| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6596edda327c8_8dc68294b2@dwillia2-xfh.jf.intel.com.notmuch>
Date: Thu, 4 Jan 2024 09:41:46 -0800
From: Dan Williams <dan.j.williams@...el.com>
To: Ard Biesheuvel <ardb@...nel.org>, Lukas Wunner <lukas@...ner.de>
CC: Dan Williams <dan.j.williams@...el.com>, Ira Weiny <ira.weiny@...el.com>,
Jonathan Cameron <jonathan.cameron@...wei.com>, Smita Koralahalli
<Smita.KoralahalliChannabasappa@....com>, Shiju Jose <shiju.jose@...wei.com>,
Yazen Ghannam <yazen.ghannam@....com>, Davidlohr Bueso <dave@...olabs.net>,
Dave Jiang <dave.jiang@...el.com>, Alison Schofield
<alison.schofield@...el.com>, Vishal Verma <vishal.l.verma@...el.com>,
<linux-efi@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<linux-cxl@...r.kernel.org>, Bjorn Helgaas <bhelgaas@...gle.com>
Subject: Re: [PATCH v5 8/9] PCI: Define scoped based management functions
Ard Biesheuvel wrote:
> On Thu, 4 Jan 2024 at 08:02, Lukas Wunner <lukas@...ner.de> wrote:
> >
> > On Wed, Jan 03, 2024 at 10:43:40PM -0800, Dan Williams wrote:
> > > Lukas Wunner wrote:
> > > > On Wed, Dec 20, 2023 at 04:17:35PM -0800, Ira Weiny wrote:
> > > > > --- a/include/linux/pci.h
> > > > > +++ b/include/linux/pci.h
> > > > > @@ -1170,6 +1170,7 @@ int pci_get_interrupt_pin(struct pci_dev *dev, struct pci_dev **bridge);
> > > > > u8 pci_common_swizzle(struct pci_dev *dev, u8 *pinp);
> > > > > struct pci_dev *pci_dev_get(struct pci_dev *dev);
> > > > > void pci_dev_put(struct pci_dev *dev);
> > > > > +DEFINE_FREE(pci_dev_put, struct pci_dev *, if (_T) pci_dev_put(_T))
> > > >
> > > > pci_dev_put() already performs a NULL pointer check internally.
> > > > Why duplicate it here?
> > >
> > > Greg asked the same for the introduction of __free(kvfree), and Peter
> > > clarified:
> > >
> > > http://lore.kernel.org/r/20230814161731.GN776869@hirez.programming.kicks-ass.net
> > >
> > > Essentially, that check is more for build-time than runtime because when
> > > the macro is expanded the compiler can notice scenarios where @pdev is
> > > set to NULL (likely by no_free_ptr()) and skip the call to pci_dev_put()
> > > altogether. pci_dev_put() also happens to be out-of-line, so saving a
> > > call when @pdev is NULL a small win in that respect as well.
> >
> > Doubtful whether that's correct. The kernel is compiled with
> > -fno-delete-null-pointer-checks since commit a3ca86aea507
> > ("Add '-fno-delete-null-pointer-checks' to gcc CFLAGS").
> >
> > So these NULL pointer checks are generally not optimized away.
> >
> > I've just responded to the discussion you've linked above:
> > https://lore.kernel.org/all/20240104065744.GA6055@wunner.de/
> >
>
> AIUI, Peter is referring to constant propagation of compile time
> constant pointers here, not pointer variables where the NULL check is
> elided if the variable has already been dereferenced.
>
No, it is for auto (on stack) pointer variables. Consider this sequence:
struct pci_dev *pdev __free(pci_dev_put) = pci_get_domain_bus_and_slot(...);
if (!pdev)
return NULL;
if (!check_pdev(pdev))
return NULL;
return no_free_ptr(pdev);
...that expands at compile time to a first pass of:
struct pci_dev *pdev = pci_get_domain_bus_and_slot(...);
if (!pdev) {
if (pdev)
pci_dev_put(pdev);
return NULL;
}
if (!check_pdev(pdev)) {
if (pdev)
pci_dev_put(pdev);
return NULL;
}
struct pci_dev *tmp = pdev;
pdev = NULL;
if (pdev)
pci_dev_put(pdev);
return tmp;
...the compiler can then optimize this on a second pass to:
if (!pdev)
return NULL;
if (!check_pdev(pdev)) {
pci_dev_put(pdev);
return NULL;
}
return pdev;
...if the NULL check is dropped from DEFINE_FREE(pci_dev_put...) then
this becomes unoptimizable by the compiler without
link-time-optimization (LTO) to see that pci_dev_put() has an internal
NULL check:
struct pci_dev *pdev = pci_get_domain_bus_and_slot(...);
if (!pdev) {
pci_dev_put(pdev);
return NULL;
}
if (!check_pdev(pdev)) {
pci_dev_put(pdev);
return NULL;
}
struct pci_dev *tmp = pdev;
pdev = NULL;
pci_dev_put(pdev);
return tmp;
Now, if pci_dev_put() would become a static inline the compiler could
again do the optimization, but it is otherwise free (post compiler
optimization) to keep a conditional in these DEFINE_FREE() instances and
not worry about whether the actual free routine is inline, out-of-line,
or has its own NULL check.
Powered by blists - more mailing lists