Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp940051imu; Mon, 5 Nov 2018 11:06:16 -0800 (PST) X-Google-Smtp-Source: AJdET5c5jjZ46boFM5vhoItFxtrFPg9mIzkZkzHuIqMOz1FeCXFGCD2NM4b0GveJGq7MB1avTTV2 X-Received: by 2002:a62:1954:: with SMTP id 81-v6mr23179225pfz.237.1541444776705; Mon, 05 Nov 2018 11:06:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541444776; cv=none; d=google.com; s=arc-20160816; b=EheYppBmEtTA2ycYIzezxebrTC8xuTdVuhcDwVvcDdgtiK0DLOWfWG2wWKfzjc/DeW kBrds9jLWiBPuCSD1oPvX0pfRgmfSUJAxmuKaPoeDjja9kFv1Ea7mHIL8Ff0Gcu2LD9V fFohMTNnaPasl/cUDNesiys1Yn8/Cv+X0psdqJ9ZzUnsaW8euQ8JXCZYW0hGFnZVNW+C tBm1sehWZb3kvpI35wEOZOScGu2MGEjJio8wPKUiVmDKpGZS1vqSTg8hLLK+c9nTPZeG jgjTEIfZerfHHpYsIt92JxU2+1iKnoKbxOpqFjf3fiGcvuyQCh1yIuj1IdO2wNcQI5XJ OtdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=3L+klrtbwofXFKDqMB/m9WRLyeJc0wgENHDApiDsb24=; b=HLG0cqrmeq52geORQu9laFh+Y2lofLOIs5SwKUmW9sgjNsJjRXH6WVL8DZTyw3lDm/ 8DvcSZIU3gtNvkaObRr9jtoT+8/U598fG6PkmUKwRqO2y+TmQst4UTHnpaw60XEg+AEl 590M2IKXQpddbsmpD/4FcaCqmcCuVEpvdGBIxuMQ6vc6fnIe/ZwBQ4ZNBtRKaHSpvqnz xfAzDLhZ4yqhKYrZfOEhKmFXsLGz+ZTm+ZYi2Fnrij3cwz5z3lgmt5UNPEsXR1tqjXLG l5G2FWlGxmTiQkjdZYRqKEe3UXxwzTDllYQ0KugTAbjM0rgtZlG+YvnKu1NTUnk2On7q XtHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b="BNcw/Kfa"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f190-v6si48897150pfb.174.2018.11.05.11.06.01; Mon, 05 Nov 2018 11:06:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b="BNcw/Kfa"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387890AbeKFEY4 (ORCPT + 99 others); Mon, 5 Nov 2018 23:24:56 -0500 Received: from mail-pl1-f195.google.com ([209.85.214.195]:36867 "EHLO mail-pl1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387467AbeKFEYz (ORCPT ); Mon, 5 Nov 2018 23:24:55 -0500 Received: by mail-pl1-f195.google.com with SMTP id p6-v6so4897981pll.4 for ; Mon, 05 Nov 2018 11:03:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=3L+klrtbwofXFKDqMB/m9WRLyeJc0wgENHDApiDsb24=; b=BNcw/KfaxkXfuEI4xEZ8NK9515h5GvkkQ4kQBbWaE+l+BcK3m1msXkQ1kM6UI8sf0F 4eCcbpO/6Cl5J7wXP/bSX9bdivgbNkEezkoe+QlsZVX1FeBJEmuWACJRPS1tDT7LmGYF 30ho7h/JvK3/ZHlr7vmnaQuzNo0h+elB7ZXO6xtRQS1Gf4X8d1hQ4hxYtOhZFEOOZwNk FJ9rP5iJIvycXp0/LRxCwuQpdcYfJ6BCxi7WUKAxZ1ZNEIMR+0EMDcGCdpv6IZ3m+MSO +7S6C6okWYoUjQoijaJ/8eblqVDKbjVY6JDEJzp+aw/o5e6KNLszpbOJukPFWG0+llBl UNSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=3L+klrtbwofXFKDqMB/m9WRLyeJc0wgENHDApiDsb24=; b=At1sFe8wXkFB2ktlcoAJP+z316Bui3Lvdmjw1Dcd9Yw0Iwr3tQM9I9hDeQxzR5MBa1 aRtuePYIRP6VfiPVUJXEgXmDijeRjhzVimqoHlB2b+VBDp8VOLBL8epQZqQVMfO4xI5L dYY/IyLsjXWAaUMbTs5TW9GRA76AMnWNvvrT7v0xsws+RFYuexqrGdO7j9rlWDO3MlZh tJ4J5Rxz1aedVPGCV+aM9y8JWpMJSXXrltrRWhd2ghT7/PFHWzDQchXZFf5V3jY1AUIU /o2VQNJOvyOKVIxQkjmdujPu/hxoD5t79q/knc8Zok2kZF1whOEEYW7l66hkNvtm5jVg G1IQ== X-Gm-Message-State: AGRZ1gLBF6xrwL2MxKKWnyTVZahzi6t232Cp3LetpyUAjA4upIf5YWC9 KLJXgJODaKA72dZNotrKCbaXcA== X-Received: by 2002:a17:902:343:: with SMTP id 61-v6mr22455625pld.327.1541444631706; Mon, 05 Nov 2018 11:03:51 -0800 (PST) Received: from ?IPv6:2601:646:c200:7429:6d4e:7049:df8c:67df? ([2601:646:c200:7429:6d4e:7049:df8c:67df]) by smtp.gmail.com with ESMTPSA id o70-v6sm14912620pfo.86.2018.11.05.11.03.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Nov 2018 11:03:50 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: [PATCH v3 2/7] x86/jump_label: Use text_poke_early() during early_init From: Andy Lutomirski X-Mailer: iPhone Mail (16A404) In-Reply-To: <4D260352-A9FF-47F2-B3B2-0A87DF16CB70@vmware.com> Date: Mon, 5 Nov 2018 11:03:49 -0800 Cc: Peter Zijlstra , Ingo Molnar , LKML , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Borislav Petkov , Dave Hansen , Andy Lutomirski , Kees Cook , Dave Hansen , Masami Hiramatsu Content-Transfer-Encoding: quoted-printable Message-Id: References: <20181102232946.98461-1-namit@vmware.com> <20181102232946.98461-3-namit@vmware.com> <20181105140925.GD22467@hirez.programming.kicks-ass.net> <4D260352-A9FF-47F2-B3B2-0A87DF16CB70@vmware.com> To: Nadav Amit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Nov 5, 2018, at 9:49 AM, Nadav Amit wrote: >=20 > From: Andy Lutomirski > Sent: November 5, 2018 at 5:22:32 PM GMT >> To: Peter Zijlstra >> Cc: Nadav Amit , Ingo Molnar , linux-= kernel@vger.kernel.org, x86@kernel.org, H. Peter Anvin , Thom= as Gleixner , Borislav Petkov , Dave Hanse= n , Andy Lutomirski , Kees Coo= k , Dave Hansen , Masami Hiram= atsu >> Subject: Re: [PATCH v3 2/7] x86/jump_label: Use text_poke_early() during e= arly_init >>=20 >>=20 >>=20 >>>> On Nov 5, 2018, at 6:09 AM, Peter Zijlstra wrote= : >>>>=20 >>>> On Fri, Nov 02, 2018 at 04:29:41PM -0700, Nadav Amit wrote: >>>> diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.= c >>>> index aac0c1f7e354..367c1d0c20a3 100644 >>>> --- a/arch/x86/kernel/jump_label.c >>>> +++ b/arch/x86/kernel/jump_label.c >>>> @@ -52,7 +52,13 @@ static void __ref __jump_label_transform(struct jump= _entry *entry, >>>> jmp.offset =3D jump_entry_target(entry) - >>>> (jump_entry_code(entry) + JUMP_LABEL_NOP_SIZE); >>>>=20 >>>> - if (early_boot_irqs_disabled) >>>> + /* >>>> + * As long as we are in early boot, we can use text_poke_early(), w= hich >>>> + * is more efficient: the memory was still not marked as read-only= (it >>>> + * is only marked after poking_init()). This also prevents us from= using >>>> + * text_poke() before poking_init() is called. >>>> + */ >>>> + if (!early_boot_done) >>>> poker =3D text_poke_early; >>>>=20 >>>> if (type =3D=3D JUMP_LABEL_JMP) { >>>=20 >>> It took me a while to untangle init/maze^H^Hin.c... but I think this >>> is all we need: >>>=20 >>> diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c= >>> index aac0c1f7e354..ed5fe274a7d8 100644 >>> --- a/arch/x86/kernel/jump_label.c >>> +++ b/arch/x86/kernel/jump_label.c >>> @@ -52,7 +52,12 @@ static void __ref __jump_label_transform(struct jump_= entry *entry, >>> jmp.offset =3D jump_entry_target(entry) - >>> (jump_entry_code(entry) + JUMP_LABEL_NOP_SIZE); >>>=20 >>> - if (early_boot_irqs_disabled) >>> + /* >>> + * As long as we're UP and not yet marked RO, we can use >>> + * text_poke_early; SYSTEM_BOOTING guarantees both, as we switch to= >>> + * SYSTEM_SCHEDULING before going either. >>> + */ >>> + if (system_state =3D=3D SYSTEM_BOOTING) >>> poker =3D text_poke_early; >>>=20 >>> if (type =3D=3D JUMP_LABEL_JMP) { >>=20 >> Can we move this logic into text_poke() and get rid of text_poke_early()?= >=20 > This will negatively affect poking of modules doing module loading, e.g., > apply_paravirt(). This can be resolved by keeping track when the module is= > write-protected and giving a module parameter to text_poke(). Does it wort= h > the complexity? Probably not. OTOH, why does alternative patching need text_poke() at all? Can=E2=80=99t i= t just write to the text? >=20 >> FWIW, alternative patching was, at some point, a significant fraction of >> total boot time in some cases. This was probably mostly due to unnecessar= y >> sync_core() calls. Although I think this was reported on a VM, and >> sync_core() used to be *extremely* expensive on a VM, but that=E2=80=99s f= ixed >> now, and it even got backported, I think. >>=20 >> (Hmm. Maybe we can also make jump label patching work in early boot, too!= ) >=20 > It may be possible to resolve the dependencies between poking_init() and t= he > other *_init(). I first considered doing that, yet, it makes the code very= > fragile, and I don=E2=80=99t see the value in getting rid of text_poke_ear= ly() from > security or simplicity point of views. Let me know if you think otherwise.= >=20 > Regards, > Nadav