[Xen-devel] [PATCH] create-diff-object: do not strip STN_UNDEF symbols from *.fixup

[Xen-devel] [PATCH] create-diff-object: do not strip STN_UNDEF symbols from *.fixup

[Pawel Wieczorkiewicz]

The rela groups in the *.fixup sections vary in size. That makes it
more complex to handle in the livepatch_strip_undefined_elements().
It is also unnecessary as the .fixup sections are unlikely to have
any STN_UNDEF symbols anyway.

Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
---
 create-diff-object.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/create-diff-object.c b/create-diff-object.c
index 2f0e162..abf3cc7 100644
--- a/create-diff-object.c
+++ b/create-diff-object.c
@@ -2081,6 +2081,13 @@ static void livepatch_strip_undefined_elements(struct kpatch_elf *kelf)
 		if (!is_rela_section(sec))
 			continue;
 
+		/* The rela groups in the .fixup sections vary in size.
+		 * Ignore them as they are unlikely to have any STN_UNDEF
+		 * symbols anyway.
+		 */
+		if (strstr(sec->name, ".fixup"))
+			continue;
+
 		/* only known, fixed-size entries can be stripped */
 		entry_size = get_section_entry_size(sec->base, kelf);
 		if (entry_size == 0)
-- 
2.16.5




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Ralf Herbrich
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879




_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

[Xen-devel] [PATCH] create-diff-object: more precisely identify .rodata sections

[Pawel Wieczorkiewicz]

This is needed for more precise patchability verification.
Only non-special .rodata sections should be subject
for such a non-referenced check in kpatch_verify_patchability().
Current check (non-standard, non-rela, non-debug) is too weak and
allows also non-rodata sections without referenced symbols to slip
through.

Detect .rodata section by checking section's type (SHT_PROGBITS),
flags (no exec, no write) and finally name prefix.

Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
Reviewed-by: Andra-Irina Paraschiv <andraprs@amazon.com>
Reviewed-by: Bjoern Doebel <doebel@amazon.de>
Reviewed-by: Norbert Manthey <nmanthey@amazon.de>
---
 common.c             |  7 +++++++
 common.h             |  1 +
 create-diff-object.c | 13 ++++++-------
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/common.c b/common.c
index 0ddc9fa..8f553ea 100644
--- a/common.c
+++ b/common.c
@@ -249,6 +249,13 @@ int is_text_section(struct section *sec)
 		(sec->sh.sh_flags & SHF_EXECINSTR));
 }
 
+int is_rodata_section(struct section *sec)
+{
+	return sec->sh.sh_type == SHT_PROGBITS &&
+	       !(sec->sh.sh_flags & (SHF_EXECINSTR | SHF_WRITE)) &&
+	       !strncmp(sec->name, ".rodata", 7);
+}
+
 int is_debug_section(struct section *sec)
 {
 	char *name;
diff --git a/common.h b/common.h
index 7c6fb73..b6489db 100644
--- a/common.h
+++ b/common.h
@@ -159,6 +159,7 @@ struct symbol *find_symbol_by_index(struct list_head *list, size_t index);
 struct symbol *find_symbol_by_name(struct list_head *list, const char *name);
 
 int is_text_section(struct section *sec);
+int is_rodata_section(struct section *sec);
 int is_debug_section(struct section *sec);
 int is_rela_section(struct section *sec);
 int is_standard_section(struct section *sec);
diff --git a/create-diff-object.c b/create-diff-object.c
index e4592a6..2f0e162 100644
--- a/create-diff-object.c
+++ b/create-diff-object.c
@@ -1672,13 +1672,12 @@ static void kpatch_verify_patchability(struct kpatch_elf *kelf)
 		}
 
 		if (sec->include) {
-			if (!is_standard_section(sec) && !is_rela_section(sec) &&
-			    !is_debug_section(sec) && !is_special_section(sec)) {
-				if (!is_referenced_section(sec, kelf)) {
-					log_normal("section %s included, but not referenced\n",
-						   sec->name);
-					errs++;
-				}
+			if (is_rodata_section(sec) &&
+			    !is_special_section(sec) &&
+			    !is_referenced_section(sec, kelf)) {
+				log_normal(".rodata section %s included, but not referenced\n",
+					   sec->name);
+				errs++;
 			}
 
 			/* Check if a RELA section does not contain any entries with
-- 
2.16.5




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Ralf Herbrich
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879




_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH] create-diff-object: do not strip STN_UNDEF symbols from *.fixup

[Ross Lagerwall]

On 11/5/19 3:37 PM, Pawel Wieczorkiewicz wrote:
> The rela groups in the *.fixup sections vary in size. That makes it
> more complex to handle in the livepatch_strip_undefined_elements().
> It is also unnecessary as the .fixup sections are unlikely to have
> any STN_UNDEF symbols anyway.
> 
> Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
> ---

Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH] create-diff-object: more precisely identify .rodata sections

[Ross Lagerwall]

On 11/5/19 3:37 PM, Pawel Wieczorkiewicz wrote:
> This is needed for more precise patchability verification.
> Only non-special .rodata sections should be subject
> for such a non-referenced check in kpatch_verify_patchability().
> Current check (non-standard, non-rela, non-debug) is too weak and
> allows also non-rodata sections without referenced symbols to slip
> through.
> 
> Detect .rodata section by checking section's type (SHT_PROGBITS),
> flags (no exec, no write) and finally name prefix.
> 
> Signed-off-by: Pawel Wieczorkiewicz <wipawel@amazon.de>
> Reviewed-by: Andra-Irina Paraschiv <andraprs@amazon.com>
> Reviewed-by: Bjoern Doebel <doebel@amazon.de>
> Reviewed-by: Norbert Manthey <nmanthey@amazon.de>
> ---
Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel