On 26.06.2020 14:24, Andrew Cooper wrote:
> Just like the alternatives infrastructure, the livepatch infrastructure
> disables CR0.WP to perform patching, which is not permitted with CET active.
>
> Modify arch_livepatch_{quiesce,revive}() to disable CET before disabling WP,
> and reset the dirty bits on all virtual regions before re-enabling CET.
>
> One complication is that arch_livepatch_revive() has to fix up the top of the
> shadow stack. This depends on the functions not being inlined, even under
> LTO. Another limitation is that reset_virtual_region_perms() may shatter the
> final superpage of .text depending on alignment.
>
> This logic, and its downsides, are temporary until the patching infrastructure
> can be adjusted to not use CR0.WP.
In particular on this basis ...
> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
Reviewed-by: Jan Beulich <jbeul...@suse.com>
Jan
