From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [PATCH v1 5/5] xsplice: Use ld-embedded build-ids Date: Wed, 16 Sep 2015 23:31:04 +0100 Message-ID: <55F9EDA8.1010206@citrix.com> References: <1442437276-2620-1-git-send-email-konrad.wilk@oracle.com> <1442437276-2620-6-git-send-email-konrad.wilk@oracle.com> <55F9E206.6060508@citrix.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1ZcLEa-0008FQ-GF for xen-devel@lists.xenproject.org; Wed, 16 Sep 2015 22:31:24 +0000 In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Konrad Rzeszutek Wilk , xen-devel@lists.xenproject.org, msw@amazon.com, aliguori@amazon.com, amesserl@rackspace.com, rick.harris@rackspace.com, paul.voccio@rackspace.com, steven.wilson@rackspace.com, major.hayden@rackspace.com, josh.kearney@rackspace.com, jinsong.liu@alibaba-inc.com, xiantao.zxt@alibaba-inc.com, boris.ostrovsky@oracle.com, daniel.kiper@oracle.com, elena.ufimtseva@oracle.com, bob.liu@oracle.com, lars.kurth@citrix.com, hanweidong@huawei.com, peter.huangpeng@huawei.com, fanhenglong@huawei.com, liuyingdong@huawei.com, john.liuqiming@huawei.com, jbeulich@suse.com, mpohlack@amazon.com, ian.campbell@citrix.com Cc: Martin Pohlack List-Id: xen-devel@lists.xenproject.org On 16/09/2015 22:59, Konrad Rzeszutek Wilk wrote: > On September 16, 2015 5:41:26 PM EDT, Andrew Cooper wrote: >> On 16/09/2015 22:01, Konrad Rzeszutek Wilk wrote: >>> From: Martin Pohlack >>> >>> The mechanism to get this is via the XSPLICE_OP and >>> we add a new subsequent hypercall to retrieve the >>> binary build-id. The hypercall allows an arbirarty >>> size (the buffer is provided to the hypervisor) - however >>> by default the toolstack will allocate it up to 128 >>> bytes. >>> >>> We also add two places for the build-id to be printed: >>> - xsplice keyhandler. We cannot use 'hh' in the hypervisor >>> snprintf handler (as it is not implemented) so instead >>> we use an simpler way to print it. >>> - In the 'xen-xsplice' tool add an extra parameter - build-id >>> to print this as an human readable value. >>> >>> Note that one can also retrieve the value by 'readelf -h xen-syms'. >>> >>> Signed-off-by: Martin Pohlack >>> Signed-off-by: Konrad Rzeszutek Wilk >>> --- >>> tools/libxc/include/xenctrl.h | 1 + >>> tools/libxc/xc_misc.c | 26 +++++++++++++ >>> tools/misc/xen-xsplice.c | 39 ++++++++++++++++++++ >>> xen/arch/x86/Makefile | 4 +- >>> xen/arch/x86/xen.lds.S | 5 +++ >>> xen/common/xsplice.c | 86 >> +++++++++++++++++++++++++++++++++++++++++++ >>> xen/include/public/sysctl.h | 18 +++++++++ >>> xen/include/xen/version.h | 1 + >>> 8 files changed, 178 insertions(+), 2 deletions(-) >>> >>> diff --git a/tools/libxc/include/xenctrl.h >> b/tools/libxc/include/xenctrl.h >>> index 2cd982d..946ddc0 100644 >>> --- a/tools/libxc/include/xenctrl.h >>> +++ b/tools/libxc/include/xenctrl.h >>> @@ -2860,6 +2860,7 @@ int xc_xsplice_apply(xc_interface *xch, char >> *id); >>> int xc_xsplice_revert(xc_interface *xch, char *id); >>> int xc_xsplice_unload(xc_interface *xch, char *id); >>> int xc_xsplice_check(xc_interface *xch, char *id); >>> +int xc_xsplice_build_id(xc_interface *xch, char *build_id, unsigned >> int max); >> >> The build id of the current running hypervisor should belong in the >> xeninfo hypercall. It is not specific to xsplice. > > However in the previous reviews it was pointed out that it should only be accessible to dom0. > > Or to any domains as long as the XSM allows (and is turned on) - so not the default dummy one. > > That is a bit of 'if' extra complexity which I am not sure is worth it? DomU can already read the build information such as changeset, compile time, etc. Build-id is no more special or revealing. ~Andrew