| Message ID | 20241208204708.3742696-1-ubizjak@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Enable strict percpu address space checks | expand |
Hi Uros, On Sun, Dec 08, 2024 at 09:45:15PM +0100, Uros Bizjak wrote: > Enable strict percpu address space checks via x86 named address space > qualifiers. Percpu variables are declared in __seg_gs/__seg_fs named > AS and kept named AS qualified until they are dereferenced via percpu > accessor. This approach enables various compiler checks for > cross-namespace variable assignments. > > Please note that current version of sparse doesn't know anything about > __typeof_unqual__() operator. Avoid the usage of __typeof_unqual__() > when sparse checking is active to prevent sparse errors with unknowing > keyword. The proposed patch by Dan Carpenter to implement > __typeof_unqual__() handling in sparse is located at: > > https://lore.kernel.org/lkml/5b8d0dee-8fb6-45af-ba6c-7f74aff9a4b8@stanley.mountain/ > > v2: - Add comment to remove test for __CHECKER__ once sparse learns > about __typeof_unqual__. > - Add Acked-by: tags. > v3: - Rename __per_cpu_qual to __percpu_qual. > - Add more Acked-by: tags. > > Cc: Thomas Gleixner <tglx@linutronix.de> > Cc: Dennis Zhou <dennis@kernel.org> > Cc: Tejun Heo <tj@kernel.org> > Cc: Christoph Lameter <cl@linux.com> > Cc: Linus Torvalds <torvalds@linux-foundation.org> > Cc: Andy Lutomirski <luto@kernel.org> > Cc: Ingo Molnar <mingo@kernel.org> > Cc: Nadav Amit <nadav.amit@gmail.com> > Cc: Brian Gerst <brgerst@gmail.com> > Cc: Dan Carpenter <dan.carpenter@linaro.org> > Cc: H. Peter Anvin <hpa@zytor.com> > Cc: Peter Zijlstra <peterz@infradead.org> > > Uros Bizjak (6): > x86/kgdb: Use IS_ERR_PCPU() macro > compiler.h: Introduce TYPEOF_UNQUAL() macro > percpu: Use TYPEOF_UNQUAL() in variable declarations > percpu: Use TYPEOF_UNQUAL() in *_cpu_ptr() accessors > percpu: Repurpose __percpu tag as a named address space qualifier > percpu/x86: Enable strict percpu checks via named AS qualifiers > > arch/x86/include/asm/percpu.h | 38 ++++++++++++++++++++++++--------- > arch/x86/kernel/kgdb.c | 2 +- > fs/bcachefs/util.h | 2 +- > include/asm-generic/percpu.h | 39 ++++++++++++++++++++++------------ > include/linux/compiler.h | 13 ++++++++++++ > include/linux/compiler_types.h | 2 +- > include/linux/part_stat.h | 2 +- > include/linux/percpu-defs.h | 6 +++--- > include/net/snmp.h | 5 ++--- > init/Kconfig | 3 +++ > kernel/locking/percpu-rwsem.c | 2 +- > net/mpls/internal.h | 4 ++-- > 12 files changed, 82 insertions(+), 36 deletions(-) > > -- > 2.42.0 > This all looks good to me. Acked-by: Dennis Zhou <dennis@kernel.org> Thanks, Dennis
On Sun, 8 Dec 2024 21:45:15 +0100 Uros Bizjak <ubizjak@gmail.com> wrote: > Enable strict percpu address space checks via x86 named address space > qualifiers. Percpu variables are declared in __seg_gs/__seg_fs named > AS and kept named AS qualified until they are dereferenced via percpu > accessor. This approach enables various compiler checks for > cross-namespace variable assignments. > > Please note that current version of sparse doesn't know anything about > __typeof_unqual__() operator. Avoid the usage of __typeof_unqual__() > when sparse checking is active to prevent sparse errors with unknowing > keyword. The proposed patch by Dan Carpenter to implement > __typeof_unqual__() handling in sparse is located at: google("what the hell is typeof_unequal") failed me. I think it would be nice to include within the changelog (and code comments!) an explanation-for-others of what this thing is and why anyone would want to use it. Rather than assuming that all kernel developers are typeof() experts!
On Fri, Dec 13, 2024 at 4:35 AM Andrew Morton <akpm@linux-foundation.org> wrote: > > On Sun, 8 Dec 2024 21:45:15 +0100 Uros Bizjak <ubizjak@gmail.com> wrote: > > > Enable strict percpu address space checks via x86 named address space > > qualifiers. Percpu variables are declared in __seg_gs/__seg_fs named > > AS and kept named AS qualified until they are dereferenced via percpu > > accessor. This approach enables various compiler checks for > > cross-namespace variable assignments. > > > > Please note that current version of sparse doesn't know anything about > > __typeof_unqual__() operator. Avoid the usage of __typeof_unqual__() > > when sparse checking is active to prevent sparse errors with unknowing > > keyword. The proposed patch by Dan Carpenter to implement > > __typeof_unqual__() handling in sparse is located at: > > google("what the hell is typeof_unequal") failed me. It is not "typeof_unequal", but "typeof_unqual", as in "unqualified". Apparently, google does not like expletives, googling for "What is typeof_unqual?" returns some very informative hits, e.g.: https://en.cppreference.com/w/c/keyword/typeof_unqual https://learn.microsoft.com/en-us/cpp/c-language/typeof-unqual-c?view=msvc-170 https://gcc.gnu.org/onlinedocs/gcc/Typeof.html https://dev.to/pauljlucas/typeof-in-c23-55p2 > I think it would be nice to include within the changelog (and code > comments!) an explanation-for-others of what this thing is and why > anyone would want to use it. Rather than assuming that all kernel > developers are typeof() experts! The comment above definition of TYPEOF_UNQUAL in [PATCH 2/6] summarises the above as: + * Define TYPEOF_UNQUAL() to use __typeof_unqual__() as typeof + * operator when available, to return unqualified type of the exp. which is basically what the standard says in its reference document. Thanks, Uros.
On Thu, Dec 12, 2024 at 07:35:41PM -0800, Andrew Morton wrote: > On Sun, 8 Dec 2024 21:45:15 +0100 Uros Bizjak <ubizjak@gmail.com> wrote: > > > Enable strict percpu address space checks via x86 named address space > > qualifiers. Percpu variables are declared in __seg_gs/__seg_fs named > > AS and kept named AS qualified until they are dereferenced via percpu > > accessor. This approach enables various compiler checks for > > cross-namespace variable assignments. > > > > Please note that current version of sparse doesn't know anything about > > __typeof_unqual__() operator. Avoid the usage of __typeof_unqual__() > > when sparse checking is active to prevent sparse errors with unknowing > > keyword. The proposed patch by Dan Carpenter to implement > > __typeof_unqual__() handling in sparse is located at: > > google("what the hell is typeof_unequal") failed me. I'm glad I'm not the only person who read that as "equal" instead of "qualified". regards, dan carpenter
Enable strict percpu address space checks via x86 named address space qualifiers. Percpu variables are declared in __seg_gs/__seg_fs named AS and kept named AS qualified until they are dereferenced via percpu accessor. This approach enables various compiler checks for cross-namespace variable assignments. Please note that current version of sparse doesn't know anything about __typeof_unqual__() operator. Avoid the usage of __typeof_unqual__() when sparse checking is active to prevent sparse errors with unknowing keyword. The proposed patch by Dan Carpenter to implement __typeof_unqual__() handling in sparse is located at: https://lore.kernel.org/lkml/5b8d0dee-8fb6-45af-ba6c-7f74aff9a4b8@stanley.mountain/ v2: - Add comment to remove test for __CHECKER__ once sparse learns about __typeof_unqual__. - Add Acked-by: tags. v3: - Rename __per_cpu_qual to __percpu_qual. - Add more Acked-by: tags. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Dennis Zhou <dennis@kernel.org> Cc: Tejun Heo <tj@kernel.org> Cc: Christoph Lameter <cl@linux.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Ingo Molnar <mingo@kernel.org> Cc: Nadav Amit <nadav.amit@gmail.com> Cc: Brian Gerst <brgerst@gmail.com> Cc: Dan Carpenter <dan.carpenter@linaro.org> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Peter Zijlstra <peterz@infradead.org> Uros Bizjak (6): x86/kgdb: Use IS_ERR_PCPU() macro compiler.h: Introduce TYPEOF_UNQUAL() macro percpu: Use TYPEOF_UNQUAL() in variable declarations percpu: Use TYPEOF_UNQUAL() in *_cpu_ptr() accessors percpu: Repurpose __percpu tag as a named address space qualifier percpu/x86: Enable strict percpu checks via named AS qualifiers arch/x86/include/asm/percpu.h | 38 ++++++++++++++++++++++++--------- arch/x86/kernel/kgdb.c | 2 +- fs/bcachefs/util.h | 2 +- include/asm-generic/percpu.h | 39 ++++++++++++++++++++++------------ include/linux/compiler.h | 13 ++++++++++++ include/linux/compiler_types.h | 2 +- include/linux/part_stat.h | 2 +- include/linux/percpu-defs.h | 6 +++--- include/net/snmp.h | 5 ++--- init/Kconfig | 3 +++ kernel/locking/percpu-rwsem.c | 2 +- net/mpls/internal.h | 4 ++-- 12 files changed, 82 insertions(+), 36 deletions(-)