From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
Andy Lutomirski <luto@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Linus Torvalds <torvalds@linux-foundation.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Jason Baron <jbaron@akamai.com>, Jiri Kosina <jkosina@suse.cz>,
David Laight <David.Laight@aculab.com>,
Borislav Petkov <bp@alien8.de>
Subject: Re: [RFC PATCH 1/3] static_call: Add static call infrastructure
Date: Fri, 9 Nov 2018 16:14:45 +0100 [thread overview]
Message-ID: <CAKv+Gu_J1b30+pMNRF0icEpyew4TM_VP3ShG=4HkLnk=fRL9zg@mail.gmail.com> (raw)
In-Reply-To: <20181109151028.faifw66enzye32gg@treble>
On 9 November 2018 at 16:10, Josh Poimboeuf <jpoimboe@redhat.com> wrote:
> On Fri, Nov 09, 2018 at 02:39:17PM +0100, Ard Biesheuvel wrote:
>> > + for (site = start; site < stop; site++) {
>> > + struct static_call_key *key = static_call_key(site);
>> > + unsigned long addr = static_call_addr(site);
>> > +
>> > + if (list_empty(&key->site_mods)) {
>> > + struct static_call_mod *mod;
>> > +
>> > + mod = kzalloc(sizeof(*mod), GFP_KERNEL);
>> > + if (!mod) {
>> > + WARN(1, "Failed to allocate memory for static calls");
>> > + return;
>> > + }
>> > +
>> > + mod->sites = site;
>> > + list_add_tail(&mod->list, &key->site_mods);
>> > +
>> > + /*
>> > + * The trampoline should no longer be used. Poison it
>> > + * it with a BUG() to catch any stray callers.
>> > + */
>> > + arch_static_call_poison_tramp(addr);
>>
>> This patches the wrong thing: the trampoline is at key->func not addr.
>
> If you look at the x86 implementation, it actually does poison the
> trampoline.
>
> The address of the trampoline isn't actually known here. key->func
> isn't the trampoline address; it's the destination func address.
>
> So instead I passed the address of the call instruction. The arch code
> then reads the instruction to find the callee (the trampoline).
>
> The code is a bit confusing. To make it more obvious, maybe we should
> add another arch function to read the call destination. Then this code
> can pass that into arch_static_call_poison_tramp().
>
Ah right, so I am basically missing a dereference in my
arch_static_call_poison_tramp() code if this breaks.
>> However, patching it here means we poison it before all users are
>> patched. I added this on top
>>
>> diff --git a/kernel/static_call.c b/kernel/static_call.c
>> index 599ebc6fc4f1..d9562329bec6 100644
>> --- a/kernel/static_call.c
>> +++ b/kernel/static_call.c
>> @@ -248,6 +248,7 @@ static void __init static_call_init(void)
>> struct static_call_site *start = __start_static_call_sites;
>> struct static_call_site *stop = __stop_static_call_sites;
>> struct static_call_site *site;
>> + struct static_call_key *prev_key = NULL;
>>
>> if (start == stop) {
>> pr_warn("WARNING: empty static call table\n");
>> @@ -279,7 +280,9 @@ static void __init static_call_init(void)
>> * The trampoline should no longer be used. Poison it
>> * it with a BUG() to catch any stray callers.
>> */
>> - arch_static_call_poison_tramp(addr);
>> + if (prev_key)
>> +
>> arch_static_call_poison_tramp((unsigned long)prev_key->func);
>> + prev_key = key;
>> }
>>
>> arch_static_call_transform(addr, key->func);
>
> While it does indeed poison the trampoline before all users are patched,
> I had been thinking that it didn't really matter because this is before
> the other CPUs have been booted.
>
> But I believe interrupts are enabled at this point during the boot, so
> it would indeed be wise to poison it afterwards, in case an irq handler
> makes a static call.
>
And kmalloc(GFP_KERNEL) itself could cascade into lots of other code as well.
next prev parent reply other threads:[~2018-11-09 15:14 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-08 21:15 [PATCH RFC 0/3] Static calls Josh Poimboeuf
2018-11-08 21:15 ` [RFC PATCH 1/3] static_call: Add static call infrastructure Josh Poimboeuf
2018-11-09 9:51 ` Ard Biesheuvel
2018-11-09 14:55 ` Josh Poimboeuf
2018-11-09 13:39 ` Ard Biesheuvel
2018-11-09 15:10 ` Josh Poimboeuf
2018-11-09 15:14 ` Ard Biesheuvel [this message]
2018-11-09 17:25 ` Ard Biesheuvel
2018-11-09 17:31 ` Josh Poimboeuf
2018-11-09 17:33 ` Ard Biesheuvel
2018-11-09 17:46 ` Josh Poimboeuf
2018-11-09 17:52 ` Ard Biesheuvel
2018-11-09 17:53 ` Ard Biesheuvel
2018-11-09 19:03 ` Josh Poimboeuf
2018-11-09 19:12 ` Ard Biesheuvel
2018-11-09 17:33 ` Josh Poimboeuf
2018-11-09 18:33 ` Steven Rostedt
2018-11-09 19:35 ` Josh Poimboeuf
2018-11-09 19:57 ` Steven Rostedt
2018-11-09 20:34 ` Josh Poimboeuf
2018-11-10 5:10 ` Steven Rostedt
2018-11-10 11:58 ` Ard Biesheuvel
2018-11-10 13:09 ` Steven Rostedt
2018-11-12 3:07 ` Josh Poimboeuf
2018-11-12 4:39 ` Ard Biesheuvel
2018-11-12 4:56 ` Josh Poimboeuf
2018-11-12 5:02 ` Ard Biesheuvel
2018-11-10 11:56 ` Ard Biesheuvel
2018-11-08 21:15 ` [RFC PATCH 2/3] x86/static_call: Add x86 unoptimized static call implementation Josh Poimboeuf
2018-11-08 21:15 ` [RFC PATCH 3/3] x86/static_call: Add optimized static call implementation for 64-bit Josh Poimboeuf
2018-11-08 21:24 ` [PATCH RFC 0/3] Static calls Josh Poimboeuf
2018-11-09 7:28 ` Ingo Molnar
2018-11-09 7:50 ` Ingo Molnar
2018-11-09 13:50 ` Ard Biesheuvel
2018-11-09 15:20 ` Josh Poimboeuf
2018-11-10 23:20 ` Peter Zijlstra
2018-11-11 13:42 ` Ard Biesheuvel
2018-11-11 14:25 ` Peter Zijlstra
2018-11-09 14:45 ` Josh Poimboeuf
2018-11-12 5:02 ` Ingo Molnar
2018-11-12 5:30 ` Josh Poimboeuf
2018-11-12 9:39 ` Ard Biesheuvel
2018-11-12 22:52 ` Josh Poimboeuf
2018-11-12 17:03 ` Steven Rostedt
2018-11-12 22:56 ` Josh Poimboeuf
2018-11-12 5:34 ` Andy Lutomirski
2018-11-09 15:16 ` Andy Lutomirski
2018-11-09 15:21 ` Josh Poimboeuf
2018-11-09 16:41 ` Josh Poimboeuf
2018-11-09 18:42 ` Steven Rostedt
2018-11-09 19:05 ` Andy Lutomirski
2018-11-09 19:37 ` Steven Rostedt
2018-11-09 19:44 ` Josh Poimboeuf
2018-11-09 19:59 ` Steven Rostedt
2018-11-09 20:36 ` Josh Poimboeuf
2018-11-10 15:13 ` Masami Hiramatsu
2018-11-09 20:53 ` Rasmus Villemoes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKv+Gu_J1b30+pMNRF0icEpyew4TM_VP3ShG=4HkLnk=fRL9zg@mail.gmail.com' \
--to=ard.biesheuvel@linaro.org \
--cc=David.Laight@aculab.com \
--cc=bp@alien8.de \
--cc=jbaron@akamai.com \
--cc=jkosina@suse.cz \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).