Re: [Xen-devel] [PATCH v7 2/5] livepatch: Add limit of 2MB to payload .bss sections.

2016-09-22 Thread Jan Beulich 
>>> On 21.09.16 at 18:57,  wrote:
> The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
> "xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
> size of the binary at 2MB. We follow that in capping the size
> of the .BSSes to be at maximum 2MB.
> 
> We also bubble up the payload limit and this one in one #define
> called LIVEPATCH_MAX_SIZE to make it easier to find these
> arbitrary limits.
> 
> Reviewed-by: Ross Lagerwall 
> Signed-off-by: Konrad Rzeszutek Wilk 

Reviewed-by: Jan Beulich 


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH v7 2/5] livepatch: Add limit of 2MB to payload .bss sections.

2016-09-21 Thread Konrad Rzeszutek Wilk 
The initial patch: 11ff40fa7bb5fdcc69a58d0fec49c904ffca4793
"xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op" caps the
size of the binary at 2MB. We follow that in capping the size
of the .BSSes to be at maximum 2MB.

We also bubble up the payload limit and this one in one #define
called LIVEPATCH_MAX_SIZE to make it easier to find these
arbitrary limits.

Reviewed-by: Ross Lagerwall 
Signed-off-by: Konrad Rzeszutek Wilk 
---
Cc: Ross Lagerwall 
Cc: Jan Beulich 

v5: Initial submission. Came about from conversation about
"livepatch: Clear .bss when payload is reverted"
   - Use only one sh_flags comparison instead of two.
   - And check for the _right_ combination (WA).
v6: Remove the logging
   - Move the MB(2) to a #define in the header file.
   - Add the newline after the addition in livepatch_elf.c.
   - Added Reviewed-by from Ross.
v7:- s/MAX_BSS_SIZE/LIVEPATCH_MAX_SIZE/
   - Also use this LIVEPATHCH_MAX_SIZE in verify_payload
---
 xen/common/livepatch.c  | 2 +-
 xen/common/livepatch_elf.c  | 4 
 xen/include/xen/livepatch.h | 2 ++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/xen/common/livepatch.c b/xen/common/livepatch.c
index 1f527a3..c9e5318 100644
--- a/xen/common/livepatch.c
+++ b/xen/common/livepatch.c
@@ -123,7 +123,7 @@ static int verify_payload(const 
xen_sysctl_livepatch_upload_t *upload, char *n)
 if ( !upload->size )
 return -EINVAL;
 
-if ( upload->size > MB(2) )
+if ( upload->size > LIVEPATCH_MAX_SIZE )
 return -EINVAL;
 
 if ( !guest_handle_okay(upload->payload, upload->size) )
diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index 303115f..f46990e 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -86,6 +86,10 @@ static int elf_resolve_sections(struct livepatch_elf *elf, 
const void *data)
 delta < sizeof(Elf_Ehdr) ? "at ELF header" : "is past 
end");
 return -EINVAL;
 }
+else if ( (sec[i].sec->sh_flags & (SHF_WRITE | SHF_ALLOC)) &&
+  sec[i].sec->sh_type == SHT_NOBITS &&
+  sec[i].sec->sh_size > LIVEPATCH_MAX_SIZE )
+return -EINVAL;
 
 sec[i].data = data + delta;
 /* Name is populated in elf_resolve_section_names. */
diff --git a/xen/include/xen/livepatch.h b/xen/include/xen/livepatch.h
index 243e240..29c9b31 100644
--- a/xen/include/xen/livepatch.h
+++ b/xen/include/xen/livepatch.h
@@ -30,6 +30,8 @@ struct xen_sysctl_livepatch_op;
 #define ELF_LIVEPATCH_FUNC".livepatch.funcs"
 #define ELF_LIVEPATCH_DEPENDS ".livepatch.depends"
 #define ELF_BUILD_ID_NOTE  ".note.gnu.build-id"
+/* Arbitrary limit for payload size and .bss section size. */
+#define LIVEPATCH_MAX_SIZE MB(2)
 
 struct livepatch_symbol {
 const char *name;
-- 
2.4.11


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel