Jan Beulich
2008-Jan-18 14:51 UTC
[Xen-devel] [PATCH] linux: prevent non-Xen modules from loading in Xen kernel
.. and vice versa. Inspired by Zach Amsden''s functionally similar VMI patch. As usual, written and tested on 2.6.24-rc7 and made apply to the 2.6.18 tree without further testing. Signed-off-by: Jan Beulich <jbeulich@novell.com> Index: head-2008-01-08/drivers/xen/Kconfig ==================================================================--- head-2008-01-08.orig/drivers/xen/Kconfig 2008-01-08 12:26:03.000000000 +0100 +++ head-2008-01-08/drivers/xen/Kconfig 2008-01-08 14:56:58.000000000 +0100 @@ -13,7 +13,7 @@ config XEN if XEN config XEN_INTERFACE_VERSION hex - default 0x00030207 + default 0x30207 menu "XEN" Index: head-2008-01-08/include/linux/vermagic.h ==================================================================--- head-2008-01-08.orig/include/linux/vermagic.h 2006-11-29 22:57:37.000000000 +0100 +++ head-2008-01-08/include/linux/vermagic.h 2008-01-08 15:01:52.000000000 +0100 @@ -17,6 +17,11 @@ #else #define MODULE_VERMAGIC_MODULE_UNLOAD "" #endif +#ifdef CONFIG_XEN +#define MODULE_VERMAGIC_XEN "Xen:" __stringify(CONFIG_XEN_INTERFACE_VERSION) " " +#else +#define MODULE_VERMAGIC_XEN +#endif #ifndef MODULE_ARCH_VERMAGIC #define MODULE_ARCH_VERMAGIC "" #endif @@ -24,5 +29,6 @@ #define VERMAGIC_STRING \ UTS_RELEASE " " \ MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_ARCH_VERMAGIC \ + MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_XEN \ + MODULE_ARCH_VERMAGIC \ "gcc-" __stringify(__GNUC__) "." __stringify(__GNUC_MINOR__) _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Jan-18 15:35 UTC
Re: [Xen-devel] [PATCH] linux: prevent non-Xen modules from loading in Xen kernel
Does the XEN_INTERFACE_VERSION add anything? It has not much to do with the module<->Linux-core interface. Seems a pretty random thing to stuff into the module magic version string. -- Keir On 18/1/08 14:51, "Jan Beulich" <jbeulich@novell.com> wrote:> .. and vice versa. > > Inspired by Zach Amsden''s functionally similar VMI patch. > > As usual, written and tested on 2.6.24-rc7 and made apply to the 2.6.18 > tree without further testing. > > Signed-off-by: Jan Beulich <jbeulich@novell.com> > > Index: head-2008-01-08/drivers/xen/Kconfig > ==================================================================> --- head-2008-01-08.orig/drivers/xen/Kconfig 2008-01-08 12:26:03.000000000 > +0100 > +++ head-2008-01-08/drivers/xen/Kconfig 2008-01-08 14:56:58.000000000 +0100 > @@ -13,7 +13,7 @@ config XEN > if XEN > config XEN_INTERFACE_VERSION > hex > - default 0x00030207 > + default 0x30207 > > menu "XEN" > > Index: head-2008-01-08/include/linux/vermagic.h > ==================================================================> --- head-2008-01-08.orig/include/linux/vermagic.h 2006-11-29 > 22:57:37.000000000 +0100 > +++ head-2008-01-08/include/linux/vermagic.h 2008-01-08 15:01:52.000000000 > +0100 > @@ -17,6 +17,11 @@ > #else > #define MODULE_VERMAGIC_MODULE_UNLOAD "" > #endif > +#ifdef CONFIG_XEN > +#define MODULE_VERMAGIC_XEN "Xen:" __stringify(CONFIG_XEN_INTERFACE_VERSION) > " " > +#else > +#define MODULE_VERMAGIC_XEN > +#endif > #ifndef MODULE_ARCH_VERMAGIC > #define MODULE_ARCH_VERMAGIC "" > #endif > @@ -24,5 +29,6 @@ > #define VERMAGIC_STRING \ > UTS_RELEASE " " \ > MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ > - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_ARCH_VERMAGIC \ > + MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_XEN \ > + MODULE_ARCH_VERMAGIC \ > "gcc-" __stringify(__GNUC__) "." __stringify(__GNUC_MINOR__) > > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Jan Beulich
2008-Jan-18 15:48 UTC
Re: [Xen-devel] [PATCH] linux: prevent non-Xen modules fromloading in Xen kernel
It''s intended to disallow cross-version loading of modules (i.e. a module compiled against a kernel built with a different [lower or higher] Xen interface) - allowing such can be as dangerous as loading a module that was compiled against native I believe. Jan>>> Keir Fraser <Keir.Fraser@cl.cam.ac.uk> 18.01.08 16:35 >>>Does the XEN_INTERFACE_VERSION add anything? It has not much to do with the module<->Linux-core interface. Seems a pretty random thing to stuff into the module magic version string. -- Keir On 18/1/08 14:51, "Jan Beulich" <jbeulich@novell.com> wrote:> .. and vice versa. > > Inspired by Zach Amsden''s functionally similar VMI patch. > > As usual, written and tested on 2.6.24-rc7 and made apply to the 2.6.18 > tree without further testing. > > Signed-off-by: Jan Beulich <jbeulich@novell.com> > > Index: head-2008-01-08/drivers/xen/Kconfig > ==================================================================> --- head-2008-01-08.orig/drivers/xen/Kconfig 2008-01-08 12:26:03.000000000 > +0100 > +++ head-2008-01-08/drivers/xen/Kconfig 2008-01-08 14:56:58.000000000 +0100 > @@ -13,7 +13,7 @@ config XEN > if XEN > config XEN_INTERFACE_VERSION > hex > - default 0x00030207 > + default 0x30207 > > menu "XEN" > > Index: head-2008-01-08/include/linux/vermagic.h > ==================================================================> --- head-2008-01-08.orig/include/linux/vermagic.h 2006-11-29 > 22:57:37.000000000 +0100 > +++ head-2008-01-08/include/linux/vermagic.h 2008-01-08 15:01:52.000000000 > +0100 > @@ -17,6 +17,11 @@ > #else > #define MODULE_VERMAGIC_MODULE_UNLOAD "" > #endif > +#ifdef CONFIG_XEN > +#define MODULE_VERMAGIC_XEN "Xen:" __stringify(CONFIG_XEN_INTERFACE_VERSION) > " " > +#else > +#define MODULE_VERMAGIC_XEN > +#endif > #ifndef MODULE_ARCH_VERMAGIC > #define MODULE_ARCH_VERMAGIC "" > #endif > @@ -24,5 +29,6 @@ > #define VERMAGIC_STRING \ > UTS_RELEASE " " \ > MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ > - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_ARCH_VERMAGIC \ > + MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_XEN \ > + MODULE_ARCH_VERMAGIC \ > "gcc-" __stringify(__GNUC__) "." __stringify(__GNUC_MINOR__) > > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Jan-18 16:07 UTC
Re: [Xen-devel] [PATCH] linux: prevent non-Xen modules fromloading in Xen kernel
I disagree. The xen interface version number is simply to allow downgrading of the API exposed by the Xen public headers. And it *is* specifically the source API; *not* the ABI. Xen''s ABIs are always backward compatible (old guest driver; new Xen will always work), and for forward compatibility (new guest driver; old Xen) we expect the guest driver to gracefully degrade its functionality. This is orthogonal to what you are trying to achieve. So, can we just add "Xen " to the magic string? -- Keir On 18/1/08 15:48, "Jan Beulich" <jbeulich@novell.com> wrote:> It''s intended to disallow cross-version loading of modules (i.e. a module > compiled against a kernel built with a different [lower or higher] Xen > interface) - allowing such can be as dangerous as loading a module that > was compiled against native I believe. > > Jan > >>>> Keir Fraser <Keir.Fraser@cl.cam.ac.uk> 18.01.08 16:35 >>> > Does the XEN_INTERFACE_VERSION add anything? It has not much to do with the > module<->Linux-core interface. Seems a pretty random thing to stuff into the > module magic version string. > > -- Keir > > On 18/1/08 14:51, "Jan Beulich" <jbeulich@novell.com> wrote: > >> .. and vice versa. >> >> Inspired by Zach Amsden''s functionally similar VMI patch. >> >> As usual, written and tested on 2.6.24-rc7 and made apply to the 2.6.18 >> tree without further testing. >> >> Signed-off-by: Jan Beulich <jbeulich@novell.com> >> >> Index: head-2008-01-08/drivers/xen/Kconfig >> ==================================================================>> --- head-2008-01-08.orig/drivers/xen/Kconfig 2008-01-08 12:26:03.000000000 >> +0100 >> +++ head-2008-01-08/drivers/xen/Kconfig 2008-01-08 14:56:58.000000000 +0100 >> @@ -13,7 +13,7 @@ config XEN >> if XEN >> config XEN_INTERFACE_VERSION >> hex >> - default 0x00030207 >> + default 0x30207 >> >> menu "XEN" >> >> Index: head-2008-01-08/include/linux/vermagic.h >> ==================================================================>> --- head-2008-01-08.orig/include/linux/vermagic.h 2006-11-29 >> 22:57:37.000000000 +0100 >> +++ head-2008-01-08/include/linux/vermagic.h 2008-01-08 15:01:52.000000000 >> +0100 >> @@ -17,6 +17,11 @@ >> #else >> #define MODULE_VERMAGIC_MODULE_UNLOAD "" >> #endif >> +#ifdef CONFIG_XEN >> +#define MODULE_VERMAGIC_XEN "Xen:" __stringify(CONFIG_XEN_INTERFACE_VERSION) >> " " >> +#else >> +#define MODULE_VERMAGIC_XEN >> +#endif >> #ifndef MODULE_ARCH_VERMAGIC >> #define MODULE_ARCH_VERMAGIC "" >> #endif >> @@ -24,5 +29,6 @@ >> #define VERMAGIC_STRING \ >> UTS_RELEASE " " \ >> MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ >> - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_ARCH_VERMAGIC \ >> + MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_XEN \ >> + MODULE_ARCH_VERMAGIC \ >> "gcc-" __stringify(__GNUC__) "." __stringify(__GNUC_MINOR__) >> >> >> >> >> _______________________________________________ >> Xen-devel mailing list >> Xen-devel@lists.xensource.com >> http://lists.xensource.com/xen-devel > > >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Jan Beulich
2008-Jan-18 16:15 UTC
Re: [Xen-devel] [PATCH] linux: prevent non-Xen modulesfromloading in Xen kernel
>>> Keir Fraser <Keir.Fraser@cl.cam.ac.uk> 18.01.08 17:07 >>> >I disagree. The xen interface version number is simply to allow downgrading >of the API exposed by the Xen public headers. And it *is* specifically the >source API; *not* the ABI. Xen''s ABIs are always backward compatible (old >guest driver; new Xen will always work), and for forward compatibility (new >guest driver; old Xen) we expect the guest driver to gracefully degrade its >functionality.Yeah, it really wasn''t meant to cover that (which I know has been stable enough during a reasonably long time now), but rather to have a little less coarse separation than with just "Xen ", but>This is orthogonal to what you are trying to achieve. So, can we just add >"Xen " to the magic string?... sure we can. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Zachary Amsden
2008-Jan-18 18:58 UTC
[Xen-devel] Re: [PATCH] linux: prevent non-Xen modules from loading in Xen kernel
On Fri, 2008-01-18 at 14:51 +0000, Jan Beulich wrote:> .. and vice versa. > > Inspired by Zach Amsden''s functionally similar VMI patch. > > As usual, written and tested on 2.6.24-rc7 and made apply to the 2.6.18 > tree without further testing.Acked-by: Zachary Amsden <zach@vmware.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel