| Message ID | 1473608912-5913-3-git-send-email-konrad.wilk@oracle.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
>>> On 11.09.16 at 17:48, <konrad.wilk@oracle.com> wrote: > The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793 > "xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the > size of the binary at 2MB. We follow that in capping the size > of the .BSSes to be at maximum 2MB. > > Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > > --- > Cc: Ross Lagerwall <ross.lagerwall@citrix.com> > Cc: Jan Beulich <jbeulich@suse.com> > > v5: Initial submission. Came about from conversation about > "livepatch: Clear .bss when payload is reverted" > - Use only one sh_flags comparison instead of two. > - And check for the _right_ combination (WA). > --- > xen/common/livepatch_elf.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c > index cda9b27..e2264ad 100644 > --- a/xen/common/livepatch_elf.c > +++ b/xen/common/livepatch_elf.c > @@ -86,7 +86,15 @@ static int elf_resolve_sections(struct livepatch_elf *elf, const void *data) > delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past end"); > return -EINVAL; > } > - I think this blank line would better be retained (after the addition you make). > + else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) && > + sec[i].sec->sh_type == SHT_NOBITS && > + sec[i].sec->sh_size > MB(2) ) > + { > + /* Arbitrary limit. */ I guess this is as arbitrary as the one in verify_payload(). I'd like to recommend making this a #define, with the comment put next to it. > + dprintk(XENLOG_ERR, LIVEPATCH "%s: Section [%u] .bss is bigger than 2MB!\n", > + elf->name, i); The other limit violation doesn't get a message logged. Jan
On 09/11/2016 04:48 PM, Konrad Rzeszutek Wilk wrote: > The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793 > "xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the > size of the binary at 2MB. We follow that in capping the size > of the .BSSes to be at maximum 2MB. > > Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c index cda9b27..e2264ad 100644 --- a/xen/common/livepatch_elf.c +++ b/xen/common/livepatch_elf.c @@ -86,7 +86,15 @@ static int elf_resolve_sections(struct livepatch_elf *elf, const void *data) delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past end"); return -EINVAL; } - + else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) && + sec[i].sec->sh_type == SHT_NOBITS && + sec[i].sec->sh_size > MB(2) ) + { + /* Arbitrary limit. */ + dprintk(XENLOG_ERR, LIVEPATCH "%s: Section [%u] .bss is bigger than 2MB!\n", + elf->name, i); + return -EINVAL; + } sec[i].data = data + delta; /* Name is populated in elf_resolve_section_names. */ sec[i].name = NULL;
The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793 "xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the size of the binary at 2MB. We follow that in capping the size of the .BSSes to be at maximum 2MB. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> --- Cc: Ross Lagerwall <ross.lagerwall@citrix.com> Cc: Jan Beulich <jbeulich@suse.com> v5: Initial submission. Came about from conversation about "livepatch: Clear .bss when payload is reverted" - Use only one sh_flags comparison instead of two. - And check for the _right_ combination (WA). --- xen/common/livepatch_elf.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)