When KCOV is enabled all functions get instrumented, unless the
__no_sanitize_coverage attribute is used. To prepare for
__no_sanitize_coverage being applied to __init functions, we have to
handle differences in how GCC's inline optimizations get resolved. For
x86 this means forcing several functions to be inline with
__always_inline.
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: <x86@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Cc: Hans de Goede <hdegoede@redhat.com>
Cc: "Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>
Cc: Len Brown <lenb@kernel.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Mike Rapoport <rppt@kernel.org>
Cc: Michal Wilczynski <michal.wilczynski@intel.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Roger Pau Monne <roger.pau@citrix.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Usama Arif <usama.arif@bytedance.com>
Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
Cc: Thomas Huth <thuth@redhat.com>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: <kvm@vger.kernel.org>
Cc: <ibm-acpi-devel@lists.sourceforge.net>
Cc: <platform-driver-x86@vger.kernel.org>
Cc: <linux-acpi@vger.kernel.org>
Cc: <linux-trace-kernel@vger.kernel.org>
Cc: <linux-efi@vger.kernel.org>
Cc: <linux-mm@kvack.org>
---
arch/x86/include/asm/acpi.h | 4 ++--
arch/x86/include/asm/realmode.h | 2 +-
include/linux/acpi.h | 4 ++--
include/linux/bootconfig.h | 2 +-
include/linux/efi.h | 2 +-
include/linux/memblock.h | 2 +-
arch/x86/kernel/kvm.c | 2 +-
drivers/platform/x86/thinkpad_acpi.c | 4 ++--
8 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/arch/x86/include/asm/acpi.h b/arch/x86/include/asm/acpi.h
index 5ab1a4598d00..a03aa6f999d1 100644
--- a/arch/x86/include/asm/acpi.h
+++ b/arch/x86/include/asm/acpi.h
@@ -158,13 +158,13 @@ static inline bool acpi_has_cpu_in_madt(void)
}
#define ACPI_HAVE_ARCH_SET_ROOT_POINTER
-static inline void acpi_arch_set_root_pointer(u64 addr)
+static __always_inline void acpi_arch_set_root_pointer(u64 addr)
{
x86_init.acpi.set_root_pointer(addr);
}
#define ACPI_HAVE_ARCH_GET_ROOT_POINTER
-static inline u64 acpi_arch_get_root_pointer(void)
+static __always_inline u64 acpi_arch_get_root_pointer(void)
{
return x86_init.acpi.get_root_pointer();
}
diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h
index f607081a022a..e406a1e92c63 100644
--- a/arch/x86/include/asm/realmode.h
+++ b/arch/x86/include/asm/realmode.h
@@ -78,7 +78,7 @@ extern unsigned char secondary_startup_64[];
extern unsigned char secondary_startup_64_no_verify[];
#endif
-static inline size_t real_mode_size_needed(void)
+static __always_inline size_t real_mode_size_needed(void)
{
if (real_mode_header)
return 0; /* already allocated. */
diff --git a/include/linux/acpi.h b/include/linux/acpi.h
index e72100c0684f..ae76c8915000 100644
--- a/include/linux/acpi.h
+++ b/include/linux/acpi.h
@@ -759,13 +759,13 @@ int acpi_arch_timer_mem_init(struct arch_timer_mem *timer_mem, int *timer_count)
#endif
#ifndef ACPI_HAVE_ARCH_SET_ROOT_POINTER
-static inline void acpi_arch_set_root_pointer(u64 addr)
+static __always_inline void acpi_arch_set_root_pointer(u64 addr)
{
}
#endif
#ifndef ACPI_HAVE_ARCH_GET_ROOT_POINTER
-static inline u64 acpi_arch_get_root_pointer(void)
+static __always_inline u64 acpi_arch_get_root_pointer(void)
{
return 0;
}
diff --git a/include/linux/bootconfig.h b/include/linux/bootconfig.h
index 3f4b4ac527ca..25df9260d206 100644
--- a/include/linux/bootconfig.h
+++ b/include/linux/bootconfig.h
@@ -290,7 +290,7 @@ int __init xbc_get_info(int *node_size, size_t *data_size);
/* XBC cleanup data structures */
void __init _xbc_exit(bool early);
-static inline void xbc_exit(void)
+static __always_inline void xbc_exit(void)
{
_xbc_exit(false);
}
diff --git a/include/linux/efi.h b/include/linux/efi.h
index 7d63d1d75f22..e3776d9cad07 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -1334,7 +1334,7 @@ struct linux_efi_initrd {
bool xen_efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table);
-static inline
+static __always_inline
bool efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table)
{
if (!IS_ENABLED(CONFIG_XEN_EFI))
diff --git a/include/linux/memblock.h b/include/linux/memblock.h
index bb19a2534224..b96746376e17 100644
--- a/include/linux/memblock.h
+++ b/include/linux/memblock.h
@@ -463,7 +463,7 @@ static inline void *memblock_alloc_raw(phys_addr_t size,
NUMA_NO_NODE);
}
-static inline void *memblock_alloc_from(phys_addr_t size,
+static __always_inline void *memblock_alloc_from(phys_addr_t size,
phys_addr_t align,
phys_addr_t min_addr)
{
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
index 921c1c783bc1..72f13d643fca 100644
--- a/arch/x86/kernel/kvm.c
+++ b/arch/x86/kernel/kvm.c
@@ -420,7 +420,7 @@ static u64 kvm_steal_clock(int cpu)
return steal;
}
-static inline void __set_percpu_decrypted(void *ptr, unsigned long size)
+static __always_inline void __set_percpu_decrypted(void *ptr, unsigned long size)
{
early_set_memory_decrypted((unsigned long) ptr, size);
}
diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c
index e7350c9fa3aa..0518d5b1f4ec 100644
--- a/drivers/platform/x86/thinkpad_acpi.c
+++ b/drivers/platform/x86/thinkpad_acpi.c
@@ -559,12 +559,12 @@ static unsigned long __init tpacpi_check_quirks(
return 0;
}
-static inline bool __pure __init tpacpi_is_lenovo(void)
+static __always_inline bool __pure tpacpi_is_lenovo(void)
{
return thinkpad_id.vendor == PCI_VENDOR_ID_LENOVO;
}
-static inline bool __pure __init tpacpi_is_ibm(void)
+static __always_inline bool __pure tpacpi_is_ibm(void)
{
return thinkpad_id.vendor == PCI_VENDOR_ID_IBM;
}
--
2.34.1
On Thu, 22 May 2025, Kees Cook wrote:
> When KCOV is enabled all functions get instrumented, unless the
> __no_sanitize_coverage attribute is used. To prepare for
> __no_sanitize_coverage being applied to __init functions, we have to
> handle differences in how GCC's inline optimizations get resolved. For
> x86 this means forcing several functions to be inline with
> __always_inline.
>
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Dave Hansen <dave.hansen@linux.intel.com>
> Cc: <x86@kernel.org>
> Cc: "H. Peter Anvin" <hpa@zytor.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
> Cc: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
> Cc: Hans de Goede <hdegoede@redhat.com>
> Cc: "Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>
> Cc: "Rafael J. Wysocki" <rafael@kernel.org>
> Cc: Len Brown <lenb@kernel.org>
> Cc: Masami Hiramatsu <mhiramat@kernel.org>
> Cc: Ard Biesheuvel <ardb@kernel.org>
> Cc: Mike Rapoport <rppt@kernel.org>
> Cc: Michal Wilczynski <michal.wilczynski@intel.com>
> Cc: Juergen Gross <jgross@suse.com>
> Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
> Cc: Roger Pau Monne <roger.pau@citrix.com>
> Cc: David Woodhouse <dwmw@amazon.co.uk>
> Cc: Usama Arif <usama.arif@bytedance.com>
> Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
> Cc: Thomas Huth <thuth@redhat.com>
> Cc: Brian Gerst <brgerst@gmail.com>
> Cc: <kvm@vger.kernel.org>
> Cc: <ibm-acpi-devel@lists.sourceforge.net>
> Cc: <platform-driver-x86@vger.kernel.org>
> Cc: <linux-acpi@vger.kernel.org>
> Cc: <linux-trace-kernel@vger.kernel.org>
> Cc: <linux-efi@vger.kernel.org>
> Cc: <linux-mm@kvack.org>
> ---
> diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c
> index e7350c9fa3aa..0518d5b1f4ec 100644
> --- a/drivers/platform/x86/thinkpad_acpi.c
> +++ b/drivers/platform/x86/thinkpad_acpi.c
> @@ -559,12 +559,12 @@ static unsigned long __init tpacpi_check_quirks(
> return 0;
> }
>
> -static inline bool __pure __init tpacpi_is_lenovo(void)
> +static __always_inline bool __pure tpacpi_is_lenovo(void)
> {
> return thinkpad_id.vendor == PCI_VENDOR_ID_LENOVO;
> }
>
> -static inline bool __pure __init tpacpi_is_ibm(void)
> +static __always_inline bool __pure tpacpi_is_ibm(void)
> {
> return thinkpad_id.vendor == PCI_VENDOR_ID_IBM;
> }
Hi Kees,
What's your plan on upstreaming route/timeline for this? I'd prefer to
retain full control over this file as we were planning on some
reorganization of files into lenovo/ subdir.
--
i.
On Mon, May 26, 2025 at 12:53:13AM +0300, Ilpo Järvinen wrote:
> On Thu, 22 May 2025, Kees Cook wrote:
>
> > When KCOV is enabled all functions get instrumented, unless the
> > __no_sanitize_coverage attribute is used. To prepare for
> > __no_sanitize_coverage being applied to __init functions, we have to
> > handle differences in how GCC's inline optimizations get resolved. For
> > x86 this means forcing several functions to be inline with
> > __always_inline.
> >
> > Signed-off-by: Kees Cook <kees@kernel.org>
> > ---
> > Cc: Thomas Gleixner <tglx@linutronix.de>
> > Cc: Ingo Molnar <mingo@redhat.com>
> > Cc: Borislav Petkov <bp@alien8.de>
> > Cc: Dave Hansen <dave.hansen@linux.intel.com>
> > Cc: <x86@kernel.org>
> > Cc: "H. Peter Anvin" <hpa@zytor.com>
> > Cc: Paolo Bonzini <pbonzini@redhat.com>
> > Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
> > Cc: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
> > Cc: Hans de Goede <hdegoede@redhat.com>
> > Cc: "Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>
> > Cc: "Rafael J. Wysocki" <rafael@kernel.org>
> > Cc: Len Brown <lenb@kernel.org>
> > Cc: Masami Hiramatsu <mhiramat@kernel.org>
> > Cc: Ard Biesheuvel <ardb@kernel.org>
> > Cc: Mike Rapoport <rppt@kernel.org>
> > Cc: Michal Wilczynski <michal.wilczynski@intel.com>
> > Cc: Juergen Gross <jgross@suse.com>
> > Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
> > Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
> > Cc: Roger Pau Monne <roger.pau@citrix.com>
> > Cc: David Woodhouse <dwmw@amazon.co.uk>
> > Cc: Usama Arif <usama.arif@bytedance.com>
> > Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
> > Cc: Thomas Huth <thuth@redhat.com>
> > Cc: Brian Gerst <brgerst@gmail.com>
> > Cc: <kvm@vger.kernel.org>
> > Cc: <ibm-acpi-devel@lists.sourceforge.net>
> > Cc: <platform-driver-x86@vger.kernel.org>
> > Cc: <linux-acpi@vger.kernel.org>
> > Cc: <linux-trace-kernel@vger.kernel.org>
> > Cc: <linux-efi@vger.kernel.org>
> > Cc: <linux-mm@kvack.org>
> > ---
>
> > diff --git a/drivers/platform/x86/thinkpad_acpi.c b/drivers/platform/x86/thinkpad_acpi.c
> > index e7350c9fa3aa..0518d5b1f4ec 100644
> > --- a/drivers/platform/x86/thinkpad_acpi.c
> > +++ b/drivers/platform/x86/thinkpad_acpi.c
> > @@ -559,12 +559,12 @@ static unsigned long __init tpacpi_check_quirks(
> > return 0;
> > }
> >
> > -static inline bool __pure __init tpacpi_is_lenovo(void)
> > +static __always_inline bool __pure tpacpi_is_lenovo(void)
> > {
> > return thinkpad_id.vendor == PCI_VENDOR_ID_LENOVO;
> > }
> >
> > -static inline bool __pure __init tpacpi_is_ibm(void)
> > +static __always_inline bool __pure tpacpi_is_ibm(void)
> > {
> > return thinkpad_id.vendor == PCI_VENDOR_ID_IBM;
> > }
>
> Hi Kees,
>
> What's your plan on upstreaming route/timeline for this? I'd prefer to
> retain full control over this file as we were planning on some
> reorganization of files into lenovo/ subdir.
I'm not in a big rush. I'm hoping to have this all in place for v6.17,
but the Clang feature won't be in a released compiler version until
September. :) I can send this bit separately for your tree.
Thanks for taking a look!
--
Kees Cook
On Thu, May 22, 2025, Kees Cook wrote:
> diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
> index 921c1c783bc1..72f13d643fca 100644
> --- a/arch/x86/kernel/kvm.c
> +++ b/arch/x86/kernel/kvm.c
> @@ -420,7 +420,7 @@ static u64 kvm_steal_clock(int cpu)
> return steal;
> }
>
> -static inline void __set_percpu_decrypted(void *ptr, unsigned long size)
> +static __always_inline void __set_percpu_decrypted(void *ptr, unsigned long size)
I'd rather drop the "inline" and explicitly mark this "__init". There's value
in documenting and enforcing that memory is marked decrypted/shared only during
boot.
> {
> early_set_memory_decrypted((unsigned long) ptr, size);
> }
On Fri, May 23, 2025 at 07:35:03AM -0700, Sean Christopherson wrote: > On Thu, May 22, 2025, Kees Cook wrote: > > diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c > > index 921c1c783bc1..72f13d643fca 100644 > > --- a/arch/x86/kernel/kvm.c > > +++ b/arch/x86/kernel/kvm.c > > @@ -420,7 +420,7 @@ static u64 kvm_steal_clock(int cpu) > > return steal; > > } > > > > -static inline void __set_percpu_decrypted(void *ptr, unsigned long size) > > +static __always_inline void __set_percpu_decrypted(void *ptr, unsigned long size) > > I'd rather drop the "inline" and explicitly mark this "__init". There's value > in documenting and enforcing that memory is marked decrypted/shared only during > boot. Sure! I will swap this around. Thanks! -Kees -- Kees Cook
© 2016 - 2025 Red Hat, Inc.