From patchwork Tue Oct  1 08:37:01 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahiro Yamada <yamada.masahiro@socionext.com>
X-Patchwork-Id: 174830
Delivered-To: patch@linaro.org
Received: by 2002:a92:7e96:0:0:0:0:0 with SMTP id q22csp8239946ill;
 Tue, 1 Oct 2019 01:39:40 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxoxZZZO+bMRaPHrLabwkHDaqPaWivhL4JZiY7jEo+UafqtHA8NpvVvdWkgtTeKkjdOiWWu
X-Received: by 2002:a50:ee10:: with SMTP id
 g16mr24050010eds.267.1569919179917; 
 Tue, 01 Oct 2019 01:39:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1569919179; cv=none;
 d=google.com; s=arc-20160816;
 b=U+LsBvA/CYL5g+4vj12aMeU4QQ6pJTrGqTplXihGMZB+/NrOdYXpJd4cGb7jVNQl+G
 q01lI31Q11ohEcEIck+p/Tbu/z7VbQ9Gm8YDE42GIQ47x0sR5J4h+L7MxkSCdzxh8uqY
 rFiLcbAQ704kvl/EPvm+LG0x1hQgI+2glc+1FqJPyiHnuGLp+JO12d4mMMtmUkbu95WF
 pgmhepEZPXX3fE1wiTAES/fCgsfElzUMM33QZViBjhC3n5DQ15yu+vUQbEBQOKGqkqtK
 pcMPuPem2IQprGxX2EK6XuFLBFVn+sdDeP7EK2bEc6qxZ6+tHfhASG28SbWCaJrKhR5L
 x4Lw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=list-id:precedence:sender:message-id:date:subject:cc:to:from
 :dkim-signature:dkim-filter;
 bh=5vgn6LNEnRoez/oiB48qIZvraN4rGfguB7nlITyUZnQ=;
 b=DKjaAIKgvRVBMeut6CV29SddHWmNqTqzmclS3B8c3WRAq2MQgjZU5XP4/9ilMEi5B6
 KB6A3Texx3waQ/gY+EUdLWC51LniavgIyRXW1XHvNlCSdekMx76x2oyH4TDtePw/jQ+l
 JemkNTJhDJ2IHE+qqO+qohot0nKCV2b3B1UUs0IqiuMFka4Wz4gKftZMgYe9lKrHFQta
 JvOUjjvz+9ZO0cs21APSjkjJ1d6eSn5w6HLk9vcNyNF/Pnt0OT9JwdBitLFQZg1GgU6u
 OBHRmgwniX7BFJpvnfYt5zJkCZdxpp/+DhN5odj7k0lF4Mk/set0PxahdWGWxQMfwvb8
 rFrA==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=p91ffoOa; 
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
 by mx.google.com with ESMTP id
 e25si9028050edb.308.2019.10.01.01.39.39; 
 Tue, 01 Oct 2019 01:39:39 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender) client-ip=209.132.180.67; 
Authentication-Results: mx.google.com;
 dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=p91ffoOa; 
 spf=pass (google.com: best guess record for domain of
 linux-kernel-owner@vger.kernel.org designates 209.132.180.67
 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S1733097AbfJAIjj (ORCPT <rfc822;lee.jones@linaro.org>
 + 27 others); Tue, 1 Oct 2019 04:39:39 -0400
Received: from conuserg-07.nifty.com ([210.131.2.74]:21926 "EHLO
 conuserg-07.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S1727274AbfJAIji (ORCPT
 <rfc822;linux-kernel@vger.kernel.org>);
 Tue, 1 Oct 2019 04:39:38 -0400
Received: from localhost.localdomain (p14092-ipngnfx01kyoto.kyoto.ocn.ne.jp
 [153.142.97.92]) (authenticated)
 by conuserg-07.nifty.com with ESMTP id x918bGRK010166;
 Tue, 1 Oct 2019 17:37:16 +0900
DKIM-Filter: OpenDKIM Filter v2.10.3 conuserg-07.nifty.com x918bGRK010166
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com;
 s=dec2015msa; t=1569919038;
 bh=5vgn6LNEnRoez/oiB48qIZvraN4rGfguB7nlITyUZnQ=;
 h=From:To:Cc:Subject:Date:From;
 b=p91ffoOa2E/AqaszRIYAKxH64lj7JJFDmZ79GZ/o3VRI/mwetxYYTQsnMaUw14GmA
 ZVm6pzze0VUYtB3hV7bLkjiHP+ofi+YmdztVAuitDJ3kA93dhWnhTO8TVLFTz6Dl7g
 XvOobdLSRmBFYm3F1wliVdaWSZMBm6GoDv/aBdFWMv2Rmxw2+0ZeUdVRufx3OS7r0P
 Hs72Fd2OSDGs662tuHHS+kUJnTYqsSs2+cjjh4jfgQUE+jKBtvSnylC86v6Zs0O5G6
 WF0bdsK1XFHCIBi6PJrD9ZiZqjOv17oQVq7jZI87bIrFBpbYdHV9ykA61Q81Qo8YXo
 +B0Gs6PCTXyTQ==
X-Nifty-SrcIP: [153.142.97.92]
From: Masahiro Yamada <yamada.masahiro@socionext.com>
To: linux-arm-kernel@lists.infradead.org,
 Russell King <rmk+kernel@armlinux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
 Olof Johansson <olof@lixom.net>, Arnd Bergmann <arnd@arndb.de>,
 Nick Desaulniers <ndesaulniers@google.com>,
 Nicolas Saenz Julienne <nsaenzjulienne@suse.de>,
 Masahiro Yamada <yamada.masahiro@socionext.com>,
 Allison Randal <allison@lohutok.net>, Enrico Weigelt <info@metux.net>,
 Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
 Julien Thierry <julien.thierry.kdev@gmail.com>,
 Kate Stewart <kstewart@linuxfoundation.org>,
 Russell King <linux@armlinux.org.uk>, Stefan Agner <stefan@agner.ch>,
 Thomas Gleixner <tglx@linutronix.de>,
 Vincent Whitchurch <vincent.whitchurch@axis.com>,
 linux-kernel@vger.kernel.org
Subject: [PATCH v2] ARM: add __always_inline to functions called from
 __get_user_check()
Date: Tue,  1 Oct 2019 17:37:01 +0900
Message-Id: <20191001083701.27207-1-yamada.masahiro@socionext.com>
X-Mailer: git-send-email 2.17.1
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

KernelCI reports that bcm2835_defconfig is no longer booting since
commit ac7c3e4ff401 ("compiler: enable CONFIG_OPTIMIZE_INLINING
forcibly") (https://lkml.org/lkml/2019/9/26/825).

I also received a regression report from Nicolas Saenz Julienne
(https://lkml.org/lkml/2019/9/27/263).

This problem has cropped up on bcm2835_defconfig because it enables
CONFIG_CC_OPTIMIZE_FOR_SIZE. The compiler tends to prefer not inlining
functions with -Os. I was able to reproduce it with other boards and
defconfig files by manually enabling CONFIG_CC_OPTIMIZE_FOR_SIZE.

The __get_user_check() specifically uses r0, r1, r2 registers.
So, uaccess_save_and_enable() and uaccess_restore() must be inlined.
Otherwise, those register assignments would be entirely dropped,
according to my analysis of the disassembly.

Prior to commit 9012d011660e ("compiler: allow all arches to enable
CONFIG_OPTIMIZE_INLINING"), the 'inline' marker was always enough for
inlining functions, except on x86.

Since that commit, all architectures can enable CONFIG_OPTIMIZE_INLINING.
So, __always_inline is now the only guaranteed way of forcible inlining.

I also added __always_inline to 4 functions in the call-graph from the
__get_user_check() macro.

Fixes: 9012d011660e ("compiler: allow all arches to enable CONFIG_OPTIMIZE_INLINING")
Reported-by: "kernelci.org bot" <bot@kernelci.org>
Reported-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
---

Changes in v2:
  - Use __always_inline instead of changing the function call places
     (per Russell King)
  - The previous submission is: https://lore.kernel.org/patchwork/patch/1132459/

 arch/arm/include/asm/domain.h  | 8 ++++----
 arch/arm/include/asm/uaccess.h | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

-- 
2.17.1
Tested-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>

diff --git a/arch/arm/include/asm/domain.h b/arch/arm/include/asm/domain.h
index 567dbede4785..f1d0a7807cd0 100644
--- a/arch/arm/include/asm/domain.h
+++ b/arch/arm/include/asm/domain.h
@@ -82,7 +82,7 @@
 #ifndef __ASSEMBLY__
 
 #ifdef CONFIG_CPU_CP15_MMU
-static inline unsigned int get_domain(void)
+static __always_inline unsigned int get_domain(void)
 {
 	unsigned int domain;
 
@@ -94,7 +94,7 @@ static inline unsigned int get_domain(void)
 	return domain;
 }
 
-static inline void set_domain(unsigned val)
+static __always_inline void set_domain(unsigned int val)
 {
 	asm volatile(
 	"mcr	p15, 0, %0, c3, c0	@ set domain"
@@ -102,12 +102,12 @@ static inline void set_domain(unsigned val)
 	isb();
 }
 #else
-static inline unsigned int get_domain(void)
+static __always_inline unsigned int get_domain(void)
 {
 	return 0;
 }
 
-static inline void set_domain(unsigned val)
+static __always_inline void set_domain(unsigned int val)
 {
 }
 #endif
diff --git a/arch/arm/include/asm/uaccess.h b/arch/arm/include/asm/uaccess.h
index 303248e5b990..98c6b91be4a8 100644
--- a/arch/arm/include/asm/uaccess.h
+++ b/arch/arm/include/asm/uaccess.h
@@ -22,7 +22,7 @@
  * perform such accesses (eg, via list poison values) which could then
  * be exploited for priviledge escalation.
  */
-static inline unsigned int uaccess_save_and_enable(void)
+static __always_inline unsigned int uaccess_save_and_enable(void)
 {
 #ifdef CONFIG_CPU_SW_DOMAIN_PAN
 	unsigned int old_domain = get_domain();
@@ -37,7 +37,7 @@ static inline unsigned int uaccess_save_and_enable(void)
 #endif
 }
 
-static inline void uaccess_restore(unsigned int flags)
+static __always_inline void uaccess_restore(unsigned int flags)
 {
 #ifdef CONFIG_CPU_SW_DOMAIN_PAN
 	/* Restore the user access mask */