On Fri, 31 Oct 2025 12:52:56 +0100
Valentin Schneider <vschneid@redhat.com> wrote:
> On 30/10/25 11:25, Petr Tesarik wrote:
> > On Fri, 10 Oct 2025 17:38:16 +0200
> > Valentin Schneider <vschneid@redhat.com> wrote:
> >
> >> From: Josh Poimboeuf <jpoimboe@kernel.org>
> >>
> >> Deferring a code patching IPI is unsafe if the patched code is in a
> >> noinstr region. In that case the text poke code must trigger an
> >> immediate IPI to all CPUs, which can rudely interrupt an isolated NO_HZ
> >> CPU running in userspace.
> >>
> >> If a noinstr static call only needs to be patched during boot, its key
> >> can be made ro-after-init to ensure it will never be patched at runtime.
> >>
> >> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> >> ---
> >> include/linux/static_call.h | 16 ++++++++++++++++
> >> 1 file changed, 16 insertions(+)
> >>
> >> diff --git a/include/linux/static_call.h b/include/linux/static_call.h
> >> index 78a77a4ae0ea8..ea6ca57e2a829 100644
> >> --- a/include/linux/static_call.h
> >> +++ b/include/linux/static_call.h
> >> @@ -192,6 +192,14 @@ extern long __static_call_return0(void);
> >> }; \
> >> ARCH_DEFINE_STATIC_CALL_TRAMP(name, _func)
> >>
> >> +#define DEFINE_STATIC_CALL_RO(name, _func) \
> >> + DECLARE_STATIC_CALL(name, _func); \
> >> + struct static_call_key __ro_after_init STATIC_CALL_KEY(name) = {\
> >> + .func = _func, \
> >> + .type = 1, \
> >> + }; \
> >> + ARCH_DEFINE_STATIC_CALL_TRAMP(name, _func)
> >> +
> >> #define DEFINE_STATIC_CALL_NULL(name, _func) \
> >> DECLARE_STATIC_CALL(name, _func); \
> >> struct static_call_key STATIC_CALL_KEY(name) = { \
> >> @@ -200,6 +208,14 @@ extern long __static_call_return0(void);
> >> }; \
> >> ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name)
> >>
> >> +#define DEFINE_STATIC_CALL_NULL_RO(name, _func) \
> >> + DECLARE_STATIC_CALL(name, _func); \
> >> + struct static_call_key __ro_after_init STATIC_CALL_KEY(name) = {\
> >> + .func = NULL, \
> >> + .type = 1, \
> >> + }; \
> >> + ARCH_DEFINE_STATIC_CALL_NULL_TRAMP(name)
> >> +
> >
> > I think it would be a good idea to add a comment describing when these
> > macros are supposed to be used, similar to the explanation you wrote for
> > the _NOINSTR variants. Just to provide a clue for people adding a new
> > static key in the future, because the commit message may become a bit
> > hard to find if there are a few cleanup patches on top.
> >
>
> I was about to write such a comment but I had another take; The _NOINSTR
> static key helpers are special and only relevant to IPI deferral; whereas
> the _RO helpers actually change the backing storage for the keys and as a
> bonus are used by the IPI deferral instrumentation.
>
> IMO it's the same here for the static calls, it makes sense to mark the
> relevant ones as _RO regardless of IPI deferral.
>
> I could however add a comment to ANNOTATE_NOINSTR_ALLOWED() itself,
> something like:
>
> ```
> /*
> * This is used to tell objtool that a given static key is safe to be used
> * within .noinstr code, and it doesn't need to generate a warning about it.
> *
> * For more information, see tools/objtool/Documentation/objtool.txt,
> * "non-RO static key usage in noinstr code"
> */
> #define ANNOTATE_NOINSTR_ALLOWED(key) __ANNOTATE_NOINSTR_ALLOWED(key)
> ```
I agree, this makes more sense. Thank you!
Petr T