On August 18th @11:30 - 12:20 in Seattle will nail down in person some of the questions raised on xen-devel mailing list.
Things that need to be done in there:
- xen-xsplice better smarts. Right now you need to do 'upload','check' and 'apply'. Three operations which could be folded in one - since the system admin probably want to have all of those done at once.
- Instead of using 'xen-xsplice' we should use 'xl'. That above mentioned logic could be part of 'xl' while 'xen-xsplice' is an accessory function for expert users?
- Compile Xen hypervisor with -ffunction-sections.
We need to expand the hypervisor to include support for:
build_id support (done!)
- Need 'dl_sym' functionality in hypervisor to parse ELF payload. Do dynamic linking.
- Lookup and insertion in the symbol table. Compute the proper offset and virtual address
based on symbol name (<do_domctl>+0xf)
- Insertion of exceptions in the exception table. Also support resorting it. The hot-patch may have new exceptions that need to be dealt with.
- Code to verify signature of the ELF payload.
- Checking the build-id against the hypervisor.
- Code to patch and revert the hot-patch (for simplicity we could boot Xen with 'cpus=1' so we don't have to worry about proper code to trigger patching)
- Patching requires saving the initial state. That needs to be saved for revert.
- Patching needs allocation of memory, putting in the code at memory.
- Doing the verification - checking if any code that uses the to-be-patched-function is in use. Save what the virtual address for the functions is - and verify the stack when patching (this incidentally is what .xsplice_section structures can have).
- Deal with proper page table types for the modification (ro for .data, x for .text, etc).
- Code to revert.
- Code to activate patching mechanism. On VMEXIT routine right before checking the do_softirq. Ditto for PV paths. Call the top patching mechanism - which can IPI other CPUs (or wait until all CPUs have come to the same point).
- The code for doing the patching - call from __do_softirq - can also be used for microcode loading.
ELF payload file
The spec details how the structures should look. We need to write tools to create this ELF file based on a header (or C code). This could be a simple as linker script magic.
Create regression hot-patches
Need to create an .xsplice ELF payload which changes xen_extra .data structure. This way we can verify the applying and reverting of a hot-patch - and check for expected output via 'xl info' and string comparison. To make this work:
- Write script (or C code?) which generates an ELF payload with the required changes to patch 'xen_extra'.
- Compile Xen hypervisor where the output (.o) ends up in (.o.xsplice) to make it easier to identify changes. Could be a secondary build ('make xsplice')
- Write in scripts/ code to compare the .o and .o.xsplice files using objcopy, diff, etc to figure out if they changed. If they do, copy the 'new' and 'old' object file as '.o.xsplice.baseline' and '.o.xsplice.new'.
- Write tool to look for '.o.xsplice.baseline' and '.o.xsplice.new' - figure out the ELF relocations, what symbols it affects, etc. Take a hard look at objmanip.c in ksplice git tree (git://repo.or.cz/ksplice.git).