From nobody Tue Dec 2 02:19:49 2025 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 432172D59F7 for ; Wed, 19 Nov 2025 16:04:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568273; cv=none; b=Bx0HTP60A/z6ZwJKXa1i6bLucUaW18IDRwqnbC1EUAX8bfVZ+mC2B1FdnlsLwZybxvRmqsyR9V32dM0FyKLo7naIDXrOURRlxWK5RbgKCB/wFrtsNzX1OY0WPU97jQUD9VPaA9G8UHLX54dJl1V9ShpmRTcYbDAZs4ANPsrpm8I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568273; c=relaxed/simple; bh=3b/su8Y6e/SFh4n2bk8gduGGGZn5V7dXw6C8ohPklRo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZDVINwCaSunche5J6Pv0IvhyadqEnp/uL6HnAM5s0UUbReanpPWr7bq6KfX9s3YJaGC20yhO3z+K2aoiLM7Twgbx/dH5KWnlNvhEyRl9w0pkFEWnzF0ow9w7GfNC4/R0Hh/XZLXmm3nHQ5SiGPy6Y6+bQ2RUO3xsIuZRAHaHYAw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 2DF7A21744; Wed, 19 Nov 2025 16:04:28 +0000 (UTC) Authentication-Results: smtp-out1.suse.de; none Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id CDB053EA61; Wed, 19 Nov 2025 16:04:27 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id 7FiKMIvqHWl6UgAAD6G6ig (envelope-from ); Wed, 19 Nov 2025 16:04:27 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v4 1/3] x86/alternative: Drop not needed test after call of alt_replace_call() Date: Wed, 19 Nov 2025 17:04:18 +0100 Message-ID: <20251119160420.22160-2-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251119160420.22160-1-jgross@suse.com> References: <20251119160420.22160-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spam-Level: X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spamd-Result: default: False [-4.00 / 50.00]; REPLY(-4.00)[] X-Rspamd-Queue-Id: 2DF7A21744 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Action: no action X-Spam-Flag: NO X-Spam-Score: -4.00 Content-Type: text/plain; charset="utf-8" alt_replace_call() will never return a negative value, so testing the return value to be less than zero can be dropped. This makes it possible to switch the return type of alt_replace_call() and the type of insn_buff_sz to unsigned int. Signed-off-by: Juergen Gross --- V2: - new patch --- arch/x86/kernel/alternative.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 8ee5ff547357..4f3ea50e41e8 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -559,7 +559,7 @@ EXPORT_SYMBOL(BUG_func); * Rewrite the "call BUG_func" replacement to point to the target of the * indirect pv_ops call "call *disp(%ip)". */ -static int alt_replace_call(u8 *instr, u8 *insn_buff, struct alt_instr *a) +static unsigned int alt_replace_call(u8 *instr, u8 *insn_buff, struct alt_= instr *a) { void *target, *bug =3D &BUG_func; s32 disp; @@ -643,7 +643,7 @@ void __init_or_module noinline apply_alternatives(struc= t alt_instr *start, * order. */ for (a =3D start; a < end; a++) { - int insn_buff_sz =3D 0; + unsigned int insn_buff_sz =3D 0; =20 /* * In case of nested ALTERNATIVE()s the outer alternative might @@ -683,11 +683,8 @@ void __init_or_module noinline apply_alternatives(stru= ct alt_instr *start, memcpy(insn_buff, replacement, a->replacementlen); insn_buff_sz =3D a->replacementlen; =20 - if (a->flags & ALT_FLAG_DIRECT_CALL) { + if (a->flags & ALT_FLAG_DIRECT_CALL) insn_buff_sz =3D alt_replace_call(instr, insn_buff, a); - if (insn_buff_sz < 0) - continue; - } =20 for (; insn_buff_sz < a->instrlen; insn_buff_sz++) insn_buff[insn_buff_sz] =3D 0x90; --=20 2.51.0 From nobody Tue Dec 2 02:19:49 2025 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDB7F2D59F7 for ; Wed, 19 Nov 2025 16:04:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568278; cv=none; b=Y4YCO7eWWONt/RUZ7jhzJehI2+E7Lw+oc1Xdi0O+fvOqQw+1+cQBPMKxpAW0LQuY9meByvkvL+fE81oC4d8V1wEch7Yyq/HHJh/SWonI0IrYUc69YqKzWyxM0er1EfRq/CTfZvMil6WTcVec+/UAltWas4ZP5duZGvH2pXo/36s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568278; c=relaxed/simple; bh=AKFOLkvIYBE6CtJQNrSHIoier776SAB8Xa+fckqLdEM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Z7szriUsPocHCqzGo02VbKZCI9xluN52VqiVLv3wBFDxmTZBoPfQhUf5a3he0gp41U7E99OuQHocw/JqQ/OinulcNuiCuVbaDHqbn/GZaS2c8K3QZ4wFiliK13JV+Te1OioQ71N8h1PUo3oP7KGFhQygdCaz10zNAxyJaZQA4Hg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=OLtaDGjN; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=d9+b2IPt; arc=none smtp.client-ip=195.135.223.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="OLtaDGjN"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="d9+b2IPt" Received: from imap1.dmz-prg2.suse.org (unknown [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id CB93F20574; Wed, 19 Nov 2025 16:04:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1763568274; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=M9BdymVvhLkShw0GN+D3tGGicMbOvcd4sDJcsdIm9eA=; b=OLtaDGjNtjG2+Yur51NFLzPwnYWky5voKF57lhy1Gjq3ojgYz3QPm0I+Un5Je4U8KDf2XA IftnJuTyEI9JolugVijwSCueh4w2NBdjO/TLXQQQyC13/3LSeLsWt2j4srKEzWt/3C4CqQ Tx0pRgbHi5+DOHL3wCLwe8DSR4Bexvw= Authentication-Results: smtp-out2.suse.de; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1763568273; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=M9BdymVvhLkShw0GN+D3tGGicMbOvcd4sDJcsdIm9eA=; b=d9+b2IPtVsHJD5fGapTHERa60aengxkfrri3vuX+gjJ/GwpBCEv7Ug+YPlyg8HA6KeXAmV mb8IuEqV1DCzRBNxDIL3q6peSx62M6b/A2fynprX5KvgJvmjQAtR3DwJ1SRXbpw2O96YRk vM3E5XE1NmiHnXaAt7QyWwM4jWpcIv4= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 89D4B3EA61; Wed, 19 Nov 2025 16:04:33 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id fqoxIJHqHWl/UgAAD6G6ig (envelope-from ); Wed, 19 Nov 2025 16:04:33 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v4 2/3] x86/alternative: Use helper functions for patching alternatives Date: Wed, 19 Nov 2025 17:04:19 +0100 Message-ID: <20251119160420.22160-3-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251119160420.22160-1-jgross@suse.com> References: <20251119160420.22160-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Spam-Level: X-Spamd-Result: default: False [-6.80 / 50.00]; REPLY(-4.00)[]; BAYES_HAM(-3.00)[100.00%]; NEURAL_HAM_LONG(-1.00)[-1.000]; MID_CONTAINS_FROM(1.00)[]; R_MISSING_CHARSET(0.50)[]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FUZZY_RATELIMITED(0.00)[rspamd.com]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:email,suse.com:mid]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; FROM_EQ_ENVFROM(0.00)[]; TO_DN_SOME(0.00)[]; RCPT_COUNT_SEVEN(0.00)[8]; RCVD_TLS_ALL(0.00)[] X-Spam-Flag: NO X-Spam-Score: -6.80 Content-Type: text/plain; charset="utf-8" Tidy up apply_alternatives() by moving the main patching action of a single alternative instance into 3 helper functions: - analyze_patch_site() for selection whether patching should occur or not and to handle nested alternatives. - prep_patch_site() for applying any needed relocations and issuing debug prints for the site. - patch_site() doing the real patching action, including optimization of any padding NOPs. In prep_patch_site() use __apply_relocation() instead of text_poke_apply_relocation(), as the NOP optimization is now done in patch_site() for all cases. Suggested-by: Borislav Petkov Signed-off-by: Juergen Gross --- V3: - new patch V4: - further split coding in more helpers (Borislav Petkov) --- arch/x86/kernel/alternative.c | 140 +++++++++++++++++++++------------- 1 file changed, 85 insertions(+), 55 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 4f3ea50e41e8..afcc681ff3bd 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -604,6 +604,86 @@ static inline u8 * instr_va(struct alt_instr *i) return (u8 *)&i->instr_offset + i->instr_offset; } =20 +struct patch_site { + u8 *instr; + struct alt_instr *alt; + u8 buff[MAX_PATCH_LEN]; + u8 len; +}; + +static void __init_or_module analyze_patch_site(struct patch_site *ps, + struct alt_instr *p, struct alt_instr *end) +{ + struct alt_instr *r; + + /* + * In case of nested ALTERNATIVE()s the outer alternative might add + * more padding. To ensure consistent patching find the max padding for + * all alt_instr entries for this site (nested alternatives result in + * consecutive entries). + */ + ps->instr =3D instr_va(p); + ps->len =3D p->instrlen; + for (r =3D p+1; r < end && instr_va(r) =3D=3D ps->instr; r++) { + ps->len =3D max(ps->len, r->instrlen); + p->instrlen =3D r->instrlen =3D ps->len; + } + + BUG_ON(ps->len > sizeof(ps->buff)); + BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); + + /* + * Patch if either: + * - feature is present + * - feature not present but ALT_FLAG_NOT is set to mean, + * patch if feature is *NOT* present. + */ + if (!boot_cpu_has(p->cpuid) =3D=3D !(p->flags & ALT_FLAG_NOT)) + ps->alt =3D NULL; + else + ps->alt =3D p; +} + +static void __init_or_module prep_patch_site(struct patch_site *ps) +{ + struct alt_instr *p =3D ps->alt; + u8 buff_sz; + u8 *repl; + + if (!p) { + /* Nothing to patch, use original instruction. */ + memcpy(ps->buff, ps->instr, ps->len); + return; + } + + repl =3D (u8 *)&p->repl_offset + p->repl_offset; + DPRINTK(ALT, "feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len: = %d) flags: 0x%x", + p->cpuid >> 5, p->cpuid & 0x1f, + ps->instr, ps->instr, ps->len, + repl, p->replacementlen, p->flags); + + memcpy(ps->buff, repl, p->replacementlen); + buff_sz =3D p->replacementlen; + + if (p->flags & ALT_FLAG_DIRECT_CALL) + buff_sz =3D alt_replace_call(ps->instr, ps->buff, p); + + for (; buff_sz < ps->len; buff_sz++) + ps->buff[buff_sz] =3D 0x90; + + __apply_relocation(ps->buff, ps->instr, ps->len, repl, p->replacementlen); + + DUMP_BYTES(ALT, ps->instr, ps->len, "%px: old_insn: ", ps->instr); + DUMP_BYTES(ALT, repl, p->replacementlen, "%px: rpl_insn: ", repl); + DUMP_BYTES(ALT, ps->buff, ps->len, "%px: final_insn: ", ps->instr); +} + +static void __init_or_module patch_site(struct patch_site *ps) +{ + optimize_nops(ps->instr, ps->buff, ps->len); + text_poke_early(ps->instr, ps->buff, ps->len); +} + /* * Replace instructions with better alternatives for this CPU type. This r= uns * before SMP is initialized to avoid SMP problems with self modifying cod= e. @@ -617,9 +697,7 @@ static inline u8 * instr_va(struct alt_instr *i) void __init_or_module noinline apply_alternatives(struct alt_instr *start, struct alt_instr *end) { - u8 insn_buff[MAX_PATCH_LEN]; - u8 *instr, *replacement; - struct alt_instr *a, *b; + struct alt_instr *a; =20 DPRINTK(ALT, "alt table %px, -> %px", start, end); =20 @@ -643,59 +721,11 @@ void __init_or_module noinline apply_alternatives(str= uct alt_instr *start, * order. */ for (a =3D start; a < end; a++) { - unsigned int insn_buff_sz =3D 0; - - /* - * In case of nested ALTERNATIVE()s the outer alternative might - * add more padding. To ensure consistent patching find the max - * padding for all alt_instr entries for this site (nested - * alternatives result in consecutive entries). - */ - for (b =3D a+1; b < end && instr_va(b) =3D=3D instr_va(a); b++) { - u8 len =3D max(a->instrlen, b->instrlen); - a->instrlen =3D b->instrlen =3D len; - } - - instr =3D instr_va(a); - replacement =3D (u8 *)&a->repl_offset + a->repl_offset; - BUG_ON(a->instrlen > sizeof(insn_buff)); - BUG_ON(a->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); - - /* - * Patch if either: - * - feature is present - * - feature not present but ALT_FLAG_NOT is set to mean, - * patch if feature is *NOT* present. - */ - if (!boot_cpu_has(a->cpuid) =3D=3D !(a->flags & ALT_FLAG_NOT)) { - memcpy(insn_buff, instr, a->instrlen); - optimize_nops(instr, insn_buff, a->instrlen); - text_poke_early(instr, insn_buff, a->instrlen); - continue; - } - - DPRINTK(ALT, "feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len:= %d) flags: 0x%x", - a->cpuid >> 5, - a->cpuid & 0x1f, - instr, instr, a->instrlen, - replacement, a->replacementlen, a->flags); - - memcpy(insn_buff, replacement, a->replacementlen); - insn_buff_sz =3D a->replacementlen; - - if (a->flags & ALT_FLAG_DIRECT_CALL) - insn_buff_sz =3D alt_replace_call(instr, insn_buff, a); - - for (; insn_buff_sz < a->instrlen; insn_buff_sz++) - insn_buff[insn_buff_sz] =3D 0x90; - - text_poke_apply_relocation(insn_buff, instr, a->instrlen, replacement, a= ->replacementlen); - - DUMP_BYTES(ALT, instr, a->instrlen, "%px: old_insn: ", instr); - DUMP_BYTES(ALT, replacement, a->replacementlen, "%px: rpl_insn: ", rep= lacement); - DUMP_BYTES(ALT, insn_buff, insn_buff_sz, "%px: final_insn: ", instr); + struct patch_site ps; =20 - text_poke_early(instr, insn_buff, insn_buff_sz); + analyze_patch_site(&ps, a, end); + prep_patch_site(&ps); + patch_site(&ps); } =20 kasan_enable_current(); --=20 2.51.0 From nobody Tue Dec 2 02:19:49 2025 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 18B002D59F7 for ; Wed, 19 Nov 2025 16:04:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568284; cv=none; b=VbueOSqVsN3ulUH+IkHcQi/stMvl6PQn77HevPwY21tR/88qYyfKZ/nNU+d/4Cnbo4su6r61BDwOuhmAjI3IDYHFO0Psc+icqiW2P5HubTWcijh4EtJjv+iyyfq1m7HfzEnbozImyaQTLh7JvGvIcDI+i6yFYt64xKwsHWGuD1U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763568284; c=relaxed/simple; bh=VJGybevZvon4o/gmT8Q572FufRSXvmgEF4BEtrRdz18=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Wa/ZIUETurf1NZ1PloyMPUYULLt1Hv6FwQwYMhX9qMkE0mQSzESTVYoigipggKW6DZDV1LCQG5Td/uYayZji9TEVR0umqyi6nLRW8CwhfxFcyAcPlIWaSfTQ6hpZyoMis+eRoQedotwnaXsPq4TybnVq78CnCzrYeL62ZQJ/GYE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; arc=none smtp.client-ip=195.135.223.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 7F57520575; Wed, 19 Nov 2025 16:04:39 +0000 (UTC) Authentication-Results: smtp-out2.suse.de; none Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 3D83E3EA61; Wed, 19 Nov 2025 16:04:39 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id Q2idDZfqHWmTUgAAD6G6ig (envelope-from ); Wed, 19 Nov 2025 16:04:39 +0000 From: Juergen Gross To: linux-kernel@vger.kernel.org, x86@kernel.org Cc: Juergen Gross , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH v4 3/3] x86/alternative: Patch a single alternative location only once Date: Wed, 19 Nov 2025 17:04:20 +0100 Message-ID: <20251119160420.22160-4-jgross@suse.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251119160420.22160-1-jgross@suse.com> References: <20251119160420.22160-1-jgross@suse.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 7F57520575 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Action: no action X-Spam-Flag: NO X-Spam-Score: -4.00 X-Spam-Level: X-Rspamd-Server: rspamd2.dmz-prg2.suse.org X-Spamd-Result: default: False [-4.00 / 50.00]; REPLY(-4.00)[] Content-Type: text/plain; charset="utf-8" Instead of patching a single location potentially multiple times in case of nested ALTERNATIVE()s, do the patching only after having evaluated all alt_instr instances for that location. This has multiple advantages: - In case of replacing an indirect with a direct call using the ALT_FLAG_DIRECT_CALL flag, there is no longer the need to have that instance before any other instances at the same location (the original instruction is needed for finding the target of the direct call). This issue has been hit when trying to do paravirt patching similar to the following: ALTERNATIVE_2(PARAVIRT_CALL, // indirect call instr, feature, // native instruction ALT_CALL_INSTR, X86_FEATURE_XENPV) // Xen function In case "feature" was true, "instr" replaced the indirect call. Under Xen PV the patching to have a direct call failed, as the original indirect call was no longer there to find the call target. - In case of nested ALTERNATIVE()s there is no intermediate replacement visible. This avoids any problems in case e.g. an interrupt is happening between the single instances and the patched location is used during handling the interrupt. Signed-off-by: Juergen Gross --- V2: - complete rework (Boris Petkov) V3: - rebase to added patch 2 --- arch/x86/kernel/alternative.c | 42 +++++++++++++++++------------------ 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index afcc681ff3bd..c1032840df4e 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -611,37 +611,36 @@ struct patch_site { u8 len; }; =20 -static void __init_or_module analyze_patch_site(struct patch_site *ps, - struct alt_instr *p, struct alt_instr *end) +static struct alt_instr * __init_or_module analyze_patch_site( + struct patch_site *ps, struct alt_instr *p, struct alt_instr *end) { - struct alt_instr *r; - /* * In case of nested ALTERNATIVE()s the outer alternative might add * more padding. To ensure consistent patching find the max padding for * all alt_instr entries for this site (nested alternatives result in * consecutive entries). + * Find the last alt_instr eligible for patching at the site. */ ps->instr =3D instr_va(p); - ps->len =3D p->instrlen; - for (r =3D p+1; r < end && instr_va(r) =3D=3D ps->instr; r++) { - ps->len =3D max(ps->len, r->instrlen); - p->instrlen =3D r->instrlen =3D ps->len; + ps->alt =3D NULL; + ps->len =3D 0; + for (; p < end && instr_va(p) =3D=3D ps->instr; p++) { + ps->len =3D max(ps->len, p->instrlen); + + BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); + /* + * Patch if either: + * - feature is present + * - feature not present but ALT_FLAG_NOT is set to mean, + * patch if feature is *NOT* present. + */ + if (!boot_cpu_has(p->cpuid) !=3D !(p->flags & ALT_FLAG_NOT)) + ps->alt =3D p; } =20 BUG_ON(ps->len > sizeof(ps->buff)); - BUG_ON(p->cpuid >=3D (NCAPINTS + NBUGINTS) * 32); =20 - /* - * Patch if either: - * - feature is present - * - feature not present but ALT_FLAG_NOT is set to mean, - * patch if feature is *NOT* present. - */ - if (!boot_cpu_has(p->cpuid) =3D=3D !(p->flags & ALT_FLAG_NOT)) - ps->alt =3D NULL; - else - ps->alt =3D p; + return p; } =20 static void __init_or_module prep_patch_site(struct patch_site *ps) @@ -720,10 +719,11 @@ void __init_or_module noinline apply_alternatives(str= uct alt_instr *start, * So be careful if you want to change the scan order to any other * order. */ - for (a =3D start; a < end; a++) { + a =3D start; + while (a < end) { struct patch_site ps; =20 - analyze_patch_site(&ps, a, end); + a =3D analyze_patch_site(&ps, a, end); prep_patch_site(&ps); patch_site(&ps); } --=20 2.51.0