apply_alternatives(struct alt_instr *start, struct alt_instr add_nops(insnbuf + a->replacementlen, a->instrlen - a->replacementlen); - text_poke_early(instr, insnbuf, a->instrlen); + text_poke(instr, insnbuf, a->instrlen); } +} + +/* + * This routine is called with local interrupt disabled and used during + * bootup. + */ +void __init apply_alternatives(struct alt_instr *start, struct alt_instr *end) +{ + unsigned long cr0 = read_cr0(); + + ASSERT(!local_irq_is_enabled()); + + /* Disable WP to allow application of alternatives to read-only pages. */ + write_cr0(cr0 & ~X86_CR0_WP); + + apply_alternatives_nocheck(start, end); /* Reinstate WP. */ write_cr0(cr0); diff --git a/xen/arch/x86/test/xen_hello_world_func.c b/xen/arch/x86/test/xen_hello_world_func.c index 432954f..b57822a 100644 --- a/xen/arch/x86/test/xen_hello_world_func.c +++ b/xen/arch/x86/test/xen_hello_world_func.c @@ -3,6 +3,9 @@ * */ +#include +#include +#include #include static unsigned long *non_canonical_addr = (unsigned long *)(0xdead000000000000ULL); @@ -12,6 +15,8 @@ const char *xen_hello_world(void) { unsigned long tmp; int rc; + + alternative(ASM_NOP1, ASM_NOP1, X86_FEATURE_LM); /* * Any BUG, or WARN_ON will contain symbol and payload name. Furthermore * exceptions will be caught and processed properly. diff --git a/xen/common/xsplice.c b/xen/common/xsplice.c index c7f70c3..cbbb23d 100644 --- a/xen/common/xsplice.c +++ b/xen/common/xsplice.c @@ -530,6 +530,39 @@ static int prepare_payload(struct payload *payload, } #ifndef CONFIG_ARM + sec = xsplice_elf_sec_by_name(elf, ".altinstructions"); + if ( sec ) + { + struct alt_instr *a, *start, *end; + + if ( !sec->sec->sh_size || + (sec->sec->sh_size % sizeof(*a)) ) + { + dprintk(XENLOG_DEBUG, XSPLICE "%s: Wrong size of .alt_instr (exp:%lu vs %lu)!\n", + elf->name, sizeof(*a), + sec->sec->sh_size); + return -EINVAL; + } + + start = sec->load_addr; + end = sec->load_addr + sec->sec->sh_size; + + for ( a = start; a < end; a++ ) + { + unsigned long instr = (unsigned long)(&a->instr_offset + a->instr_offset); + unsigned long replacement = (unsigned long)(&a->repl_offset + a->repl_offset); + + if ( (instr < region->start && instr >= region->end) || + (replacement < region->start && replacement >= region->end) ) + { + dprintk(XENLOG_DEBUG, XSPLICE "%s Alt patching outside payload: 0x%lx!\n", + elf->name, instr); + return -EINVAL; + } + } + apply_alternatives_nocheck(start, end); + } + sec = xsplice_elf_sec_by_name(elf, ".ex_table"); if ( sec ) { @@ -552,6 +585,7 @@ static int prepare_payload(struct payload *payload, region->ex = s; region->ex_end = e; } + #endif return 0; diff --git a/xen/include/asm-x86/alternative.h b/xen/include/asm-x86/alternative.h index 1056630..bce959f 100644 --- a/xen/include/asm-x86/alternative.h +++ b/xen/include/asm-x86/alternative.h @@ -23,6 +23,10 @@ struct alt_instr { u8 replacementlen; /* length of new instruction, <= instrlen */ }; +/* Similar to apply_alternatives except it can be run with IRQs enabled. */ +extern void apply_alternatives_nocheck(struct alt_instr *start, + struct alt_instr *end); +extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end); extern void alternative_instructions(void); #define OLDINSTR(oldinstr) "661:\n\t" oldinstr "\n662:\n"