Re: [patch 2/2] x86/alternatives: Disable interrupts and sync when optimizing NOPs in place
From: Thomas Gleixner
Date: Fri Dec 08 2023 - 08:37:51 EST
On Fri, Dec 08 2023 at 14:22, Borislav Petkov wrote:
> On Thu, Dec 07, 2023 at 08:49:26PM +0100, Thomas Gleixner wrote:
>> +static void __init_or_module noinline optimize_nops_inplace(u8 *instr, size_t len)
>> +{
>> + unsigned long flags;
>> +
>> + local_irq_save(flags);
>> + optimize_nops(instr, len);
>> + sync_core();
>> + local_irq_restore(flags);
>> +}
>> +
>> /*
>> * In this context, "source" is where the instructions are placed in the
>> * section .altinstr_replacement, for example during kernel build by the
>> @@ -438,7 +448,7 @@ void __init_or_module noinline apply_alt
>> * patch if feature is *NOT* present.
>> */
>> if (!boot_cpu_has(a->cpuid) == !(a->flags & ALT_FLAG_NOT)) {
>> - optimize_nops(instr, a->instrlen);
>> + optimize_nops_inplace(instr, a->instrlen);
>> continue;
>> }
>
> Arguably, the proper thing to do here would be to convert the NOP
> optimizing to the same 2-stage process as normal patching: write insns
> into a buffer and text_poke* it.
>
> VS what we currently do: operating straight on kernel memory.
Well, apply_alternatives() results in text_poke_early() which is nothing
else than a memcpy() with interrupts disabled :)