From: Mark Rutland <mark.rutland@arm.com>
To: linux-arm-kernel@lists.infradead.org
Cc: ardb@kernel.org, bertrand.marquis@arm.com,
boris.ostrovsky@oracle.com, broonie@kernel.org,
catalin.marinas@arm.com, daniel.lezcano@linaro.org,
james.morse@arm.com, jgross@suse.com, kristina.martsenko@arm.com,
mark.rutland@arm.com, maz@kernel.org, oliver.upton@linux.dev,
pcc@google.com, sstabellini@kernel.org, suzuki.poulose@arm.com,
tglx@linutronix.de, vladimir.murzin@arm.com, will@kernel.org
Subject: [PATCH v4 16/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_BTI
Date: Mon, 16 Oct 2023 11:24:39 +0100 [thread overview]
Message-ID: <20231016102501.3643901-17-mark.rutland@arm.com> (raw)
In-Reply-To: <20231016102501.3643901-1-mark.rutland@arm.com>
In system_supports_bti() we use cpus_have_const_cap() to check for
ARM64_HAS_BTI, but this is not necessary and alternative_has_cap_*() or
cpus_have_final_*cap() would be preferable.
For historical reasons, cpus_have_const_cap() is more complicated than
it needs to be. Before cpucaps are finalized, it will perform a bitmap
test of the system_cpucaps bitmap, and once cpucaps are finalized it
will use an alternative branch. This used to be necessary to handle some
race conditions in the window between cpucap detection and the
subsequent patching of alternatives and static branches, where different
branches could be out-of-sync with one another (or w.r.t. alternative
sequences). Now that we use alternative branches instead of static
branches, these are all patched atomically w.r.t. one another, and there
are only a handful of cases that need special care in the window between
cpucap detection and alternative patching.
Due to the above, it would be nice to remove cpus_have_const_cap(), and
migrate callers over to alternative_has_cap_*(), cpus_have_final_cap(),
or cpus_have_cap() depending on when their requirements. This will
remove redundant instructions and improve code generation, and will make
it easier to determine how each callsite will behave before, during, and
after alternative patching.
When CONFIG_ARM64_BTI_KERNEL=y, the ARM64_HAS_BTI cpucap is a strict
boot cpu feature which is detected and patched early on the boot cpu.
All uses guarded by CONFIG_ARM64_BTI_KERNEL happen after the boot CPU
has detected ARM64_HAS_BTI and patched boot alternatives, and hence can
safely use alternative_has_cap_*() or cpus_have_final_boot_cap().
Regardless of CONFIG_ARM64_BTI_KERNEL, all other uses of ARM64_HAS_BTI
happen after system capabilities have been finalized and alternatives
have been patched. Hence these can safely use alternative_has_cap_*) or
cpus_have_final_cap().
This patch splits system_supports_bti() into system_supports_bti() and
system_supports_bti_kernel(), with the former handling where the cpucap
affects userspace functionality, and ther latter handling where the
cpucap affects kernel functionality. The use of cpus_have_const_cap() is
replaced by cpus_have_final_cap() in cpus_have_const_cap, and
cpus_have_final_boot_cap() in system_supports_bti_kernel(). This will
avoid generating code to test the system_cpucaps bitmap and should be
better for all subsequent calls at runtime. The use of
cpus_have_final_cap() and cpus_have_final_boot_cap() will make it easier
to spot if code is chaanged such that these run before the ARM64_HAS_BTI
cpucap is guaranteed to have been finalized.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Mark Brown <broonie@kernel.org>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Will Deacon <will@kernel.org>
---
arch/arm64/include/asm/cpufeature.h | 8 +++++++-
arch/arm64/include/asm/pgtable-prot.h | 6 +-----
arch/arm64/kernel/efi.c | 3 +--
arch/arm64/kernel/vdso.c | 2 +-
arch/arm64/kvm/hyp/pgtable.c | 2 +-
5 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/arch/arm64/include/asm/cpufeature.h b/arch/arm64/include/asm/cpufeature.h
index dfdedbdcc1151..caa54ddf0bcdc 100644
--- a/arch/arm64/include/asm/cpufeature.h
+++ b/arch/arm64/include/asm/cpufeature.h
@@ -837,7 +837,13 @@ static inline bool system_has_prio_mask_debugging(void)
static inline bool system_supports_bti(void)
{
- return cpus_have_const_cap(ARM64_BTI);
+ return cpus_have_final_cap(ARM64_BTI);
+}
+
+static inline bool system_supports_bti_kernel(void)
+{
+ return IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) &&
+ cpus_have_final_boot_cap(ARM64_BTI);
}
static inline bool system_supports_tlb_range(void)
diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h
index eed814b00a389..e9624f6326dde 100644
--- a/arch/arm64/include/asm/pgtable-prot.h
+++ b/arch/arm64/include/asm/pgtable-prot.h
@@ -75,11 +75,7 @@ extern bool arm64_use_ng_mappings;
* If we have userspace only BTI we don't want to mark kernel pages
* guarded even if the system does support BTI.
*/
-#ifdef CONFIG_ARM64_BTI_KERNEL
-#define PTE_MAYBE_GP (system_supports_bti() ? PTE_GP : 0)
-#else
-#define PTE_MAYBE_GP 0
-#endif
+#define PTE_MAYBE_GP (system_supports_bti_kernel() ? PTE_GP : 0)
#define PAGE_KERNEL __pgprot(_PAGE_KERNEL)
#define PAGE_KERNEL_RO __pgprot(_PAGE_KERNEL_RO)
diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 2b478ca356b00..3f8c9c143552f 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -113,8 +113,7 @@ static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data)
pte = set_pte_bit(pte, __pgprot(PTE_RDONLY));
if (md->attribute & EFI_MEMORY_XP)
pte = set_pte_bit(pte, __pgprot(PTE_PXN));
- else if (IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) &&
- system_supports_bti() && spd->has_bti)
+ else if (system_supports_bti_kernel() && spd->has_bti)
pte = set_pte_bit(pte, __pgprot(PTE_GP));
set_pte(ptep, pte);
return 0;
diff --git a/arch/arm64/kernel/vdso.c b/arch/arm64/kernel/vdso.c
index d9e1355730ef5..5562daf38a22f 100644
--- a/arch/arm64/kernel/vdso.c
+++ b/arch/arm64/kernel/vdso.c
@@ -212,7 +212,7 @@ static int __setup_additional_pages(enum vdso_abi abi,
if (IS_ERR(ret))
goto up_fail;
- if (IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) && system_supports_bti())
+ if (system_supports_bti_kernel())
gp_flags = VM_ARM64_BTI;
vdso_base += VVAR_NR_PAGES * PAGE_SIZE;
diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c
index 799d2c204bb8a..77fb330c7bf48 100644
--- a/arch/arm64/kvm/hyp/pgtable.c
+++ b/arch/arm64/kvm/hyp/pgtable.c
@@ -401,7 +401,7 @@ static int hyp_set_prot_attr(enum kvm_pgtable_prot prot, kvm_pte_t *ptep)
if (device)
return -EINVAL;
- if (IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) && system_supports_bti())
+ if (system_supports_bti_kernel())
attr |= KVM_PTE_LEAF_ATTR_HI_S1_GP;
} else {
attr |= KVM_PTE_LEAF_ATTR_HI_S1_XN;
--
2.30.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2023-10-16 10:27 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20231016102501.3643901-1-mark.rutland@arm.com>
2023-10-16 10:24 ` [PATCH v4 01/38] clocksource/drivers/arm_arch_timer: Initialize evtstrm after finalizing cpucaps Mark Rutland
2023-10-24 15:02 ` Daniel Lezcano
2023-10-24 16:22 ` Catalin Marinas
2023-10-24 16:27 ` Daniel Lezcano
2023-10-16 10:24 ` [PATCH v4 02/38] arm64/arm: xen: enlighten: Fix KPTI checks Mark Rutland
2023-10-16 10:24 ` [PATCH v4 03/38] arm64: Factor out cpucap definitions Mark Rutland
2023-10-16 10:24 ` [PATCH v4 04/38] arm64: Add cpucap_is_possible() Mark Rutland
2023-10-16 10:24 ` [PATCH v4 05/38] arm64: Add cpus_have_final_boot_cap() Mark Rutland
2023-10-16 10:24 ` [PATCH v4 06/38] arm64: Rework setup_cpu_features() Mark Rutland
2023-10-16 10:24 ` [PATCH v4 08/38] arm64: Split kpti_install_ng_mappings() Mark Rutland
2023-10-16 10:24 ` [PATCH v4 09/38] arm64: kvm: Use cpus_have_final_cap() explicitly Mark Rutland
2023-10-16 10:24 ` [PATCH v4 10/38] arm64: Explicitly save/restore CPACR when probing SVE and SME Mark Rutland
2023-10-16 12:02 ` Mark Brown
2023-10-16 16:11 ` Catalin Marinas
2023-10-16 16:19 ` Mark Brown
2023-10-16 10:24 ` [PATCH v4 12/38] arm64: Rename SVE/SME cpu_enable functions Mark Rutland
2023-10-16 10:24 ` [PATCH v4 13/38] arm64: Use a positive cpucap for FP/SIMD Mark Rutland
2023-10-16 10:24 ` [PATCH v4 14/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_{ADDRESS,GENERIC}_AUTH Mark Rutland
2023-10-16 10:24 ` [PATCH v4 15/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_ARMv8_4_TTL Mark Rutland
2023-10-16 10:24 ` Mark Rutland [this message]
2023-10-16 10:24 ` [PATCH v4 18/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_CNP Mark Rutland
2023-10-16 10:24 ` [PATCH v4 19/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_DIT Mark Rutland
2023-10-16 10:24 ` [PATCH v4 20/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_GIC_PRIO_MASKING Mark Rutland
2023-10-16 10:24 ` [PATCH v4 21/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_PAN Mark Rutland
2023-10-16 10:24 ` [PATCH v4 22/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_EPAN Mark Rutland
2023-10-16 10:24 ` [PATCH v4 24/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_WFXT Mark Rutland
2023-10-16 10:24 ` [PATCH v4 25/38] arm64: Avoid cpus_have_const_cap() for ARM64_HAS_TLB_RANGE Mark Rutland
2023-10-16 10:24 ` [PATCH v4 26/38] arm64: Avoid cpus_have_const_cap() for ARM64_MTE Mark Rutland
2023-10-16 10:24 ` [PATCH v4 27/38] arm64: Avoid cpus_have_const_cap() for ARM64_SSBS Mark Rutland
2023-10-16 10:24 ` [PATCH v4 28/38] arm64: Avoid cpus_have_const_cap() for ARM64_SPECTRE_V2 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 29/38] arm64: Avoid cpus_have_const_cap() for ARM64_{SVE,SME,SME2,FA64} Mark Rutland
2023-10-16 10:24 ` [PATCH v4 30/38] arm64: Avoid cpus_have_const_cap() for ARM64_UNMAP_KERNEL_AT_EL0 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 31/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_843419 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 32/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_1542419 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 34/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_2645198 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 35/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_CAVIUM_23154 Mark Rutland
2023-10-16 10:24 ` [PATCH v4 36/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_NVIDIA_CARMEL_CNP Mark Rutland
2023-10-16 10:25 ` [PATCH v4 37/38] arm64: Avoid cpus_have_const_cap() for ARM64_WORKAROUND_REPEAT_TLBI Mark Rutland
2023-10-16 16:06 ` [PATCH v4 00/38] arm64: Remove cpus_have_const_cap() Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231016102501.3643901-17-mark.rutland@arm.com \
--to=mark.rutland@arm.com \
--cc=ardb@kernel.org \
--cc=bertrand.marquis@arm.com \
--cc=boris.ostrovsky@oracle.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=daniel.lezcano@linaro.org \
--cc=james.morse@arm.com \
--cc=jgross@suse.com \
--cc=kristina.martsenko@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=pcc@google.com \
--cc=sstabellini@kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=tglx@linutronix.de \
--cc=vladimir.murzin@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.