From: Ingo Molnar <mingo@kernel.org>
To: Andi Kleen <ak@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Mike Galbraith <bitbucket@online.de>,
Thomas Gleixner <tglx@linutronix.de>,
Arjan van de Ven <arjan@linux.intel.com>,
Frederic Weisbecker <fweisbec@gmail.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>
Subject: Re: [PATCH 01/11] x86: Use asm goto to implement better modify_and_test() functions
Date: Thu, 19 Sep 2013 11:39:54 +0200 [thread overview]
Message-ID: <20130919093954.GD14112@gmail.com> (raw)
In-Reply-To: <20130919083102.GB11427@tassilo.jf.intel.com>
* Andi Kleen <ak@linux.intel.com> wrote:
> On Wed, Sep 18, 2013 at 02:02:37PM -0500, H. Peter Anvin wrote:
>
> > Yes, a bit sad. We allow bracketing with the get/put_user_try/catch
> > blocks, but that is x86-specific. I don't think a generic option is
> > possible without compiler support, but it might be possible to do
> > better than we do know.
>
> Letting the compiler do it is a bit risky, because it may open it up for
> really large blocks, thus defeating the security advantages.
Yeah, the compiler could cover other pointer dereferences in the put_user
block and that won't result in any visible breakage, so it's difficult to
prevent the compiler doing it accidentally or even intentionally.
Then again the many repeated STAC/CLAC sequences are really not nice.
So maybe we could add some macro magic to generate better assembly here -
if we coded up a __put_user_2field() primitive then we could already
optimize the filldir() case:
before:
if (__put_user(d_ino, &dirent->d_ino))
goto efault;
if (__put_user(reclen, &dirent->d_reclen))
goto efault;
if (copy_to_user(dirent->d_name, name, namlen))
goto efault;
if (__put_user(0, dirent->d_name + namlen))
goto efault;
if (__put_user(d_type, (char __user *) dirent + reclen - 1))
goto efault;
after:
if (__put_user_2field(d_ino, &dirent->d_ino, reclen, &dirent->d_reclen))
goto efault;
if (copy_to_user(dirent->d_name, name, namlen))
goto efault;
if (__put_user_2field(0, dirent->d_name + namlen, d_type, (char __user *) dirent + reclen - 1)))
goto efault;
That cuts down the inlined STAC/CLAC pairs from 4 to 2.
__put_user_2field() would be some truly disgusting (but hidden from most
people) macro and assembly magic.
We could also add __put_user_4field() and slightly reorder filldir():
if (__put_user_4field( d_ino, &dirent->d_ino,
reclen, &dirent->d_reclen,
0, dirent->d_name + namlen,
d_type, (char __user *) dirent + reclen - 1)))
goto efault;
if (copy_to_user(dirent->d_name, name, namlen))
goto efault;
That would reduce the inlined STAC/CLAC pairs to a minimal 1 (only one of
which would be visible in the filldir() disassembly).
In theory we could do something generic:
if (__put_user_fields( 4,
d_ino, &dirent->d_ino,
reclen, &dirent->d_reclen,
0, dirent->d_name + namlen,
d_type, (char __user *)dirent + reclen-1 ))
goto efault;
if (copy_to_user(dirent->d_name, name, namlen))
goto efault;
and implement it up to 4 or so. It will be some truly disgusting lowlevel
code (especially due to the size variations which could make it explode
combinatorically), with some generic header fallback that utilizes
existing put_user primitives.
But it's solvable IMO, if we want to solve it. On the high level it's also
more readable in a fashion and hence perhaps a bit less fragile than our
usual __put_user() patterns.
Btw., while at it we could also maybe fix the assignment ordering and use
copy_to_user() naming:
if (__copy_to_user_fields(4,
&dirent->d_ino, d_ino,
&dirent->d_reclen, reclen,
dirent->d_name + namlen, 0,
(char __user *)dirent + reclen-1, d_type ))
goto efault;
if (copy_to_user(dirent->d_name, name, namlen))
goto efault;
That would make it even more readable.
(Thinking about the macro tricks needed for something like this gave me a
bad headache though.)
Thanks,
Ingo
next prev parent reply other threads:[~2013-09-19 9:39 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-17 9:10 [PATCH 00/11] preempt_count rework -v3 Peter Zijlstra
2013-09-17 9:10 ` [PATCH 01/11] x86: Use asm goto to implement better modify_and_test() functions Peter Zijlstra
2013-09-18 18:44 ` Linus Torvalds
[not found] ` <4ec87843-c29a-401a-a54f-2cd4d61fba62@email.android.com>
2013-09-19 8:31 ` Andi Kleen
2013-09-19 9:39 ` Ingo Molnar [this message]
2013-09-20 4:43 ` H. Peter Anvin
2013-09-17 9:10 ` [PATCH 02/11] sched, rcu: Make RCU use resched_cpu() Peter Zijlstra
2013-09-17 14:40 ` Peter Zijlstra
2013-09-23 16:55 ` Paul E. McKenney
2013-09-23 21:18 ` Paul E. McKenney
2013-09-24 8:07 ` Peter Zijlstra
2013-09-24 13:37 ` Paul E. McKenney
2013-09-17 9:10 ` [PATCH 03/11] sched: Remove {set,clear}_need_resched Peter Zijlstra
2013-09-17 9:10 ` [PATCH 04/11] sched, idle: Fix the idle polling state logic Peter Zijlstra
2013-09-17 9:10 ` [PATCH 05/11] sched: Introduce preempt_count accessor functions Peter Zijlstra
2013-09-17 9:10 ` [PATCH 06/11] sched: Add NEED_RESCHED to the preempt_count Peter Zijlstra
2013-09-17 9:10 ` [PATCH 07/11] sched, arch: Create asm/preempt.h Peter Zijlstra
2013-09-17 9:10 ` [PATCH 08/11] sched: Create more preempt_count accessors Peter Zijlstra
2013-09-17 9:10 ` [PATCH 09/11] sched: Extract the basic add/sub preempt_count modifiers Peter Zijlstra
2013-09-17 9:10 ` [PATCH 10/11] sched, x86: Provide a per-cpu preempt_count implementation Peter Zijlstra
2013-09-17 9:10 ` [PATCH 11/11] sched, x86: Optimize the preempt_schedule() call Peter Zijlstra
2013-09-17 20:23 ` Peter Zijlstra
2013-09-17 10:53 ` [PATCH 00/11] preempt_count rework -v3 Ingo Molnar
2013-09-17 11:22 ` Peter Zijlstra
2013-09-17 18:53 ` [patch 0/6] Make all preempt_count related constants generic Thomas Gleixner
2013-09-17 18:53 ` [patch 1/6] hardirq: Make hardirq bits generic Thomas Gleixner
2013-09-17 20:00 ` Geert Uytterhoeven
2013-09-17 21:24 ` Thomas Gleixner
2013-09-18 14:06 ` Thomas Gleixner
2013-09-19 15:14 ` Thomas Gleixner
2013-09-19 17:02 ` Andreas Schwab
2013-09-19 18:19 ` Geert Uytterhoeven
2013-09-20 9:26 ` Thomas Gleixner
2013-11-04 12:06 ` Thomas Gleixner
2013-11-04 19:44 ` Geert Uytterhoeven
2013-11-04 19:44 ` Geert Uytterhoeven
2013-11-06 17:23 ` Thomas Gleixner
2013-11-07 14:12 ` Geert Uytterhoeven
2013-11-07 16:39 ` Thomas Gleixner
2013-11-10 8:49 ` Michael Schmitz
2013-11-10 9:12 ` Geert Uytterhoeven
2013-11-11 14:11 ` Thomas Gleixner
2013-11-11 19:34 ` Thomas Gleixner
2013-11-11 20:52 ` Thomas Gleixner
2013-11-12 6:56 ` Michael Schmitz
2013-11-12 6:56 ` Michael Schmitz
2013-11-12 8:44 ` schmitz
2013-11-12 8:44 ` schmitz
2013-11-12 15:08 ` Geert Uytterhoeven
2013-11-13 19:42 ` [tip:irq/urgent] m68k: Simplify low level interrupt handling code tip-bot for Thomas Gleixner
2013-11-12 14:09 ` [patch 1/6] hardirq: Make hardirq bits generic Geert Uytterhoeven
2013-11-11 19:42 ` Andreas Schwab
2013-11-12 9:18 ` Thomas Gleixner
2013-11-13 19:42 ` [tip:irq/urgent] " tip-bot for Thomas Gleixner
2013-09-17 18:53 ` [patch 2/6] h8300: Use schedule_preempt_irq Thomas Gleixner
2013-09-20 17:41 ` Guenter Roeck
2013-09-20 21:46 ` Thomas Gleixner
2013-09-17 18:53 ` [patch 3/6] m32r: Use preempt_schedule_irq Thomas Gleixner
2013-11-13 19:42 ` [tip:irq/urgent] " tip-bot for Thomas Gleixner
2013-09-17 18:53 ` [patch 4/6] ia64: " Thomas Gleixner
2013-11-13 19:43 ` [tip:irq/urgent] " tip-bot for Thomas Gleixner
2013-11-20 19:59 ` [patch 4/6] " Tony Luck
2013-11-20 20:57 ` Thomas Gleixner
2013-11-21 11:41 ` Thomas Gleixner
2013-11-21 12:39 ` Frederic Weisbecker
2013-11-21 13:06 ` Peter Zijlstra
2013-11-21 13:30 ` Thomas Gleixner
2013-11-21 18:57 ` Tony Luck
2013-11-26 18:37 ` Tony Luck
2013-11-26 18:58 ` Peter Zijlstra
2013-11-27 13:36 ` Ingo Molnar
2013-11-27 14:07 ` [tip:sched/urgent] sched: Expose preempt_schedule_irq() tip-bot for Thomas Gleixner
2013-09-17 18:53 ` [patch 5/6] sparc: Use preempt_schedule_irq Thomas Gleixner
2013-09-17 22:54 ` David Miller
2013-09-17 23:23 ` Thomas Gleixner
2013-09-18 0:12 ` David Miller
2013-11-13 19:43 ` [tip:irq/urgent] " tip-bot for Thomas Gleixner
2013-09-17 18:53 ` [patch 6/6] preempt: Make PREEMPT_ACTIVE generic Thomas Gleixner
2013-09-18 10:48 ` Peter Zijlstra
2013-11-13 19:43 ` [tip:irq/urgent] " tip-bot for Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130919093954.GD14112@gmail.com \
--to=mingo@kernel.org \
--cc=ak@linux.intel.com \
--cc=arjan@linux.intel.com \
--cc=bitbucket@online.de \
--cc=fweisbec@gmail.com \
--cc=hpa@zytor.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.