From: Segher Boessenkool <segher@kernel.crashing.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>,
Andrew Cooper <Andrew.Cooper3@citrix.com>,
Nick Desaulniers <ndesaulniers@google.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Bill Wendling <morbo@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<x86@kernel.org>, Nathan Chancellor <nathan@kernel.org>,
Juergen Gross <jgross@suse.com>,
Peter Zijlstra <peterz@infradead.org>,
"llvm@lists.linux.dev" <llvm@lists.linux.dev>,
LKML <linux-kernel@vger.kernel.org>,
linux-toolchains <linux-toolchains@vger.kernel.org>
Subject: Re: [PATCH v5] x86: use builtins to read eflags
Date: Fri, 18 Mar 2022 17:09:01 -0500 [thread overview]
Message-ID: <20220318220901.GS614@gate.crashing.org> (raw)
In-Reply-To: <CAHk-=wj1Z_zzY7ADxaarorK5sh2xkwbcHxJTzW=bsYChWJGBGg@mail.gmail.com>
On Fri, Mar 18, 2022 at 11:19:28AM -0700, Linus Torvalds wrote:
> Or rather, it's not the redzoning itself, but the fact that the
> compiler might use the word under the stack for random other things,
> and the pushf will then corrupt some local variable storage.
>
> I think it would be lovely to solve that in inline asm itself some way
> - by marking the stack pointer clobbered or something.
Inline assembler does not allow you to change the stack pointer, in
principle. You have to return everything to its original state before
you return control from the asm code, and you have to deal with what
happens if am interrupt comes in halfway through the asm, and all other
ABI things that may happen on your platform.
> Because you have the same issue if an inline asm might need to do a
> function call - think magic calling conventions etc, but also possibly
> slow-path cases.
Yes. The compiler itself can deal with all the red zone restrictions --
precisely *because* it is in full control of the stack frame -- but
those restrictions are very real. It generally is a very good idea to
have a redzone though, without it you pay much more than necessary for
frame setup and teardown in leaf functions (similar to some of what the
misnamed "shrink-wrapping" optimisation does, but the two are mostly
independent, the benefits add up).
> As mentioned, it's not an issue for the kernel proper due to
> -mno-red-zone which we need for entirely unrelated reasons.
It might help to have some special clobber syntax that says "this asm
clobbers the red zone", so the compiler can arrange for the red zone to
contain nothing during the asm (it already does the same for function
calls, for example).
How bad is it to do the fail-safe general solution here though? I.e.,
write actual assembler code:
# u16 getflags(void);
getflags:
pushf
pop %ax
ret
(or whatever the syntax is, my x86 is rusty).
> Side note and kind of related: we do have this in the kernel:
>
> register unsigned long current_stack_pointer asm(_ASM_SP);
> #define ASM_CALL_CONSTRAINT "+r" (current_stack_pointer)
>
> which *might* also solve the redzoning issue.
The GCC documentation of inline asm says
Another restriction is that the clobber list should not contain the
stack pointer register. This is because the compiler requires the
value of the stack pointer to be the same after an 'asm' statement as
it was on entry to the statement. However, previous versions of GCC
did not enforce this rule and allowed the stack pointer to appear in
the list, with unclear semantics. This behavior is deprecated and
listing the stack pointer may become an error in future versions of
GCC.
> In the kernel we need it not because of redzoned stack use, but
> because we need the stack frame to be set up properly or objtool
> complains.
If the kernel has special rules for the stack, it had better teach the
compiler about this special ABI, or there will be tears eventually. If
the kernel requires only what the standard ABIs provide, it can trust
the compiler to do that correctly, this is one of the core jobs of a
compiler!
Segher
next prev parent reply other threads:[~2022-03-18 22:14 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-15 21:18 [PATCH] x86: use builtins to read eflags Bill Wendling
2021-12-15 22:46 ` Nathan Chancellor
2021-12-15 23:26 ` Peter Zijlstra
2021-12-16 20:00 ` Bill Wendling
2021-12-16 20:07 ` Nick Desaulniers
2021-12-16 0:57 ` Thomas Gleixner
2021-12-16 19:55 ` Bill Wendling
2021-12-17 12:48 ` Peter Zijlstra
2021-12-17 19:39 ` Thomas Gleixner
2022-03-14 23:09 ` H. Peter Anvin
2022-03-15 0:08 ` Bill Wendling
2021-12-16 19:58 ` Nick Desaulniers
2021-12-29 2:12 ` [PATCH v2] " Bill Wendling
2022-01-27 20:56 ` Bill Wendling
2022-02-04 0:16 ` Thomas Gleixner
2022-02-04 0:58 ` Bill Wendling
2022-02-04 0:57 ` [PATCH v3] " Bill Wendling
2022-02-07 22:11 ` Nick Desaulniers
2022-02-08 9:14 ` David Laight
2022-02-08 23:18 ` Bill Wendling
2022-02-14 23:53 ` Nick Desaulniers
2022-02-10 22:31 ` [PATCH v4] " Bill Wendling
2022-02-11 16:40 ` David Laight
2022-02-11 19:25 ` Bill Wendling
2022-02-11 22:09 ` David Laight
2022-02-11 23:33 ` Bill Wendling
2022-02-12 0:24 ` Nick Desaulniers
2022-02-12 9:23 ` Bill Wendling
2022-02-15 0:33 ` Nick Desaulniers
2022-03-01 20:19 ` [PATCH v5] " Bill Wendling
2022-03-14 23:07 ` Bill Wendling
[not found] ` <AC3D873E-A28B-41F1-8BF4-2F6F37BCEEB4@zytor.com>
2022-03-15 7:19 ` Bill Wendling
2022-03-17 15:43 ` H. Peter Anvin
2022-03-17 18:00 ` Nick Desaulniers
2022-03-17 18:52 ` Linus Torvalds
2022-03-17 19:45 ` Bill Wendling
2022-03-17 20:13 ` Linus Torvalds
2022-03-17 21:10 ` Bill Wendling
2022-03-17 21:21 ` Linus Torvalds
2022-03-17 21:45 ` Bill Wendling
2022-03-17 22:51 ` Linus Torvalds
2022-03-17 23:14 ` Linus Torvalds
2022-03-17 23:19 ` Segher Boessenkool
2022-03-17 23:31 ` Linus Torvalds
2022-03-18 0:05 ` Segher Boessenkool
2022-03-17 22:37 ` Segher Boessenkool
2022-03-17 20:13 ` Florian Weimer
2022-03-17 20:36 ` Linus Torvalds
2022-03-18 0:25 ` Segher Boessenkool
2022-03-18 1:21 ` Linus Torvalds
2022-03-18 1:50 ` Linus Torvalds
2022-03-17 21:05 ` Andrew Cooper
2022-03-17 21:39 ` Linus Torvalds
2022-03-18 17:59 ` Andy Lutomirski
2022-03-18 18:19 ` Linus Torvalds
2022-03-18 21:48 ` Andrew Cooper
2022-03-18 23:10 ` Linus Torvalds
2022-03-18 23:42 ` Segher Boessenkool
2022-03-19 1:13 ` Linus Torvalds
2022-03-19 23:15 ` Andy Lutomirski
2022-03-18 22:09 ` Segher Boessenkool [this message]
2022-03-18 22:33 ` H. Peter Anvin
2022-03-18 22:36 ` David Laight
2022-03-18 22:47 ` H. Peter Anvin
2022-03-18 22:43 ` David Laight
2022-03-18 23:03 ` H. Peter Anvin
2022-03-18 23:04 ` Segher Boessenkool
2022-03-18 23:52 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220318220901.GS614@gate.crashing.org \
--to=segher@kernel.crashing.org \
--cc=Andrew.Cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-toolchains@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.