Message ID | cover.1678474914.git.jpoimboe@kernel.org |
---|---|
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1092373wrd; Fri, 10 Mar 2023 12:48:57 -0800 (PST) X-Google-Smtp-Source: AK7set8dWOWEvz4Qv5zWzbpX0BsqdVonV5ogX0ldUXhLat3niPCGjngsMQo989y8bk8EcN9szmR2 X-Received: by 2002:a17:90a:35a:b0:230:c96e:fc4a with SMTP id 26-20020a17090a035a00b00230c96efc4amr3576065pjf.1.1678481337500; Fri, 10 Mar 2023 12:48:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1678481337; cv=none; d=google.com; s=arc-20160816; b=ibrZdFltlkdeZfscQ5Z/zhb+afKNj6Lhaz0cEDQItc+plAdCOoSxyO688lBCRMK7/4 XJ8qnasnXRLDTjR/SlQi1smeO5Yu2hojfb4820poEpOpg5kPbuozGPJej7X8N4xCRmfS vf36gmWSDyhQqcvEgv4aKvN2S5qV3kBBBCSNcV7U00ZAQi0clJy8WBeYZtJ6x+4ZRdG7 c5Cv8A5CmraXffgEA4tdDw8z6g99Z96wbgPljfgNXnEUyYCecScUfnF2m2TiZwHsqZRZ aWxjWC+f79L6R7D4YvGvk7AFIi4k85km2EBFqIdneUUNS+W/r96wC5FaSupsgeYbXbxb 6haw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=3Xg7NXopMfYvYorQrgy9mw1dEQ0V2P++FsF/8tlWAGw=; b=ysRIML7EXJBEb2m6iCagDqe0wWlh1qXE/Huj+K/mCCO1gwa150TECqEDZ2a/RGMd9v yRb0rLosy8UsH9Fg2Z81S4NcVGEQIuR+P3H33sQLwtlgM4AyFqvAo6fw5pD61MdI4LPj gdpaeTQ5zgQgo+SOS3yeAe7L7nK6HYi2Li+5kvK3YuuUPGlIr+STPxjFGPh9LU4jriyC R9H9DkPj5bVwEyUeL7NStH05xh3mG5TRkYuOMKfYAs29RUeLcQFmsxBnv6/FowYxz/s0 SB994sra4rdQv4Db89WFj9lKgzefgE22ywRinSXbC7wUev1nwulrdd6mg4SHy+DLOTGc KbvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=M6gqPMlv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fz14-20020a17090b024e00b00233e8ff45b0si624841pjb.63.2023.03.10.12.48.45; Fri, 10 Mar 2023 12:48:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=M6gqPMlv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230001AbjCJUdy (ORCPT <rfc822;carlos.wei.hk@gmail.com> + 99 others); Fri, 10 Mar 2023 15:33:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47162 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229639AbjCJUdu (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Fri, 10 Mar 2023 15:33:50 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 95B67F75C for <linux-kernel@vger.kernel.org>; Fri, 10 Mar 2023 12:33:00 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id AB95861D4A for <linux-kernel@vger.kernel.org>; Fri, 10 Mar 2023 20:31:48 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B3524C433EF; Fri, 10 Mar 2023 20:31:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1678480308; bh=8mhnBVXTkrddv783HXQ9jm0z3rkg9svYl+Y90WxbKYU=; h=From:To:Cc:Subject:Date:From; b=M6gqPMlvKL/l8tSRPTEfwWbnMZOHwZVYY2VEM/xRb7VMc/qJ9uAHg19dgzBYwmKal a1DZV6eEciPG7Mor5Hiv6SG6t2xs8kDwCVz8T5aJn6Gb1gRbc3akodX/OuauGJGzD4 kcGnDwO3EWWiRbQo/gcB6hgfeONzkAynMfHG/RTVzTsbb3XOZD6ZsolHlvFeVQuHmi yzMacmJkAay914vilUV3q9H3C1Tb80Cs8qjkwoaiV2dLplj41wLLg3GQOuaNq4pzPr 3Hmsll4f+Ul+RYuVb8wKrjbcQONbOOKShVTVpNkh0UprVz8w+RC1iV//l/88pHNPv0 WMDGDBBQkEx6w== From: Josh Poimboeuf <jpoimboe@kernel.org> To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, Peter Zijlstra <peterz@infradead.org>, Mark Rutland <mark.rutland@arm.com>, Jason Baron <jbaron@akamai.com>, Steven Rostedt <rostedt@goodmis.org>, Ard Biesheuvel <ardb@kernel.org>, Christophe Leroy <christophe.leroy@csgroup.eu>, Paolo Bonzini <pbonzini@redhat.com>, Sean Christopherson <seanjc@google.com> Subject: [RFC][PATCH 0/5] Improve static call NULL handling Date: Fri, 10 Mar 2023 12:31:12 -0800 Message-Id: <cover.1678474914.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-type: text/plain Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760015246929251511?= X-GMAIL-MSGID: =?utf-8?q?1760015246929251511?= |
Series |
Improve static call NULL handling
|
|
Message
Josh Poimboeuf
March 10, 2023, 8:31 p.m. UTC
Static calling a NULL pointer is a NOP, unless you're one of those poor souls running on an arch (or backported x86 monstrosity) with CONFIG_HAVE_STATIC_CALL=n, then it's a panic. The "fix" for this undefined behavior is to tell the user to just use static_call_cond() instead, if they want consistent NOP behavior. But forgetting to do that is likely to cause subtle bugs. It actually already did (during RHEL development). There are two ways to make it consistent: a) Make static_call(NULL) a NOP for all configs; or b) Make static_call(NULL) a panic for all configs. Do (a) because it's consistent with the existing HAVE_STATIC_CALL behavior. Also it seems simpler to implement and use, and based on looking at the existing use cases, it's common to want the "do nothing and return 0" behavior by default. Then take it a step further and get rid of the distinction between STATIC_CALL_NULL and STATIC_CALL_RET0. The end result is less confusing semantics and simpler code all around. EPILOGUE -------- If any users wanted panic-on-NULL by default instead of NOP-on-NULL, that could be added on top of this. They could just initialize the static call with a __static_call_bug() helper. void __static_call_bug(void) { BUG(); } .. DEFINE_STATIC_CALL(foo, (func_type)__static_call_bug); We could take that even further: DEFINE_STATIC_CALL_NOP(foo, func_type); DEFINE_STATIC_CALL_BUG(bar, func_type); ... #define STATIC_CALL_NOP (func_type)__static_call_nop #define STATIC_CALL_BUG (func_type)__static_call_bug ... static_call_update(foo, STATIC_CALL_NOP); // do nothing and return 0 static_call_update(foo, STATIC_CALL_BUG); // panic static_call_update(foo, NULL); // ??? The default behavior for NULL could be a key-specific policy, stored as a flag in the static_call_key struct. The key-specific policy would be easier to deal with than the call-site-specific policy we have today with static_call_cond(). Josh Poimboeuf (5): static_call: Make NULL static calls consistent static_call: Make NULL static calls return 0 static_call: Remove static_call_cond() and its usages static_call: Remove DEFINE_STATIC_CALL_RET0() and its uses x86/kvm: Simplify static call handling arch/powerpc/include/asm/static_call.h | 1 - arch/powerpc/kernel/irq.c | 2 +- arch/x86/events/amd/core.c | 2 +- arch/x86/events/core.c | 26 ++--- arch/x86/include/asm/kvm-x86-ops.h | 86 +++++++------- arch/x86/include/asm/kvm-x86-pmu-ops.h | 17 +-- arch/x86/include/asm/kvm_host.h | 6 +- arch/x86/include/asm/static_call.h | 8 -- arch/x86/kvm/irq.c | 2 +- arch/x86/kvm/lapic.c | 22 ++-- arch/x86/kvm/pmu.c | 11 +- arch/x86/kvm/x86.c | 36 +++--- include/linux/static_call.h | 131 +++++----------------- kernel/events/core.c | 8 +- kernel/sched/core.c | 10 +- security/keys/trusted-keys/trusted_core.c | 2 +- 16 files changed, 126 insertions(+), 244 deletions(-)
Comments
On Fri, 10 Mar 2023 12:31:12 -0800 Josh Poimboeuf <jpoimboe@kernel.org> wrote: > static_call_update(foo, STATIC_CALL_NOP); // do nothing and return 0 > static_call_update(foo, STATIC_CALL_BUG); // panic > static_call_update(foo, NULL); // ??? > > The default behavior for NULL could be a key-specific policy, stored as > a flag in the static_call_key struct. Could we just get rid of the ambiguity and make static_call_update(foo, NULL); trigger a WARN_ON() instead, and always do nop? The issue I have with allowing NULL, is that it's not easy to know from the call site what it does. -- Steve