xenbits.xensource.com Git - xen.git/commit

author	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
	Tue, 13 Sep 2016 16:02:20 +0000 (12:02 -0400)
committer	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
	Fri, 23 Sep 2016 16:39:43 +0000 (12:39 -0400)
commit	98b728a7b235c67e210f67f789db5d9eb38ca00c
tree	f90a0fab5dfe75ca5b7dc0ed9c93fd360cc4b942	tree
parent	bc900cbc8f37b93cc6c9f6370beb14e6430b334d	commit \| diff

livepatch: Disallow applying after an revert

On general this is unhealthy - as the payload's .bss (definitly)
or .data (maybe) will be modified once the payload is running.

Doing an revert and then re-applying the payload with a non-pristine
.bss or .data can lead to unforseen consequences (.bss are assumed
to always contain zero value but now they may have a different value).

There is one exception - if the payload contains only one .data section
- the .livepatch.funcs, then it is OK to re-apply an revert.
We detect this rather simply (if there is one RW section and its name
is .livepatch.funcs) - but the payload may have many other RW sections
that are not used at all (such as .bss or .data sections with zero
length). To not account those we also ignore sections with sh_size
being zero.

Reviewed-by: Jan Beulich <jbeulich@suse.com>
Suggested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>

docs/misc/livepatch.markdown		diff \| blob \| blame \| history
xen/common/livepatch.c		diff \| blob \| blame \| history
xen/common/livepatch_elf.c		diff \| blob \| blame \| history
xen/include/xen/livepatch_elf.h		diff \| blob \| blame \| history