From patchwork Thu Mar 7 15:10:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Borislav Petkov X-Patchwork-Id: 10843081 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9FA0F922 for ; Thu, 7 Mar 2019 15:10:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DE632F26F for ; Thu, 7 Mar 2019 15:10:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 80DD42F27E; Thu, 7 Mar 2019 15:10:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2DC992F26F for ; Thu, 7 Mar 2019 15:10:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726172AbfCGPKk (ORCPT ); Thu, 7 Mar 2019 10:10:40 -0500 Received: from mail.skyhub.de ([5.9.137.197]:35936 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726159AbfCGPKk (ORCPT ); Thu, 7 Mar 2019 10:10:40 -0500 Received: from zn.tnic (unknown [IPv6:2003:ec:2f08:1c00:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 3062E1EC064E; Thu, 7 Mar 2019 16:10:38 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1551971438; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kdSZyLABXvjmDygL4RnuOnEqI4iIDZt3NsvoEDPNehs=; b=VxevkReCqFwOtl9CNQIPP9gjHkfkPvNXF6zSFMZRSq4+VQyXRKowRR/y94+03BL2OMZmB0 JQQG//BggqJOuKLDfIrnnXfUrkBg3eVnqigcbNhNnCeNbO6HYPrevRnsTSodztTdEEAayD MGAXCsKnyh7965zUMAu/+Ts/W3nsU8E= Date: Thu, 7 Mar 2019 16:10:36 +0100 From: Borislav Petkov To: Nadav Amit Cc: Rick Edgecombe , Andy Lutomirski , Ingo Molnar , LKML , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Dave Hansen , Peter Zijlstra , Damian Tometzki , linux-integrity , LSM List , Andrew Morton , Kernel Hardening , Linux-MM , Will Deacon , Ard Biesheuvel , Kristen Carlson Accardi , "Dock, Deneen T" , Kees Cook , Dave Hansen , Masami Hiramatsu Subject: [PATCH] x86/cpufeature: Remove __pure attribute to _static_cpu_has() Message-ID: <20190307151036.GD26566@zn.tnic> References: <20190129003422.9328-1-rick.p.edgecombe@intel.com> <20190129003422.9328-11-rick.p.edgecombe@intel.com> <20190211182956.GN19618@zn.tnic> <1533F2BB-2284-499B-9912-6D74D0B87BC1@gmail.com> <20190211190108.GP19618@zn.tnic> <20190211191059.GR19618@zn.tnic> <3996E3F9-92D2-4561-84E9-68B43AC60F43@gmail.com> <20190211194251.GS19618@zn.tnic> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP On Mon, Feb 11, 2019 at 12:32:41PM -0800, Nadav Amit wrote: > BTW: the “__pure” attribute is useless when “__always_inline” is used. > Unless it is intended to be some sort of comment, of course. --- From: Borislav Petkov Date: Thu, 7 Mar 2019 15:54:51 +0100 __pure is used to make gcc do Common Subexpression Elimination (CSE) and thus save subsequent invocations of a function which does a complex computation (without side effects). As a simple example: bool a = _static_cpu_has(x); bool b = _static_cpu_has(x); gets turned into bool a = _static_cpu_has(x); bool b = a; However, gcc doesn't do CSE with asm()s when those get inlined - like it is done with _static_cpu_has() - because, for example, the t_yes/t_no labels are different for each inlined function body and thus cannot be detected as equivalent anymore for the CSE heuristic to hit. However, this all is beside the point because best it should be avoided to have more than one call to _static_cpu_has(X) in the same function due to the fact that each such call is an alternatives patch site and it is simply pointless. Therefore, drop the __pure attribute as it is not doing anything. Reported-by: Nadav Amit Signed-off-by: Borislav Petkov Cc: Peter Zijlstra Cc: x86@kernel.org --- arch/x86/include/asm/cpufeature.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h index e25d11ad7a88..6d6d5cc4302b 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -162,7 +162,7 @@ extern void clear_cpu_cap(struct cpuinfo_x86 *c, unsigned int bit); * majority of cases and you should stick to using it as it is generally * only two instructions: a RIP-relative MOV and a TEST. */ -static __always_inline __pure bool _static_cpu_has(u16 bit) +static __always_inline bool _static_cpu_has(u16 bit) { asm_volatile_goto("1: jmp 6f\n" "2:\n"