Received: by 2002:ac0:aa62:0:0:0:0:0 with SMTP id w31-v6csp2252739ima; Mon, 22 Oct 2018 06:56:49 -0700 (PDT) X-Google-Smtp-Source: ACcGV60FHHA9R2pJnXU7LqQ6wWPH6PsioWJ/0VSTPA90KJoAg0gShcnTQxKdFHWfdMEpTfFbq4yZ X-Received: by 2002:a65:655a:: with SMTP id a26-v6mr42719373pgw.389.1540216609279; Mon, 22 Oct 2018 06:56:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540216609; cv=none; d=google.com; s=arc-20160816; b=R7uVtFzPe/BD07RJMreqCfRSF3iPYaslcYA6/w60jlmgcQ+bm6umPFk1N6AjOD91sS lee5K0d7WlvNHGZhzypNTuwnoMPd7W/F+zpt2793aGOvJ2t4fWyV2+t+UcOJjGtvknrj 1eg1XXH36u/MaINgQPqVUofkxqKjl9ofeMCWnD9BvIMxah/p8Pbzn4LcltQpzY+gOHVE Qgiv4gcPMyhDHlRMxAS5i4pOT+oUbC5WYhIcErjcryiPytU0LVXQ0ci1zjR7tISKDEzs M/lngW50qdTuLACT69qnGapqZlb2euOjZCSLh60cRfBDXBJ/0HZeJC2BaZYbH3Mg4oxR 1MFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=HYSNLlCJdKdjDJZ+Q559cEmMy6bbeHQ3V66V3IT7l3c=; b=ETgx6emBMoLjV3RY0Fm462ym56gVyuxsKAVfSyaS2EdNGneqW24zbbRLAbgqJwWu2A ecfHuRA9vq62eu9GN6BDOEEB0Z7CrJbEvx5aNiVKE0C4x4gRn40oyH1uhHodaJkjXJ/m Y4cnGGqar4sJEdWRND4FlFKfccqsrzPgbrEIfjyOr/ChsFnJI24oj8s60F5mXaTAu5BV CJZIS3wvRzCiAOFp7WuuuLHOovQZAw0/NE7H6a0eFY3jxwDFA7uL1MVUd1lXDkgKZi7N EvKnsKHJKjmFRnLAMfvBlWffe/XiTh8le/E0kPA+E3v/fQlMfn+/AUFM1igGh8/8Rc4P G71Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w12-v6si34453831pld.166.2018.10.22.06.56.31; Mon, 22 Oct 2018 06:56:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728454AbeJVVLm (ORCPT + 99 others); Mon, 22 Oct 2018 17:11:42 -0400 Received: from mx2.suse.de ([195.135.220.15]:41138 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727210AbeJVVLm (ORCPT ); Mon, 22 Oct 2018 17:11:42 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id C8734AFCC; Mon, 22 Oct 2018 12:53:12 +0000 (UTC) Date: Mon, 22 Oct 2018 14:53:10 +0200 (CEST) From: Miroslav Benes To: Ard Biesheuvel cc: Jessica Yu , Torsten Duwe , Will Deacon , Catalin Marinas , Julien Thierry , Steven Rostedt , Josh Poimboeuf , Ingo Molnar , Arnd Bergmann , AKASHI Takahiro , linux-arm-kernel , Linux Kernel Mailing List , live-patching@vger.kernel.org Subject: Re: [PATCH v3 3/4] arm64: implement live patching In-Reply-To: Message-ID: References: <20181001140910.086E768BC7@newverein.lst.de> <20181001141652.5478C68BE1@newverein.lst.de> <20181018125820.iw54zbirq74ulknj@linux-8ccs> User-Agent: Alpine 2.21 (LSU 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 20 Oct 2018, Ard Biesheuvel wrote: > On 19 October 2018 at 23:21, Miroslav Benes wrote: > > > >> >> Ad relocations. I checked that everything in struct mod_arch_specific > >> >> stays after the module is load. Both core and init get SHF_ALLOC set > >> >> (mod->arch.core.plt->sh_flags in module_frob_arch_sections(). It is > >> >> important because apply_relocate_add() may use those sections > >> >> through module_emit_plt_entry() call. > >> > > >> > > >> > Yes, it looks like the needed .plt sections will remain in module > >> > memory. However, I think I found a slight issue... :/ > >> > > >> > In module_frob_arch_sections(), mod->arch.core.plt is set to an offset > >> > within info->sechdrs: > >> > > >> > if (!strcmp(secstrings + sechdrs[i].sh_name, ".plt")) > >> > mod->arch.core.plt = sechdrs + i; > >> > > >> > sechdrs is from info->sechdrs, which is freed at the end of > >> > load_module() via free_copy(). So although the relevant plt section(s) > >> > are in module memory, mod->arch.core.plt will point to invalid memory > >> > after info is freed. In other words, the section (.plt) *is* in memory > >> > but the section header (struct elf64_shdr) containing section metadata > >> > like sh_addr, sh_size etc., is not. > >> > > >> > >> Just for my understanding: this only matters for live patching, right? > > > > Yes. Live patching can do deferred relocations. When a module is loaded > > and livepatched, the relevant symbols in the patching module are resolved. > > We call apply_relocate_add(), which is arch-specific, and we must be sure > > that everything used by apply_relocate_add() is preserved in the patching > > module after it is loaded. > > > > So I suppose this could get interesting in cases where modules are far > away from the kernel (i.e., more than -/+ 128 MB). Fortunately, the > modules themselves are always placed in a 128 MB window, but this > window could be out of reach for branches into the kernel proper. If > we find ourselves in the situation where we need to patch calls into > the kernel proper to point into this module, this may get interesting, > since the PLT entries *must* be allocated along with the module that > contains the branch instruction, or the PLT entry itself may be out of > range, defeating the purpose. Hm... Torsten, didn't you have to solve something similar in powerpc case? > >> The original PLT support was implemented to support loading modules > >> outside of the -/+ 128 MB range of an arm64 relative branch/jump > >> instruction, and was later enhanced [for the same reason] to support > >> emitting a trampoline for the ftrace entrypoint.