From patchwork Wed Sep 20 22:31:40 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Konrad Rzeszutek Wilk <konrad@kernel.org>
X-Patchwork-Id: 9962719
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	AB907601D5 for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:34:52 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9E0DB29258
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:34:52 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 92FEF2926F; Wed, 20 Sep 2017 22:34:52 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RCVD_IN_SORBS_SPAM,T_DKIM_INVALID autolearn=ham
	version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 22A9929271
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 20 Sep 2017 22:34:52 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dunXO-0007En-Ow; Wed, 20 Sep 2017 22:32:10 +0000
Received: from mail6.bemta3.messagelabs.com ([195.245.230.39])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <ketuzsezr@gmail.com>) id 1dunXN-0007Dl-6U
	for xen-devel@lists.xenproject.org; Wed, 20 Sep 2017 22:32:09 +0000
Received: from [85.158.137.68] by server-3.bemta-3.messagelabs.com id
	56/BE-02046-86CE2C95; Wed, 20 Sep 2017 22:32:08 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrGIsWRWlGSWpSXmKPExsVyMfTGId30N4c
	iDWavN7L4vmUykwOjx+EPV1gCGKNYM/OS8isSWDNuLrrMXvBZs6J353b2Bsaf8l2MXBxCAjMY
	JS5//sEO4rAIfGCRaH0ygRnEkRCYxirR+PoHaxcjJ5CTJXHh/0FmCDtNYvvkB1B2hcSOdU8YQ
	WwhASWJLZMfM0KMPcQkcfHhbLAiYQE9icnfboMVsQnoSzxdew0ozgHU7Cbx6RoXSL2IQDujxO
	wrv8CWMQsYSrS+PcoG0esl8fDcTSYQm0VAVeL8tPVgc3gFrCX+73oNdZy8xMTeaWBxTgEbif2
	fOpkhDrKWeLL1NNsERuEFjAyrGNWLU4vKUot0LfSSijLTM0pyEzNzdA0NjPVyU4uLE9NTcxKT
	ivWS83M3MQJDlAEIdjBeaHc+xCjJwaQkymv98lCkEF9SfkplRmJxRnxRaU5q8SFGGQ4OJQneX
	6+AcoJFqempFWmZOcBogUlLcPAoifAuAEnzFhck5hZnpkOkTjHac1y4c+kPE8exTZeB5IE9t4
	Bkx827f5iEWPLy81KlxHm/grQJgLRllObBDYVF9yVGWSlhXkagM4V4ClKLcjNLUOVfMYpzMCo
	J8wq+BprCk5lXArf7FdBZTEBnZW84AHJWSSJCSqqBUWTV/F2ZyZuDv+zcv+BDiqnYYdu9RXzy
	9w/P/cYarLa2+J9GY3dyys5bNS83txoJTLM4Euerzvkrrnmqi9Eq7YpCPsGcDUd8IlXPXZ3Mr
	PvOiqFi+a57V69ebEkvSTsk/C2wlXdym8yc4zyx06/fO3Ry6/FMq90X01fz7lXOvjzr9VKVGf
	fYZZVYijMSDbWYi4oTAXwuOM7pAgAA
X-Env-Sender: ketuzsezr@gmail.com
X-Msg-Ref: server-6.tower-31.messagelabs.com!1505946726!77228504!1
X-Originating-IP: [209.85.216.194]
X-SpamReason: No, hits=0.0 required=7.0 tests=
X-StarScan-Received: 
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 8653 invoked from network); 20 Sep 2017 22:32:07 -0000
Received: from mail-qt0-f194.google.com (HELO mail-qt0-f194.google.com)
	(209.85.216.194)
	by server-6.tower-31.messagelabs.com with AES128-GCM-SHA256 encrypted
	SMTP; 20 Sep 2017 22:32:07 -0000
Received: by mail-qt0-f194.google.com with SMTP id t46so2661906qtj.3
	for <xen-devel@lists.xenproject.org>;
	Wed, 20 Sep 2017 15:32:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=FYTUKDIL09IIPETDiPSc09IP5giNvbLbsr+6YbgfjH8=;
	b=aYnEo5rAPL7aldg2WyPj1iJIYA2STJ3n69rRedxkv6MexUZTjq32M+VE1YshYOsGqx
	fdMlrn3oeMO0kuRdCw0CbGbCJoa9uPZeF+lDKZrd6kw9BlP4yjrZfGKjSWeiym9S+Kku
	rtuSCb85K+uP3Xhv8L7qsHqPq76Eyiok23e1OetGlw5lAlCBWk2sYeLjkXj2nTJFuew6
	08SRAhu/E1MnTtSiv0m0x5wSrwlpF/s3WCNTuyLOprV+QCb5kiZnpcDAP9b3CBP66+ve
	1nR2FRTxUo2U/D5PjyE5AETNbyifMvgINa0RNjZcDwZzm/AtuFdZ0O79b3Dp+nRd/Ty1
	nY5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:in-reply-to:references;
	bh=FYTUKDIL09IIPETDiPSc09IP5giNvbLbsr+6YbgfjH8=;
	b=AFNzhgxC1WZul2jyxgwlyJzYWvwfxp1GXxvvaWVTQzeYDSm64xQRe6FMIRdzub3v7o
	KrcDVmiCCxG7qFlmUWfs2fpDFa5syK4iKI6rlQS5yCzwjQEclIgvCjTwxKRGpjOxsouf
	6DEKd4+Nr1c7F4WPBUAx19gusshNVlf0XHFw3dxTtYqQT1+K3nLFP2XPMGx9NToF/qBa
	zBZzMOKn1o/mKodoQe1eHEDdEQj3fVBSWuTntJMKfA6wRGFx1niPUze4pgyZgcU+iB8m
	o9EWcObv+80toHoRxkqbtvZZyYBnu0eEpbUjNLB3OGXsHKcKyN8UYUYdn9CbYISYEaqQ
	iOVA==
X-Gm-Message-State: AHPjjUgUh8spzJSfs1R/4fGHQoWRNNC20eJuPLpZ4HiMz3aL23pd/+B4
	cdIyV68lslVLZvABiUr5PBImnA==
X-Google-Smtp-Source: 
 AOwi7QC4CR+abmyiHYwmqePghr5wdb0Dvdt5ReCP20RHdKN53LDKZgZ455Ea5E5jehV9DteE3koVig==
X-Received: by 10.200.37.136 with SMTP id e8mr389599qte.112.1505946726440;
	Wed, 20 Sep 2017 15:32:06 -0700 (PDT)
Received: from localhost.localdomain
	(209-6-200-48.s4398.c3-0.smr-ubr2.sbo-smr.ma.cable.rcncustomer.com.
	[209.6.200.48]) by smtp.gmail.com with ESMTPSA id
	z192sm2012656qka.91.2017.09.20.15.32.05
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Wed, 20 Sep 2017 15:32:06 -0700 (PDT)
From: Konrad Rzeszutek Wilk <konrad@kernel.org>
X-Google-Original-From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: xen-devel@lists.xenproject.org, ross.lagerwall@citrix.com,
	konrad.wilk@oracle.com, julien.grall@arm.com, sstabellini@kernel.org
Date: Wed, 20 Sep 2017 18:31:40 -0400
Message-Id: <20170920223148.13137-4-konrad.wilk@oracle.com>
X-Mailer: git-send-email 2.13.3
In-Reply-To: <20170920223148.13137-1-konrad.wilk@oracle.com>
References: <20170920223148.13137-1-konrad.wilk@oracle.com>
Cc: andrew.cooper3@citrix.com, jbeulich@suse.com
Subject: [Xen-devel] [PATCH v4 03/11] livepatch: Include sizes when an
	mismatch occurs
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

If the .bug.frames.X or .livepatch.funcs sizes are different
than what the hypervisor expects - we fail the payload. To help
in diagnosing this include the expected and the payload
sizes.

Also make it more natural by having "Multiples" in the warning.

Also fix one case where we would fail if the size of the .ex_table
was being zero - but that is OK.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
---
Cc: Ross Lagerwall <ross.lagerwall@citrix.com>

v1: First posting.
v2: - Changed to 'Multiple' per Jan's recommendation.
    - Folded the checks in 'check_size' function and removed all the other
      parts of code that checked for this.
v3: - Drop bool zero_ok
    - Return bool instead of int (and invert the return condition)
    - Change name of the function to be more clear
---
 xen/common/livepatch.c       | 46 +++++++++++++++++++++-----------------------
 xen/include/xen/elfstructs.h |  2 ++
 2 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c
index b0dcd415ba..b9376c94e9 100644
--- a/xen/common/livepatch.c
+++ b/xen/common/livepatch.c
@@ -460,6 +460,22 @@ static int secure_payload(struct payload *payload, struct livepatch_elf *elf)
     return rc;
 }
 
+static bool section_ok(const struct livepatch_elf *elf,
+                       const struct livepatch_elf_sec *sec, size_t sz)
+{
+    if ( !elf || !sec )
+        return false;
+
+    if ( sec->sec->sh_size % sz )
+    {
+        dprintk(XENLOG_ERR, LIVEPATCH "%s: Wrong size %"PRIuElfWord" of %s (must be multiple of %zu)\n",
+                elf->name, sec->sec->sh_size, sec->name, sz);
+        return false;
+    }
+
+    return true;
+}
+
 static int check_special_sections(const struct livepatch_elf *elf)
 {
     unsigned int i;
@@ -509,12 +525,8 @@ static int prepare_payload(struct payload *payload,
 
     sec = livepatch_elf_sec_by_name(elf, ELF_LIVEPATCH_FUNC);
     ASSERT(sec);
-    if ( sec->sec->sh_size % sizeof(*payload->funcs) )
-    {
-        dprintk(XENLOG_ERR, LIVEPATCH "%s: Wrong size of "ELF_LIVEPATCH_FUNC"!\n",
-                elf->name);
+    if ( !section_ok(elf, sec, sizeof(*payload->funcs)) )
         return -EINVAL;
-    }
 
     payload->funcs = sec->load_addr;
     payload->nfuncs = sec->sec->sh_size / sizeof(*payload->funcs);
@@ -556,7 +568,7 @@ static int prepare_payload(struct payload *payload,
     sec = livepatch_elf_sec_by_name(elf, ".livepatch.hooks.load");
     if ( sec )
     {
-        if ( sec->sec->sh_size % sizeof(*payload->load_funcs) )
+        if ( !section_ok(elf, sec, sizeof(*payload->load_funcs)) )
             return -EINVAL;
 
         payload->load_funcs = sec->load_addr;
@@ -566,7 +578,7 @@ static int prepare_payload(struct payload *payload,
     sec = livepatch_elf_sec_by_name(elf, ".livepatch.hooks.unload");
     if ( sec )
     {
-        if ( sec->sec->sh_size % sizeof(*payload->unload_funcs) )
+        if ( !section_ok(elf, sec, sizeof(*payload->unload_funcs)) )
             return -EINVAL;
 
         payload->unload_funcs = sec->load_addr;
@@ -637,12 +649,8 @@ static int prepare_payload(struct payload *payload,
         if ( !sec )
             continue;
 
-        if ( sec->sec->sh_size % sizeof(*region->frame[i].bugs) )
-        {
-            dprintk(XENLOG_ERR, LIVEPATCH "%s: Wrong size of .bug_frames.%u!\n",
-                    elf->name, i);
+        if ( !section_ok(elf, sec, sizeof(*region->frame[i].bugs)) )
             return -EINVAL;
-        }
 
         region->frame[i].bugs = sec->load_addr;
         region->frame[i].n_bugs = sec->sec->sh_size /
@@ -655,12 +663,8 @@ static int prepare_payload(struct payload *payload,
 #ifdef CONFIG_HAS_ALTERNATIVE
         struct alt_instr *a, *start, *end;
 
-        if ( sec->sec->sh_size % sizeof(*a) )
-        {
-            dprintk(XENLOG_ERR, LIVEPATCH "%s: Size of .alt_instr is not multiple of %zu!\n",
-                    elf->name, sizeof(*a));
+        if ( !section_ok(elf, sec, sizeof(*a)) )
             return -EINVAL;
-        }
 
         start = sec->load_addr;
         end = sec->load_addr + sec->sec->sh_size;
@@ -692,14 +696,8 @@ static int prepare_payload(struct payload *payload,
 #ifdef CONFIG_HAS_EX_TABLE
         struct exception_table_entry *s, *e;
 
-        if ( !sec->sec->sh_size ||
-             (sec->sec->sh_size % sizeof(*region->ex)) )
-        {
-            dprintk(XENLOG_ERR, LIVEPATCH "%s: Wrong size of .ex_table (exp:%lu vs %lu)!\n",
-                    elf->name, sizeof(*region->ex),
-                    sec->sec->sh_size);
+        if ( !section_ok(elf, sec, sizeof(*region->ex)) )
             return -EINVAL;
-        }
 
         s = sec->load_addr;
         e = sec->load_addr + sec->sec->sh_size;
diff --git a/xen/include/xen/elfstructs.h b/xen/include/xen/elfstructs.h
index 950e1492e5..726ca8f60d 100644
--- a/xen/include/xen/elfstructs.h
+++ b/xen/include/xen/elfstructs.h
@@ -555,6 +555,7 @@ typedef struct {
 
 #if defined(ELFSIZE) && (ELFSIZE == 32)
 #define PRIxElfAddr	"08x"
+#define PRIuElfWord	"8u"
 
 #define Elf_Ehdr	Elf32_Ehdr
 #define Elf_Phdr	Elf32_Phdr
@@ -582,6 +583,7 @@ typedef struct {
 #define AuxInfo		Aux32Info
 #elif defined(ELFSIZE) && (ELFSIZE == 64)
 #define PRIxElfAddr	PRIx64
+#define PRIuElfWord	PRIu64
 
 #define Elf_Ehdr	Elf64_Ehdr
 #define Elf_Phdr	Elf64_Phdr