[PATCH 0/9] arm64: alternatives: improvements
Mark Rutland
mark.rutland at arm.com
Thu Sep 1 08:13:54 PDT 2022
This series reworks the arm64 alternatives code. The major aim is to
make the patching code more consistent and robust, and as a benefit we
can also make the kernel Image smaller.
Largely, the series makes two structural changes:
1) Replacing cpucap static branches with equivalent alternatives.
This helps with a number of existing pain points:
* Each static branch has metadata in the __jump_table section, which
is not discarded after features are finalized. This wastes some
space, and slows down the patching of other static branches.
* The static branches are patched at a different point in time from
the alternatives, so changes are not atomic. This leaves a
transient period where there could be a mismatch between the
behaviour of alternatives and static branches, which could be
problematic for some features (e.g. pseudo-NMI).
* More (instrumentable) kernel code is executed to patch each static
branch, which can be risky when patching certain features (e.g.
irqflags management for pseudo-NMI).
* When CONFIG_JUMP_LABEL=n, static branches are turned into a load of
a flag and a conditional branch. This means it isn't safe to use
such static branches in an alternative address space (e.g. the
NVHE/PKVM hyp code), where the generated address isn't safe to
acccess.
Note that all supported toolchains have asm goto support, and since
commit:
a0a12c3ed057af57 ("asm goto: eradicate CC_HAS_ASM_GOTO)"
... the CC_HAS_ASM_GOTO Kconfig symbol has been removed, so no
feature check is necessary, and we can always make use of asm goto.
2) Associating callback alternatives with a cpucap.
This removes the need to special-case alternatives with callbacks,
making it clearer when the callbacks will be invoked, and making it
possible to add boot-time callbacks in future.
This also makes it possible to add shared callbacks for common
operations (e.g. where the replacement consists purely of NOPs),
saving space.
With this series applied, the resulting vmlinux is ~364KiB smaller, and
the resulting Image is 64KiB smaller (due to padding and alignment):
| % ls -al vmlinux-*
| -rwxr-xr-x 1 mark mark 134644592 Sep 1 15:25 vmlinux-after
| -rwxr-xr-x 1 mark mark 135018072 Sep 1 15:23 vmlinux-v6.0-rc3
| % ls -al Image-*
| -rw-r--r-- 1 mark mark 37108224 Sep 1 15:25 Image-after
| -rw-r--r-- 1 mark mark 37173760 Sep 1 15:23 Image-v6.0-rc3
As identified in the trailing "HACK" patch, there are further changes
that could be made in future.
Note: this patch does *NOT* address latent issues with noinstr safety in
the existing alternatives callbacks, which will be addressed in a
separate patch series.
Mark.
Mark Rutland (9):
arm64: cpufeature: make cpus_have_cap() noinstr-safe
arm64: alternatives: kvm: prepare for cap changes
arm64: alternatives: proton-pack: prepare for cap changes
arm64: alternatives: hoist print out of __apply_alternatives()
arm64: alternatives: make alt_region const
arm64: alternatives: have callbacks take a cap
arm64: alternatives: add alternative_has_feature_*()
arm64: alternatives: add shared NOP callback
HACK: arm64: alternatives: dump summary of alternatives
arch/arm64/include/asm/alternative-macros.h | 59 ++++++++-
arch/arm64/include/asm/assembler.h | 10 +-
arch/arm64/include/asm/cpufeature.h | 15 +--
arch/arm64/include/asm/kvm_mmu.h | 5 +-
arch/arm64/include/asm/lse.h | 5 +-
arch/arm64/kernel/alternative.c | 135 +++++++++++++++-----
arch/arm64/kernel/cpufeature.c | 44 +++----
arch/arm64/kernel/entry.S | 8 +-
arch/arm64/kernel/image-vars.h | 5 +-
arch/arm64/kernel/proton-pack.c | 2 +-
arch/arm64/kvm/hyp/hyp-entry.S | 4 +-
arch/arm64/kvm/va_layout.c | 5 +-
arch/arm64/tools/cpucaps | 2 +
13 files changed, 204 insertions(+), 95 deletions(-)
--
2.30.2
More information about the linux-arm-kernel
mailing list