From nobody Sun Feb 8 07:44:25 2026 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C9D322F83BB for ; Mon, 10 Nov 2025 08:23:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763033; cv=none; b=ekN9hciOYpNUVbQUAXuX79ypx0z1wJHocg6MRjzJQTRxECBfSzFPplK2RCOrAF4rWYUS6yNP9MLmsrDru7/6SpQqi9FfkpaBdyKS6eSfQ+0QdLgYb/ivjYOLBvY2IMIDfbV+M+/GKanhpInWiHPawAJE5X5wCtvttS/JyLeZ0X0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763033; c=relaxed/simple; bh=X0y3ntGNjiF48lqn+isvO6LuxT9mJpoVP3Kji+DFDQw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sZ8vC6pv4mpo+q+cYfJV0CVQ6RYWuf4gimGzC9eRgpEzCTJmpamZmLsX2e27wI3yysM6EWOJY5pbsFU3I8IOfDUoCtkOL5/qXO4nWluAJiXL9/2YAbI6byfJD0VziQAC//r3cT7CI+RRV7udjRWrjvTkuT1iOagpi6KcUj+0OiU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=bsOiD+Co; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=bsOiD+Co; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="bsOiD+Co"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="bsOiD+Co" Received: from imap1.dmz-prg2.suse.org (unknown [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 4506B33683; Mon, 10 Nov 2025 08:23:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1762763028; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6LyxHIh10sONol3annpWE2J2EAH/JvgyQtND7zs4cJs=; b=bsOiD+CoCtdk2baf0d7CIZps2GaLT+wQCwxfrmRhE6ROhuGnZxOPZFJsbMveeZE1+AQSGk 42QWuqS1pmrcEHlZ0GvWC0Tcw5/o2sSMvP6+AL/sXEikizp7EGEMLz9AMqzjw7/eNrAtXU L5EBqn3S5iJK5h0UtyIgV1jrHoyL2pI= Authentication-Results: smtp-out1.suse.de; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1762763028; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6LyxHIh10sONol3annpWE2J2EAH/JvgyQtND7zs4cJs=; b=bsOiD+CoCtdk2baf0d7CIZps2GaLT+wQCwxfrmRhE6ROhuGnZxOPZFJsbMveeZE1+AQSGk 42QWuqS1pmrcEHlZ0GvWC0Tcw5/o2sSMvP6+AL/sXEikizp7EGEMLz9AMqzjw7/eNrAtXU L5EBqn3S5iJK5h0UtyIgV1jrHoyL2pI= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id EC4A113BAE; Mon, 10 Nov 2025 08:23:47 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id iaEBOBOhEWm0KAAAD6G6ig (envelope-from ); Mon, 10 Nov 2025 08:23:47 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v3 1/3] x86/alternative: Drop not needed test after call of alt_replace_call() Date: Mon, 10 Nov 2025 09:23:37 +0100 Message-ID: <20251110082339.30144-2-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251110082339.30144-1-jgross@suse.com> References: <20251110082339.30144-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Spam-Level: X-Spamd-Result: default: False [-6.80 / 50.00]; REPLY(-4.00)[]; BAYES_HAM(-3.00)[100.00%]; NEURAL_HAM_LONG(-1.00)[-1.000]; MID_CONTAINS_FROM(1.00)[]; R_MISSING_CHARSET(0.50)[]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FUZZY_RATELIMITED(0.00)[rspamd.com]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:email,suse.com:mid,imap1.dmz-prg2.suse.org:helo]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; FROM_EQ_ENVFROM(0.00)[]; TO_DN_SOME(0.00)[]; RCPT_COUNT_SEVEN(0.00)[8]; RCVD_TLS_ALL(0.00)[] X-Spam-Flag: NO X-Spam-Score: -6.80 Content-Type: text/plain; charset="utf-8" alt_replace_call() will never return a negative value, so testing the return value to be less than zero can be dropped. This makes it possible to switch the return type of alt_replace_call() and the type of insn_buff_sz to unsigned int. Signed-off-by: Juergen Gross --- arch/x86/kernel/alternative.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 8ee5ff547357..4f3ea50e41e8 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -559,7 +559,7 @@ EXPORT_SYMBOL(BUG_func); * Rewrite the "call BUG_func" replacement to point to the target of the * indirect pv_ops call "call *disp(%ip)". */ -static int alt_replace_call(u8 *instr, u8 *insn_buff, struct alt_instr *a) +static unsigned int alt_replace_call(u8 *instr, u8 *insn_buff, struct alt_= instr *a) { void *target, *bug =3D &BUG_func; s32 disp; @@ -643,7 +643,7 @@ void __init_or_module noinline apply_alternatives(struc= t alt_instr *start, * order. */ for (a =3D start; a < end; a++) { - int insn_buff_sz =3D 0; + unsigned int insn_buff_sz =3D 0; =20 /* * In case of nested ALTERNATIVE()s the outer alternative might @@ -683,11 +683,8 @@ void __init_or_module noinline apply_alternatives(stru= ct alt_instr *start, memcpy(insn_buff, replacement, a->replacementlen); insn_buff_sz =3D a->replacementlen; =20 - if (a->flags & ALT_FLAG_DIRECT_CALL) { + if (a->flags & ALT_FLAG_DIRECT_CALL) insn_buff_sz =3D alt_replace_call(instr, insn_buff, a); - if (insn_buff_sz < 0) - continue; - } =20 for (; insn_buff_sz < a->instrlen; insn_buff_sz++) insn_buff[insn_buff_sz] =3D 0x90; --=20 2.51.0 From nobody Sun Feb 8 07:44:25 2026 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E19292F83BB for ; Mon, 10 Nov 2025 08:23:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763039; cv=none; b=XaH6/pawy+jPoCXQawY+3mZGCirBZTBsSltkf7YxGK/X0agA/KXeF1DoNNQFm98nypL1H/aw9YGjZ1oYGNSPPxD6O+v7cXKzVbkMP/IDRWOHQygwcE2PuIMrj4AuMVePqgZog28dpLMhVxuHRBHhorm6/9pY5EgBs6oyNS8ipKI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763039; c=relaxed/simple; bh=vmHwJz6mjiKdp1rmuzrLHYxRLC0eullr+g7yc8mXu28=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QbjRJ1kqdw24D2YWeEEOltkrIXg/AxawFrlZ4hCTDgF1d/qZvYRKOw/qF2U9Br9/+2e99LkwdwEHRbUsQU9CMqsmI8228YmWyA6KQBiwVCOiIO7WJyQsusiXaXe6kY0cl/1VYi6oFdgyxjSSseprCkLxM/D0YwdpEN0Ra0XLYZ8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 01FA033724; Mon, 10 Nov 2025 08:23:54 +0000 (UTC) Authentication-Results: smtp-out1.suse.de; none Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id AB1C513BAE; Mon, 10 Nov 2025 08:23:53 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id l3RNKBmhEWnBKAAAD6G6ig (envelope-from ); Mon, 10 Nov 2025 08:23:53 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v3 2/3] x86/alternative: Use a helper function for patching alternatives Date: Mon, 10 Nov 2025 09:23:38 +0100 Message-ID: <20251110082339.30144-3-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251110082339.30144-1-jgross@suse.com> References: <20251110082339.30144-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 01FA033724 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Action: no action X-Spam-Flag: NO X-Spam-Score: -4.00 X-Spam-Level: X-Rspamd-Server: rspamd2.dmz-prg2.suse.org X-Spamd-Result: default: False [-4.00 / 50.00]; REPLY(-4.00)[] Content-Type: text/plain; charset="utf-8" Tidy up apply_alternatives() by moving the main patching action of a single alternative instance into a helper function. As the original instruction is being patched with optimized padding NOPs even in case no replacement instruction has been selected, do the main patching action in the main loop. This requires to use __apply_relocation() instead of text_poke_apply_relocation() in order to have only a single call of optimize_nops(), resulting in a more transparent coding (the question why optimize_nops() isn't being called in all cases has come up more than once in the past). Suggested-by: Borislav Petkov Signed-off-by: Juergen Gross --- V3: - new patch --- arch/x86/kernel/alternative.c | 121 +++++++++++++++++++--------------- 1 file changed, 67 insertions(+), 54 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 4f3ea50e41e8..248e5f212a2b 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -604,6 +604,68 @@ static inline u8 * instr_va(struct alt_instr *i) return (u8 *)&i->instr_offset + i->instr_offset; } =20 +struct patch_site { + u8 *instr; + u8 buff[MAX_PATCH_LEN]; + u8 len; +}; + +static void __init_or_module analyze_patch_site(struct patch_site *ps, + struct alt_instr *p, struct alt_instr *end) +{ + struct alt_instr *r; + u8 buff_sz; + u8 *repl; + + /* + * In case of nested ALTERNATIVE()s the outer alternative might add + * more padding. To ensure consistent patching find the max padding for + * all alt_instr entries for this site (nested alternatives result in + * consecutive entries). + */ + ps->instr =3D instr_va(p); + ps->len =3D p->instrlen; + for (r =3D p+1; r < end && instr_va(r) =3D=3D ps->instr; r++) { + ps->len =3D max(ps->len, r->instrlen); + p->instrlen =3D r->instrlen =3D ps->len; + } + + BUG_ON(ps->len > sizeof(ps->buff)); + BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); + + /* + * Patch if either: + * - feature is present + * - feature not present but ALT_FLAG_NOT is set to mean, + * patch if feature is *NOT* present. + */ + if (!boot_cpu_has(p->cpuid) =3D=3D !(p->flags & ALT_FLAG_NOT)) { + memcpy(ps->buff, ps->instr, ps->len); + return; + } + + repl =3D (u8 *)&p->repl_offset + p->repl_offset; + DPRINTK(ALT, "feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len: = %d) flags: 0x%x", + p->cpuid >> 5, p->cpuid & 0x1f, + ps->instr, ps->instr, ps->len, + repl, p->replacementlen, p->flags); + + memcpy(ps->buff, repl, p->replacementlen); + buff_sz =3D p->replacementlen; + + if (p->flags & ALT_FLAG_DIRECT_CALL) + buff_sz =3D alt_replace_call(ps->instr, ps->buff, p); + + for (; buff_sz < ps->len; buff_sz++) + ps->buff[buff_sz] =3D 0x90; + + __apply_relocation(ps->buff, ps->instr, ps->len, repl, p->replacementlen); + + DUMP_BYTES(ALT, ps->instr, ps->len, "%px: old_insn: ", ps->instr); + DUMP_BYTES(ALT, repl, p->replacementlen, "%px: rpl_insn: ", repl); + DUMP_BYTES(ALT, ps->buff, ps->len, "%px: final_insn: ", ps->instr); +} + /* * Replace instructions with better alternatives for this CPU type. This r= uns * before SMP is initialized to avoid SMP problems with self modifying cod= e. @@ -617,9 +679,7 @@ static inline u8 * instr_va(struct alt_instr *i) void __init_or_module noinline apply_alternatives(struct alt_instr *start, struct alt_instr *end) { - u8 insn_buff[MAX_PATCH_LEN]; - u8 *instr, *replacement; - struct alt_instr *a, *b; + struct alt_instr *a; =20 DPRINTK(ALT, "alt table %px, -> %px", start, end); =20 @@ -643,59 +703,12 @@ void __init_or_module noinline apply_alternatives(str= uct alt_instr *start, * order. */ for (a =3D start; a < end; a++) { - unsigned int insn_buff_sz =3D 0; - - /* - * In case of nested ALTERNATIVE()s the outer alternative might - * add more padding. To ensure consistent patching find the max - * padding for all alt_instr entries for this site (nested - * alternatives result in consecutive entries). - */ - for (b =3D a+1; b < end && instr_va(b) =3D=3D instr_va(a); b++) { - u8 len =3D max(a->instrlen, b->instrlen); - a->instrlen =3D b->instrlen =3D len; - } - - instr =3D instr_va(a); - replacement =3D (u8 *)&a->repl_offset + a->repl_offset; - BUG_ON(a->instrlen > sizeof(insn_buff)); - BUG_ON(a->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); - - /* - * Patch if either: - * - feature is present - * - feature not present but ALT_FLAG_NOT is set to mean, - * patch if feature is *NOT* present. - */ - if (!boot_cpu_has(a->cpuid) =3D=3D !(a->flags & ALT_FLAG_NOT)) { - memcpy(insn_buff, instr, a->instrlen); - optimize_nops(instr, insn_buff, a->instrlen); - text_poke_early(instr, insn_buff, a->instrlen); - continue; - } - - DPRINTK(ALT, "feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len:= %d) flags: 0x%x", - a->cpuid >> 5, - a->cpuid & 0x1f, - instr, instr, a->instrlen, - replacement, a->replacementlen, a->flags); - - memcpy(insn_buff, replacement, a->replacementlen); - insn_buff_sz =3D a->replacementlen; - - if (a->flags & ALT_FLAG_DIRECT_CALL) - insn_buff_sz =3D alt_replace_call(instr, insn_buff, a); - - for (; insn_buff_sz < a->instrlen; insn_buff_sz++) - insn_buff[insn_buff_sz] =3D 0x90; - - text_poke_apply_relocation(insn_buff, instr, a->instrlen, replacement, a= ->replacementlen); + struct patch_site ps; =20 - DUMP_BYTES(ALT, instr, a->instrlen, "%px: old_insn: ", instr); - DUMP_BYTES(ALT, replacement, a->replacementlen, "%px: rpl_insn: ", rep= lacement); - DUMP_BYTES(ALT, insn_buff, insn_buff_sz, "%px: final_insn: ", instr); + analyze_patch_site(&ps, a, end); =20 - text_poke_early(instr, insn_buff, insn_buff_sz); + optimize_nops(ps.instr, ps.buff, ps.len); + text_poke_early(ps.instr, ps.buff, ps.len); } =20 kasan_enable_current(); --=20 2.51.0 From nobody Sun Feb 8 07:44:25 2026 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07E002F83BB for ; Mon, 10 Nov 2025 08:24:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763045; cv=none; b=s7zw5kGJMQLYtVG1Thkz4UCcHLaA0gqmLbsXLdlKyOzJjZPqzejmO4XiYX3dVlqR9VhEIkNnYIcB+pUfFxSj1BWxMWw5y8abKogySuzRFrGUoVb2u3qisuF4ZouevrOG9Mfw8Ovv1aJ9cBjlaEi3FW5Rx10Koz8CTx3n5AmYGNw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762763045; c=relaxed/simple; bh=hzcNUVlKrn0SacGprxhEDaO7OPDQ8G1+yBQ2Ae9sGXA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oAYg5w4djmX1cOAOYXoxcyo7ClbtUkz4SA8GzIBM9oQZi3XZvUnauY8Gu1xv2SdKJCKplipVNc++KKXIq3YvtcO99ftfdb0aWAkBrtgeKLlkkHALKH5Tnjd4WboVtIv74GD6Xvx7o4chblHoKx7l6sAUpHXE452y3s9mgEcag+c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id A135533727; Mon, 10 Nov 2025 08:23:59 +0000 (UTC) Authentication-Results: smtp-out1.suse.de; none Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 5F1B713BAE; Mon, 10 Nov 2025 08:23:59 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id nsXVFR+hEWnNKAAAD6G6ig (envelope-from ); Mon, 10 Nov 2025 08:23:59 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v3 3/3] x86/alternative: Patch a single alternative location only once Date: Mon, 10 Nov 2025 09:23:39 +0100 Message-ID: <20251110082339.30144-4-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251110082339.30144-1-jgross@suse.com> References: <20251110082339.30144-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: A135533727 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Action: no action X-Spam-Flag: NO X-Spam-Score: -4.00 X-Spam-Level: X-Rspamd-Server: rspamd2.dmz-prg2.suse.org X-Spamd-Result: default: False [-4.00 / 50.00]; REPLY(-4.00)[] Content-Type: text/plain; charset="utf-8" Instead of patching a single location potentially multiple times in case of nested ALTERNATIVE()s, do the patching only after having evaluated all alt_instr instances for that location. This has multiple advantages: - In case of replacing an indirect with a direct call using the ALT_FLAG_DIRECT_CALL flag, there is no longer the need to have that instance before any other instances at the same location (the original instruction is needed for finding the target of the direct call). This issue has been hit when trying to do paravirt patching similar to the following: ALTERNATIVE_2(PARAVIRT_CALL, // indirect call instr, feature, // native instruction ALT_CALL_INSTR, X86_FEATURE_XENPV) // Xen function In case "feature" was true, "instr" replaced the indirect call. Under Xen PV the patching to have a direct call failed, as the original indirect call was no longer there to find the call target. - In case of nested ALTERNATIVE()s there is no intermediate replacement visible. This avoids any problems in case e.g. an interrupt is happening between the single instances and the patched location is used during handling the interrupt. Signed-off-by: Juergen Gross --- V2: - complete rework (Boris Petkov) V3: - rebase to added patch 2 --- arch/x86/kernel/alternative.c | 59 ++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 26 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 248e5f212a2b..1d8dbf5521e9 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -610,10 +610,10 @@ struct patch_site { u8 len; }; =20 -static void __init_or_module analyze_patch_site(struct patch_site *ps, - struct alt_instr *p, struct alt_instr *end) +static struct alt_instr * __init_or_module analyze_patch_site( + struct patch_site *ps, struct alt_instr *p, struct alt_instr *end) { - struct alt_instr *r; + struct alt_instr *r =3D NULL; u8 buff_sz; u8 *repl; =20 @@ -622,48 +622,54 @@ static void __init_or_module analyze_patch_site(struc= t patch_site *ps, * more padding. To ensure consistent patching find the max padding for * all alt_instr entries for this site (nested alternatives result in * consecutive entries). + * Find the last alt_instr eligible for patching at the site. */ ps->instr =3D instr_va(p); - ps->len =3D p->instrlen; - for (r =3D p+1; r < end && instr_va(r) =3D=3D ps->instr; r++) { - ps->len =3D max(ps->len, r->instrlen); - p->instrlen =3D r->instrlen =3D ps->len; + ps->len =3D 0; + for (; p < end && instr_va(p) =3D=3D ps->instr; p++) { + ps->len =3D max(ps->len, p->instrlen); + + BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); + /* + * Patch if either: + * - feature is present + * - feature not present but ALT_FLAG_NOT is set to mean, + * patch if feature is *NOT* present. + */ + if (!boot_cpu_has(p->cpuid) !=3D !(p->flags & ALT_FLAG_NOT)) + r =3D p; } =20 BUG_ON(ps->len > sizeof(ps->buff)); - BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); =20 - /* - * Patch if either: - * - feature is present - * - feature not present but ALT_FLAG_NOT is set to mean, - * patch if feature is *NOT* present. - */ - if (!boot_cpu_has(p->cpuid) =3D=3D !(p->flags & ALT_FLAG_NOT)) { + if (!r) { + /* Nothing to patch, use original instruction. */ memcpy(ps->buff, ps->instr, ps->len); - return; + return p; } =20 - repl =3D (u8 *)&p->repl_offset + p->repl_offset; + repl =3D (u8 *)&r->repl_offset + r->repl_offset; DPRINTK(ALT, "feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len: = %d) flags: 0x%x", - p->cpuid >> 5, p->cpuid & 0x1f, + r->cpuid >> 5, r->cpuid & 0x1f, ps->instr, ps->instr, ps->len, - repl, p->replacementlen, p->flags); + repl, r->replacementlen, r->flags); =20 - memcpy(ps->buff, repl, p->replacementlen); - buff_sz =3D p->replacementlen; + memcpy(ps->buff, repl, r->replacementlen); + buff_sz =3D r->replacementlen; =20 - if (p->flags & ALT_FLAG_DIRECT_CALL) - buff_sz =3D alt_replace_call(ps->instr, ps->buff, p); + if (r->flags & ALT_FLAG_DIRECT_CALL) + buff_sz =3D alt_replace_call(ps->instr, ps->buff, r); =20 for (; buff_sz < ps->len; buff_sz++) ps->buff[buff_sz] =3D 0x90; =20 - __apply_relocation(ps->buff, ps->instr, ps->len, repl, p->replacementlen); + __apply_relocation(ps->buff, ps->instr, ps->len, repl, r->replacementlen); =20 DUMP_BYTES(ALT, ps->instr, ps->len, "%px: old_insn: ", ps->instr); DUMP_BYTES(ALT, repl, p->replacementlen, "%px: rpl_insn: ", repl); DUMP_BYTES(ALT, ps->buff, ps->len, "%px: final_insn: ", ps->instr); + + return p; } =20 /* @@ -702,10 +708,11 @@ void __init_or_module noinline apply_alternatives(str= uct alt_instr *start, * So be careful if you want to change the scan order to any other * order. */ - for (a =3D start; a < end; a++) { + a =3D start; + while (a < end) { struct patch_site ps; =20 - analyze_patch_site(&ps, a, end); + a =3D analyze_patch_site(&ps, a, end); =20 optimize_nops(ps.instr, ps.buff, ps.len); text_poke_early(ps.instr, ps.buff, ps.len); --=20 2.51.0