Re: xsplice-build prototype (was [PATCH v1 1/5] xsplice: Design document.)

[Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>]

On Mon, Oct 12, 2015 at 12:44:12PM +0100, Ross Lagerwall wrote:
> On 10/05/2015 11:28 AM, Ross Lagerwall wrote:
> >On 09/16/2015 10:01 PM, Konrad Rzeszutek Wilk wrote:
> >>+### Generation of xSplice ELF payloads
> >>+
> >>+The design of that is not discussed in this design.
> >>+
> >>+The author of this design envisions objdump and objcopy along
> >>+with special GCC parameters (see above) to create .o.xsplice files
> >>+which can be used to splice an ELF with the new payload.
> >>+
> >>+The ksplice code can provide inspiration.
> >>+
> >
> >As discussed off-list with Konrad, I'm going to get started with
> >generation of the payload given a patch.
> >
> 
> I've created a _prototype_ tool for this based on kpatch's tooling. It's
> currently living at https://github.com/rosslagerwall/xsplice-build
> 
> With no source patch modifications, live patches can be built for every XSA
> that applies to x86 back to XSA-90 except for XSA-97, XSA-111, XSA-112, and
> XSA-114 (83% success rate). It gives plausible output for each generated
> patch although I obviously can't verify the live patches yet.
> 
> It doesn't really follow the design in the above document; IMO the payload
> design is unnecessarily complicated. At this point I'd rather just get a
> complete working prototype, and we can figure out the specifics and finalize
> the design later.
> 
> If no one else is working on it, I'm going to start the next steps which is:
> * Load the ELF binary into Xen memory.
> * Resolve symbols.
> * Perform ELF relocations

Go for it.
> 
> I'll use Konrad's xsplice.v1.1 branch as a starting point to provide the
> hypervisor interface for this work.

Fantastic! Thank you!
> 
> Thanks
> -- 
> Ross Lagerwall