Re: [RFC PATCH v1 0/9] arm64: livepatch: Use DWARF Call Frame Information for frame pointer validation

From: Madhavan T. Venkataraman
Date: Mon Apr 11 2022 - 13:27:05 EST




On 4/8/22 06:41, Peter Zijlstra wrote:
>
> Right; so not having seen the patches due to Madhaven's email being
> broken, I can perhaps less appreciated the crazy involved.
>

Crazy like a fox.

> On Thu, Apr 07, 2022 at 05:21:51PM -0700, Josh Poimboeuf wrote:
>> 2)
>>
>> If I understand correctly, objtool is converting parts of DWARF to a new
>> format which can then be read by the kernel. In that case, please don't
>> call it DWARF as that will cause a lot of confusion.
>>
>> There are actually several similarities between your new format and ORC,
>> which is also an objtool-created DWARF alternative. It would be
>> interesting to see if they could be combined somehow.
>
> What Josh said; please use/extend ORC.
>

Yes. I am looking into it.

> I really don't understand where all this crazy is coming from; why does
> objtool need to do something radically weird for ARM64?
>
> There are existing ARM64 patches for objtool; in fact they have recently
> been re-posted:
>
> https://lkml.kernel.org/r/20220407120141.43801-1-chenzhongjin@xxxxxxxxxx
>
> The only tricky bit seems to be the whole jump-table issue. Using DWARF
> as input to deal with jump-tables should be possible -- exceedingly
> overkill, but possible I suppose. Mandating DWARF sucks though, compile
> times are so much worse with DWARVES on :/
>
> Once objtool can properly follow/validate ARM64 code, it should be
> fairly straight forward to have it generate ORC data just like it does
> on x86_64.
>

My reasons for attempting the DWARF based implementation:

- My implementation is largely architecture independent. There are a couple of
minor pieces that are architecture-specific, but they are minor in nature.
So, if an architecture wanted to support the livepatch feature but did not
want to do a heavy weight objtool implementation, then it has an option.
There has been some debate about whether static analysis should be mandated
for livepatch. My patch series is an attempt to provide an option.

- To get an objtool static analysis implementation working for an architecture
as reliably as X64 and getting it reviewed and upstreamed can take years. It took
years for X64, am I right? I mean, it has been quite a while since the original
patch series for arm64 was posted. There have been only one or two minor comments
so far. I am sure arm64 linux users would very much want to have livepatch available
ASAP to be able to install security fixes without downtime. This is an immediate need.

- No software is bug free. So, even if static analysis is implemented for an architecture,
it would be good to have another method of verifying the unwind rules generated from
the static analysis. DWARF can provide that additional verification.

Madhavan