[PATCH v3 2/9] ARM: tlbflush: Make TLB flushes into static inlines
Sami Tolvanen
samitolvanen at google.com
Mon Mar 11 08:34:43 PDT 2024
On Mon, Mar 11, 2024 at 3:04 AM Ard Biesheuvel <ardb at kernel.org> wrote:
>
> On Mon, 11 Mar 2024 at 10:39, Russell King (Oracle)
> <linux at armlinux.org.uk> wrote:
> >
> > On Mon, Mar 11, 2024 at 10:15:39AM +0100, Linus Walleij wrote:
> > > Instead of just using defines to define the TLB flush functions,
> > > use static inlines.
> > >
> > > This has the upside that we can tag those as __nocfi so we can
> > > execute a CFI-enabled kernel.
> >
> > Why? This seems to be brain dead.
> >
> > Why can't CLANG cope with directly calling e.g.
> > cpu_tlb.flush_user_range? Why does it need a static function to do
> > exactly the same as the macro does?
> >
>
> I had the same question, so I played around a bit with the code.
>
> What I think would be better is if we could add the __nocfi annotation
> to the type, i.e.,
>
> --- a/arch/arm/include/asm/tlbflush.h
> +++ b/arch/arm/include/asm/tlbflush.h
> @@ -205,8 +205,8 @@
> #include <linux/sched.h>
>
> struct cpu_tlb_fns {
> - void (*flush_user_range)(unsigned long, unsigned long, ...);
> - void (*flush_kern_range)(unsigned long, unsigned long);
> + void (__nocfi *flush_user_range)(unsigned long, unsigned long, ...);
> + void (__nocfi *flush_kern_range)(unsigned long, unsigned long);
> unsigned long tlb_flags;
> };
>
> This works for some function attributes (e.g., __efiapi is used like
> this), but the attribute specifier to which __nocfi resolves does not
> appear to be usable in the same manner.
>
> Best would be to annotate the asm code using
> SYM_TYPED_FUNC_START/_END, so that the CFI machinery is invoked at the
> call site to validate the function type of the destination.
Agreed, ideally we would annotate indirectly called assembly functions
with CFI types and avoid __nocfi wrappers.
Sami
More information about the linux-arm-kernel
mailing list