On 22/02/2022 10:54, Andrew Cooper wrote:
> On 22/02/2022 09:29, Jan Beulich wrote:
>> On 21.02.2022 19:03, Andrew Cooper wrote:
>>> Most IOMMU hooks are already altcall for performance reasons. Convert the
>>> rest of them so we can harden all the hooks in Control Flow Integrity
>>> configurations. This necessitates the use of iommu_{v,}call() in debug
>>> builds
>>> too.
>>>
>>> Move the root iommu_ops from __read_mostly to __ro_after_init now that the
>>> latter exists. There is no need for a forward declaration of vtd_ops any
>>> more, meaning that __initconst_cf_clobber can be used for VTD and AMD.
>> The connection between the forward declaration and the annotation addition
>> isn't really clear to me.
>>
>>> --- a/xen/arch/x86/include/asm/iommu.h
>>> +++ b/xen/arch/x86/include/asm/iommu.h
>>> @@ -72,7 +72,6 @@ struct arch_iommu
>>>
>>> extern struct iommu_ops iommu_ops;
>>>
>>> -#ifdef NDEBUG
>>> # include <asm/alternative.h>
>>> # define iommu_call(ops, fn, args...) ({ \
>>> (void)(ops); \
>>> @@ -83,7 +82,6 @@ extern struct iommu_ops iommu_ops;
>>> (void)(ops); \
>>> alternative_vcall(iommu_ops.fn, ## args); \
>>> })
>>> -#endif
>>>
>>> static inline const struct iommu_ops *iommu_get_ops(void)
>>> {
>>> @@ -106,7 +104,7 @@ int iommu_setup_hpet_msi(struct msi_desc *);
>>> static inline int iommu_adjust_irq_affinities(void)
>>> {
>>> return iommu_ops.adjust_irq_affinities
>>> - ? iommu_ops.adjust_irq_affinities()
>>> + ? iommu_call(iommu_ops, adjust_irq_affinities)
>> While this (and other instances below) is x86-only code, where - with
>> the removal of the #ifdef above - we now know the first argument is
>> always ignored, I think it would still better be of the correct type
>> (&iommu_ops). Perhaps the "(void)(ops)" in the macro definitions would
>> better become "ASSERT((ops) == &iommu_ops)", which would check both
>> type (compile time) and value (runtime).
> I'm happy to fold that change if you want. It ought to optimise out
> completely for being
Bah - sent too early. "for being tautological."
~Andrew
