Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752801AbbGRO4m (ORCPT <rfc822;w@1wt.eu>);
	Sat, 18 Jul 2015 10:56:42 -0400
Received: from mail.skyhub.de ([78.46.96.112]:44130 "EHLO mail.skyhub.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751401AbbGRO4j (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Sat, 18 Jul 2015 10:56:39 -0400
Date: Sat, 18 Jul 2015 16:56:29 +0200
From: Borislav Petkov <bp@alien8.de>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Michal Marek <mmarek@suse.cz>,
        Peter Zijlstra <peterz@infradead.org>,
        Andy Lutomirski <luto@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andi Kleen <andi@firstfloor.org>, Pedro Alves <palves@redhat.com>,
        x86@kernel.org, live-patching@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH 04/21] x86/hweight: Add stack frame dependency for
 __arch_hweight*()
Message-ID: <20150718145629.GB30713@nazgul.tnic>
References: <cover.1437150175.git.jpoimboe@redhat.com>
 <0d8517b7ab757e00a13b3abe2b677d9eb23362be.1437150175.git.jpoimboe@redhat.com>
 <20150717171726.GA21568@nazgul.tnic>
 <20150717173220.GA12761@treble.redhat.com>
 <20150718050536.GA23478@nazgul.tnic>
 <20150718134415.GA24587@treble.redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20150718134415.GA24587@treble.redhat.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2944
Lines: 82

On Sat, Jul 18, 2015 at 08:44:15AM -0500, Josh Poimboeuf wrote:
> Ok, so would you rather adding a whitelist to tell stackvalidate to
> ignore it?  Something like this?

I tried it and maybe I'm missing something but that doesn't work:

$ make drivers/gpu/drm/i915/intel_ringbuffer.o
  CHK     include/config/kernel.release
  CHK     include/generated/uapi/linux/version.h
  CHK     include/generated/utsrelease.h
  CHK     include/generated/timeconst.h
  CHK     include/generated/bounds.h
  CHK     include/generated/asm-offsets.h
  CALL    scripts/checksyscalls.sh
  CC      drivers/gpu/drm/i915/intel_ringbuffer.o
./arch/x86/include/asm/arch_hweight.h: Assembler messages:
./arch/x86/include/asm/arch_hweight.h:31: Error: symbol `.Ltemp32' is already defined
./arch/x86/include/asm/arch_hweight.h:31: Error: symbol `.Ltemp32' is already defined
./arch/x86/include/asm/arch_hweight.h:31: Error: symbol `.Ltemp32' is already defined
scripts/Makefile.build:258: recipe for target 'drivers/gpu/drm/i915/intel_ringbuffer.o' failed
make[1]: *** [drivers/gpu/drm/i915/intel_ringbuffer.o] Error 1
Makefile:1528: recipe for target 'drivers/gpu/drm/i915/intel_ringbuffer.o' failed
make: *** [drivers/gpu/drm/i915/intel_ringbuffer.o] Error 2

Also, that label temp32 could be more descriptive.

Regardless of the above, I don't like the idea of adding some
compile-time checking and thus obfuscating what is already non-obvious
code.

And since your tool is already parsing ELF files and all that other fun,
what I'd do is make that checking out-of-line *without* adding any new
code to the kernel.

In this particular case, you have:

#APP
# 28 "./arch/x86/include/asm/arch_hweight.h" 1
        661:
        call __sw_hweight32
662:
.skip -(((6651f-6641f)-(662b-661b)) > 0) * ((6651f-6641f)-(662b-661b)),0x90
663:
.pushsection .altinstructions,"a"
 .long 661b - .
 .long 6641f - .
 .word ( 4*32+23)
 .byte 663b-661b
 .byte 6651f-6641f
 .byte 663b-662b
.popsection
.pushsection .altinstr_replacement, "ax"
6641:
        .byte 0xf3,0x40,0x0f,0xb8,0xc7
6651:
        .popsection
# 0 "" 2

so you see that a CALL instruction gets replaced with a POPCNT and
the feature bit used is 4*32+23 which is X86_FEATURE_POPCNT. This
information is enough to detect that particular case and add the offset
".long 661b - ." to the list of instructions which stackvalidate should
ignore.

Anyway, this is what I'd do.

IMNSVHO, we must be very conservative and not add some
markers/helpers/etc to code only so that tools can do their job. Not if
it can be helped. Instead, tools should do the hard work and we should
keep kernel code clean.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/