| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Mar 2007 10:36:18 -0700
From: Jeremy Fitzhardinge <jeremy@...p.org>
To: Ingo Molnar <mingo@...e.hu>
CC: Andi Kleen <ak@....de>, Andrew Morton <akpm@...ux-foundation.org>,
linux-kernel@...r.kernel.org, virtualization@...ts.osdl.org,
xen-devel@...ts.xensource.com, Chris Wright <chrisw@...s-sol.org>,
Zachary Amsden <zach@...are.com>,
Rusty Russell <rusty@...tcorp.com.au>,
Anthony Liguori <anthony@...emonkey.ws>,
Linus Torvalds <torvalds@...ux-foundation.org>,
David Miller <davem@...emloft.net>
Subject: Re: [patch 13/26] Xen-paravirt_ops: Consistently wrap paravirt ops
callsites to make them patchable
Ingo Molnar wrote:
> * Jeremy Fitzhardinge <jeremy@...p.org> wrote:
>
>
>> Wrap a set of interesting paravirt_ops calls in a wrapper which makes
>> the callsites available for patching. Unfortunately this is pretty
>> ugly because there's no way to get gcc to generate a function call,
>> but also wrap just the callsite itself with the necessary labels.
>>
>> This patch supports functions with 0-4 arguments, and either void or
>> returning a value. 64-bit arguments must be split into a pair of
>> 32-bit arguments (lower word first). Small structures are returned in
>> registers.
>>
>
> ugh. This is beyond ugly!
Yes. I can't say I'm proud of this, but I really couldn't come up with
a cleaner approach.
> Why dont we just compile two images, one for
> Xen and one for native, do two passes to get those two images and
> 'merge' them into a single vmlinuz (so that we still have a 'single'
> kernel unit to deal with on the distro side). This way we avoid all this
> crazy, limited, fragile patchery business...
Well, one thing to make clear is this is absolutely not a Xen-specific
patch or piece of code. This is part of the paravirt_ops infrastructure
designed to remove the overhead of all the indirect calls which are
scattered all over the place. (Perhaps I should post the general
paravirt and Xen specific patches in separate patch series to make this
clear...).
The idea is to wrap the callsite itself with in the same manner as the
other altinstructions so that the general patcher can, at the very
least, convert the indirect call to a direct one, or nop it out if its
an indirect call. This means that a pv_ops implementation can get about
90% of the benefit of patching without any extra effort.
So, I disagree with your characterisation that its "limited"; this is a
pretty general mechanism. The fragile part is in using the PVOP_*
macros properly to match the ABI's calling convention, particularly with
tricky cases like passed and returned structures and 64-bit args. But
that just needs to be done once in one place, and is otherwise
self-contained.
I would love a better mechanism. I played with using things like gcc's
builtin_apply stuff, and so on, but I could find no way to get gcc to
set up the args and then be able to just emit the call itself under asm
control.
I haven't looked at Dave's reply in detail, but I saw some mention of
using relocs. The idea is intriguing , but I don't quite see how it
would all fit together.
J
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists