[RFC][PATCH 1/5] static_call: Make NULL static calls consistent

From: Josh Poimboeuf
Date: Fri Mar 10 2023 - 15:34:08 EST

Next message: Josh Poimboeuf: "[RFC][PATCH 5/5] x86/kvm: Simplify static call handling"
Previous message: Josh Poimboeuf: "[RFC][PATCH 3/5] static_call: Remove static_call_cond() and its usages"
In reply to: Josh Poimboeuf: "[RFC][PATCH 3/5] static_call: Remove static_call_cond() and its usages"
Next in thread: Peter Zijlstra: "Re: [RFC][PATCH 1/5] static_call: Make NULL static calls consistent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

NULL static calls have inconsistent behavior. With HAVE_STATIC_CALL=y
they're a NOP, but with HAVE_STATIC_CALL=n they're a panic.

That's guaranteed to cause subtle bugs. Make the behavior consistent by
making NULL static calls a NOP with HAVE_STATIC_CALL=n.

This is probably easier than doing the reverse (making NULL static calls
panic with HAVE_STATIC_CALL=y).

Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
---
include/linux/static_call.h | 53 +++++++------------------------------
1 file changed, 9 insertions(+), 44 deletions(-)

diff --git a/include/linux/static_call.h b/include/linux/static_call.h
index 141e6b176a1b..8b12216da0da 100644
--- a/include/linux/static_call.h
+++ b/include/linux/static_call.h
@@ -65,20 +65,12 @@
*
* Notes on NULL function pointers:
*
- * Static_call()s support NULL functions, with many of the caveats that
- * regular function pointers have.
+ * A static_call() to a NULL function pointer is a NOP.
*
- * Clearly calling a NULL function pointer is 'BAD', so too for
- * static_call()s (although when HAVE_STATIC_CALL it might not be immediately
- * fatal). A NULL static_call can be the result of:
+ * A NULL static call can be the result of:
*
* DECLARE_STATIC_CALL_NULL(my_static_call, void (*)(int));
*
- * which is equivalent to declaring a NULL function pointer with just a
- * typename:
- *
- * void (*my_func_ptr)(int arg1) = NULL;
- *
* or using static_call_update() with a NULL function. In both cases the
* HAVE_STATIC_CALL implementation will patch the trampoline with a RET
* instruction, instead of an immediate tail-call JMP. HAVE_STATIC_CALL_INLINE
@@ -92,13 +84,6 @@
*
* where the argument evaludation also depends on the pointer value.
*
- * When calling a static_call that can be NULL, use:
- *
- * static_call_cond(name)(arg1);
- *
- * which will include the required value tests to avoid NULL-pointer
- * dereferences.
- *
* To query which function is currently set to be called, use:
*
* func = static_call_query(name);
@@ -106,7 +91,7 @@
*
* DEFINE_STATIC_CALL_RET0 / __static_call_return0:
*
- * Just like how DEFINE_STATIC_CALL_NULL() / static_call_cond() optimize the
+ * Just like how DEFINE_STATIC_CALL_NULL() optimizes the
* conditional void function call, DEFINE_STATIC_CALL_RET0 /
* __static_call_return0 optimize the do nothing return 0 function.
*
@@ -279,10 +264,12 @@ extern long __static_call_return0(void);
#define EXPORT_STATIC_CALL_TRAMP_GPL(name) \
EXPORT_SYMBOL_GPL(STATIC_CALL_TRAMP(name))

-#else /* Generic implementation */
+#else /* !CONFIG_HAVE_STATIC_CALL */

static inline int static_call_init(void) { return 0; }

+static inline void __static_call_nop(void) { }
+
static inline long __static_call_return0(void)
{
return 0;
@@ -298,39 +285,17 @@ static inline long __static_call_return0(void)
__DEFINE_STATIC_CALL(name, _func, _func)

#define DEFINE_STATIC_CALL_NULL(name, _func) \
- __DEFINE_STATIC_CALL(name, _func, NULL)
+ __DEFINE_STATIC_CALL(name, _func, __static_call_nop)

#define DEFINE_STATIC_CALL_RET0(name, _func) \
__DEFINE_STATIC_CALL(name, _func, __static_call_return0)

-static inline void __static_call_nop(void) { }
-
-/*
- * This horrific hack takes care of two things:
- *
- * - it ensures the compiler will only load the function pointer ONCE,
- * which avoids a reload race.
- *
- * - it ensures the argument evaluation is unconditional, similar
- * to the HAVE_STATIC_CALL variant.
- *
- * Sadly current GCC/Clang (10 for both) do not optimize this properly
- * and will emit an indirect call for the NULL case :-(
- */
-#define __static_call_cond(name) \
-({ \
- void *func = READ_ONCE(STATIC_CALL_KEY(name).func); \
- if (!func) \
- func = &__static_call_nop; \
- (typeof(STATIC_CALL_TRAMP(name))*)func; \
-})
-
-#define static_call_cond(name) (void)__static_call_cond(name)
+#define static_call_cond(name) (void)static_call(name)

static inline
void __static_call_update(struct static_call_key *key, void *tramp, void *func)
{
- WRITE_ONCE(key->func, func);
+ WRITE_ONCE(key->func, func ? : (void *)__static_call_nop);
}

static inline int static_call_text_reserved(void *start, void *end)
--
2.39.2

Next message: Josh Poimboeuf: "[RFC][PATCH 5/5] x86/kvm: Simplify static call handling"
Previous message: Josh Poimboeuf: "[RFC][PATCH 3/5] static_call: Remove static_call_cond() and its usages"
In reply to: Josh Poimboeuf: "[RFC][PATCH 3/5] static_call: Remove static_call_cond() and its usages"
Next in thread: Peter Zijlstra: "Re: [RFC][PATCH 1/5] static_call: Make NULL static calls consistent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]