Xen-Devel Archive on lore.kernel.org
 help / color / Atom feed
From: Pawel Wieczorkiewicz <wipawel@amazon.de>
To: <xen-devel@lists.xen.org>, <xen-devel@lists.xenproject.org>
Cc: "Marek Marczykowski-Górecki" <marmarek@invisiblethingslab.com>,
	wipawel@amazon.com, "Stefano Stabellini" <sstabellini@kernel.org>,
	"Wei Liu" <wl@xen.org>,
	"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
	"George Dunlap" <George.Dunlap@eu.citrix.com>,
	"Andrew Cooper" <andrew.cooper3@citrix.com>,
	"Ross Lagerwall" <ross.lagerwall@citrix.com>,
	"Ian Jackson" <ian.jackson@eu.citrix.com>,
	mpohlack@amazon.com, "Tim Deegan" <tim@xen.org>,
	"Pawel Wieczorkiewicz" <wipawel@amazon.de>,
	"Julien Grall" <julien.grall@arm.com>,
	"Jan Beulich" <jbeulich@suse.com>,
	"Volodymyr Babchuk" <Volodymyr_Babchuk@epam.com>,
	"Roger Pau Monné" <roger.pau@citrix.com>
Subject: [Xen-devel] [PATCH v2 00/12] livepatch: new features and fixes
Date: Tue, 27 Aug 2019 08:46:12 +0000
Message-ID: <20190827084624.116917-1-wipawel@amazon.de> (raw)
In-Reply-To: <20190821081931.90887-1-wipawel@amazon.de>

This series introduces new features to the livepatch functionality as
briefly discussed during Xen Developer Summit 2019: [a] and [b].
It also provides a few fixes and some small improvements.

Main changes in v2:
- added new features to livepatch documentation
- added livepatch tests
- enabled Arm support for [5]
- make .modinfo optional for [11]
- fixed typos

FEATURES:

1. independent modules (patches: [1], [2])

  * livepatch-build-tools repo dependency [A]

  Livepatch enforces the following buildid-based dependency chain
  between hotpatch modules:
    1) first module depends on given hypervisor buildid
    2) every consecutive module depends on previous module's buildid
  This way proper hotpatch stack order is maintained and enforced.
  While it is important for production hotpatches it limits agility and
  blocks usage of testing or debug hotpatches. These kinds of hotpatch
  modules are typically expected to be loaded at any time irrespective
  of current state of the modules stack.

  [A] livepatch-build: Embed hypervisor build id into every hotpatch

2. pre- and post- apply|revert actions hooks (patches: [3], [4])

  * livepatch-build-tools repo dependency [B]

  This is an implementation of 4 new livepatch module vetoing hooks,
  that can be optionally supplied along with modules.
  Hooks that currently exists in the livepatch mechanism aren't agile
  enough and have various limitations:
  * run only from within a quiescing zone
  * cannot conditionally prevent applying or reverting
  * do not have access to the module context
  To address these limitations the following has been implemented:
  1) pre-apply hook
  2) post-apply hook
  3) pre-revert hook
  4) post-revert hook

  [B] create-diff-object: Handle extra pre-|post- hooks

3. apply|revert actions replacement hooks (patches: [5], [6], [7])

  * livepatch-build-tools repo dependency: [C], [D], [E]

  To increase hotpatching system's agility and provide more flexiable
  long-term hotpatch solution, allow to overwrite the default apply
  and revert action functions with hook-like supplied alternatives.
  The alternative functions are optional and the default functions are
  used by default.

  [C] create-diff-object: Do not create empty .livepatch.funcs section
  [D] create-diff-object: Handle optional apply|revert hooks
  [E] create-diff-object: Add support for applied/reverted marker

4. inline asm hotpatching expectations (patches: [8])

  * livepatch-build-tools repo dependency: [F]

  Expectations are designed as optional feature, since the main use of
  them is planned for inline asm hotpatching.
  The payload structure is modified as each expectation structure is
  part of the livepatch_func structure and hence extends the payload.
  The payload version is bumped to 3 with this change to highlight the
  ABI modification and enforce proper support.
  The expectation is manually enabled during inline asm module
  construction. If enabled, expectation ensures that the expected
  content of memory is to be found at a given patching (old_addr)
  location.

  [F] create-diff-object: Add support for expectations

5. runtime hotpatch metadata support (patches: [9], [10], [11])

  Having detailed hotpatch metadata helps to properly identify module's
  origin and version. It also allows to keep track of the history of
  hotpatch loads in the system (at least within dmesg buffer size
  limits).
  Extend the livepatch list operation to fetch also payloads' metadata.
  This is achieved by extending the sysctl list interface with 2 extra
  guest handles:
  * metadata     - an array of arbitrary size strings
  * metadata_len - an array of metadata strings' lengths (uin32_t each)
  To unify and simplify the interface, handle the modules' name strings
  of arbitrary size by copying them in adhering chunks to the userland.

6. python bindings for livepatch operations (patches: [12])

  Extend the XC python bindings library to support all common livepatch
  operations and actions:
  - status (pyxc_livepatch_status):
  - action (pyxc_livepatch_action):
  - upload (pyxc_livepatch_upload):
  - list (pyxc_livepatch_list):

[a] https://wiki.xenproject.org/wiki/Design_Sessions_2019#LivePatch_improvements_and_features
[b] https://lists.xenproject.org/archives/html/xen-devel/2019-07/msg00846.html

Merged in v1:
  python: Add XC binding for Xen build ID
  livepatch: always print XENLOG_ERR information

Pawel Wieczorkiewicz (12):
  [1] livepatch: Always check hypervisor build ID upon hotpatch upload
  [2] livepatch: Allow to override inter-modules buildid dependency
  [3] livepatch: Export payload structure via livepatch_payload.h
  [4] livepatch: Implement pre-|post- apply|revert hooks
  [5] livepatch: Add support for apply|revert action replacement hooks
  [6] livepatch: Do not enforce ELF_LIVEPATCH_FUNC section presence
  [7] livepatch: Add per-function applied/reverted state tracking marker
  [8] livepatch: Add support for inline asm hotpatching expectations
  [9] livepatch: Add support for modules .modinfo section metadata
  [10] livepatch: Handle arbitrary size names with the list operation
  [11] livepatch: Add metadata runtime retrieval mechanism
  [12] livepatch: Add python bindings for livepatch operations

 .gitignore                                     |   6 +-
 docs/misc/livepatch.pandoc                     | 231 ++++++++-
 tools/libxc/include/xenctrl.h                  |  68 ++-
 tools/libxc/xc_misc.c                          | 162 +++++--
 tools/misc/xen-livepatch.c                     | 258 +++++++---
 tools/python/xen/lowlevel/xc/xc.c              | 273 +++++++++++
 xen/arch/arm/arm32/livepatch.c                 |  12 +-
 xen/arch/arm/arm64/livepatch.c                 |  12 +-
 xen/arch/arm/livepatch.c                       |  10 +-
 xen/arch/x86/livepatch.c                       |  22 +-
 xen/common/livepatch.c                         | 647 +++++++++++++++++++++----
 xen/include/public/sysctl.h                    |  61 ++-
 xen/include/xen/livepatch.h                    |  42 +-
 xen/include/xen/livepatch_payload.h            |  83 ++++
 xen/test/livepatch/Makefile                    | 113 ++++-
 xen/test/livepatch/xen_action_hooks.c          | 102 ++++
 xen/test/livepatch/xen_action_hooks_marker.c   | 112 +++++
 xen/test/livepatch/xen_action_hooks_noapply.c  | 136 ++++++
 xen/test/livepatch/xen_action_hooks_nofunc.c   |  86 ++++
 xen/test/livepatch/xen_action_hooks_norevert.c | 143 ++++++
 xen/test/livepatch/xen_expectations.c          |  41 ++
 xen/test/livepatch/xen_expectations_fail.c     |  42 ++
 xen/test/livepatch/xen_prepost_hooks.c         | 122 +++++
 xen/test/livepatch/xen_prepost_hooks_fail.c    |  75 +++
 24 files changed, 2579 insertions(+), 280 deletions(-)
 create mode 100644 xen/test/livepatch/xen_action_hooks.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_marker.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_noapply.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_nofunc.c
 create mode 100644 xen/test/livepatch/xen_action_hooks_norevert.c
 create mode 100644 xen/test/livepatch/xen_expectations.c
 create mode 100644 xen/test/livepatch/xen_expectations_fail.c
 create mode 100644 xen/test/livepatch/xen_prepost_hooks.c
 create mode 100644 xen/test/livepatch/xen_prepost_hooks_fail.c

-- 
2.16.5




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Ralf Herbrich
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879




_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

  parent reply index

Thread overview: 66+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-21  8:19 [Xen-devel] [PATCH 00/14] " Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 01/14] livepatch: Always check hypervisor build ID upon hotpatch upload Pawel Wieczorkiewicz
2019-08-21 18:16   ` Konrad Rzeszutek Wilk
2019-08-21  8:19 ` [Xen-devel] [PATCH 02/14] livepatch: Allow to override inter-modules buildid dependency Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 03/14] python: Add XC binding for Xen build ID Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 04/14] livepatch: Export payload structure via livepatch_payload.h Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 05/14] livepatch: Implement pre-|post- apply|revert hooks Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 06/14] livepatch: Add support for apply|revert action replacement hooks Pawel Wieczorkiewicz
2019-08-21 18:31   ` Konrad Rzeszutek Wilk
2019-08-21 19:06     ` Wieczorkiewicz, Pawel
2019-08-26 14:30       ` Konrad Rzeszutek Wilk
2019-08-21  8:19 ` [Xen-devel] [PATCH 07/14] livepatch: Do not enforce ELF_LIVEPATCH_FUNC section presence Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 08/14] livepatch: always print XENLOG_ERR information Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 09/14] livepatch: Add per-function applied/reverted state tracking marker Pawel Wieczorkiewicz
2019-08-21 18:28   ` Konrad Rzeszutek Wilk
2019-08-21 19:00     ` Wieczorkiewicz, Pawel
2019-08-21 21:34   ` Julien Grall
2019-08-22  7:44     ` Wieczorkiewicz, Pawel
2019-08-22 10:07       ` Julien Grall
2019-08-22 10:20         ` Wieczorkiewicz, Pawel
2019-08-22 10:43           ` Julien Grall
2019-08-22 11:15             ` Wieczorkiewicz, Pawel
2019-08-22 15:02               ` Julien Grall
2019-08-22 10:29   ` Julien Grall
2019-08-22 11:02     ` Wieczorkiewicz, Pawel
2019-08-22 15:30       ` Julien Grall
2019-08-22 15:42         ` Wieczorkiewicz, Pawel
2019-08-21  8:19 ` [Xen-devel] [PATCH 10/14] livepatch: Add support for inline asm hotpatching expectations Pawel Wieczorkiewicz
2019-08-21 18:30   ` Konrad Rzeszutek Wilk
2019-08-21 19:02     ` Wieczorkiewicz, Pawel
2019-08-22 10:31   ` Julien Grall
2019-08-22 11:03     ` Wieczorkiewicz, Pawel
2019-08-21  8:19 ` [Xen-devel] [PATCH 11/14] livepatch: Add support for modules .modinfo section metadata Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 12/14] livepatch: Handle arbitrary size names with the list operation Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 13/14] livepatch: Add metadata runtime retrieval mechanism Pawel Wieczorkiewicz
2019-08-21  8:19 ` [Xen-devel] [PATCH 14/14] livepatch: Add python bindings for livepatch operations Pawel Wieczorkiewicz
2019-08-22 21:55   ` Marek Marczykowski-Górecki
2019-08-27  8:46 ` Pawel Wieczorkiewicz [this message]
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 01/12] livepatch: Always check hypervisor build ID upon hotpatch upload Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 02/12] livepatch: Allow to override inter-modules buildid dependency Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 03/12] livepatch: Export payload structure via livepatch_payload.h Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 04/12] livepatch: Implement pre-|post- apply|revert hooks Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 05/12] livepatch: Add support for apply|revert action replacement hooks Pawel Wieczorkiewicz
2019-08-27 16:58     ` Konrad Rzeszutek Wilk
2019-08-28  7:37       ` Wieczorkiewicz, Pawel
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 06/12] livepatch: Do not enforce ELF_LIVEPATCH_FUNC section presence Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 07/12] livepatch: Add per-function applied/reverted state tracking marker Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 08/12] livepatch: Add support for inline asm hotpatching expectations Pawel Wieczorkiewicz
2019-08-29 14:34     ` Konrad Rzeszutek Wilk
2019-08-29 15:29       ` Wieczorkiewicz, Pawel
2019-08-29 15:58     ` Konrad Rzeszutek Wilk
2019-08-29 16:16       ` Wieczorkiewicz, Pawel
2019-08-29 17:49         ` Konrad Rzeszutek Wilk
2019-08-29 19:07           ` Wieczorkiewicz, Pawel
2019-08-29 20:48             ` Konrad Rzeszutek Wilk
2019-09-05 18:05     ` Konrad Rzeszutek Wilk
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 09/12] livepatch: Add support for modules .modinfo section metadata Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 10/12] livepatch: Handle arbitrary size names with the list operation Pawel Wieczorkiewicz
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 11/12] livepatch: Add metadata runtime retrieval mechanism Pawel Wieczorkiewicz
2019-08-29 20:48     ` Konrad Rzeszutek Wilk
2019-08-27  8:46   ` [Xen-devel] [PATCH v2 12/12] livepatch: Add python bindings for livepatch operations Pawel Wieczorkiewicz
2019-08-28 13:21     ` Marek Marczykowski-Górecki
2019-08-29 19:23   ` [Xen-devel] [PATCH v2 00/12] livepatch: new features and fixes Konrad Rzeszutek Wilk
2019-09-05 19:13   ` Konrad Rzeszutek Wilk
2019-09-06 22:52     ` Julien Grall
2019-09-06 22:42   ` Julien Grall

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190827084624.116917-1-wipawel@amazon.de \
    --to=wipawel@amazon.de \
    --cc=George.Dunlap@eu.citrix.com \
    --cc=Volodymyr_Babchuk@epam.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jbeulich@suse.com \
    --cc=julien.grall@arm.com \
    --cc=konrad.wilk@oracle.com \
    --cc=marmarek@invisiblethingslab.com \
    --cc=mpohlack@amazon.com \
    --cc=roger.pau@citrix.com \
    --cc=ross.lagerwall@citrix.com \
    --cc=sstabellini@kernel.org \
    --cc=tim@xen.org \
    --cc=wipawel@amazon.com \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Xen-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/xen-devel/0 xen-devel/git/0.git
	git clone --mirror https://lore.kernel.org/xen-devel/1 xen-devel/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 xen-devel xen-devel/ https://lore.kernel.org/xen-devel \
		xen-devel@lists.xenproject.org xen-devel@lists.xen.org
	public-inbox-index xen-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.xenproject.lists.xen-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git