From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Paul Turner <pjt@google.com>, Andrew Hunter <ahh@google.com>,
Peter Zijlstra <peterz@infradead.org>,
linux-kernel@vger.kernel.org,
linux-api <linux-api@vger.kernel.org>,
Andy Lutomirski <luto@amacapital.net>,
Andi Kleen <andi@firstfloor.org>,
Dave Watson <davejwatson@fb.com>, Chris Lameter <cl@linux.com>,
Ingo Molnar <mingo@redhat.com>, Ben Maurer <bmaurer@fb.com>,
rostedt <rostedt@goodmis.org>,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
Josh Triplett <josh@joshtriplett.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Andrew Morton <akpm@linux-foundation.org>,
Russell King <linux@arm.linux.org.uk>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Michael Kerrisk <mtk.manpages@gmail.com>
Subject: Re: [RFC PATCH v3 1/5] getcpu_cache system call: cache CPU number of running thread
Date: Fri, 29 Jan 2016 16:28:40 +0000 (UTC) [thread overview]
Message-ID: <1012105182.7814.1454084920873.JavaMail.zimbra@efficios.com> (raw)
In-Reply-To: <alpine.DEB.2.11.1601290934020.3886@nanos>
----- On Jan 29, 2016, at 3:39 AM, Thomas Gleixner tglx@linutronix.de wrote:
> On Thu, 28 Jan 2016, Mathieu Desnoyers wrote:
>> ----- On Jan 28, 2016, at 4:52 PM, Thomas Gleixner tglx@linutronix.de wrote:
>> >> + current->cpu_cache = cpu_cache;
>> >> + /*
>> >> + * Migration checks the getcpu cache to see whether the
>> >> + * notify_resume flag should be set.
>> >> + * Therefore, we need to ensure that the scheduler sees
>> >> + * the getcpu cache pointer update before we update the getcpu
>> >> + * cache content with the current CPU number.
>> >> + */
>> >> + barrier();
>> >
>> > And how does that barrier ensure this? Not at all. And why would the scheduler
>> > care? All the scheduler cares about is tsk->cpu_cache.
>>
>> The case I want to ensure never happens is the following:
>>
>> Compiler reorders storing the address of current->cpu_cache after
>> the getcpu_cache_update() store to *cpu_cache. In between, the
>> scheduler preempts and migrates the task, but does not set the
>> resume notifier thread flag because it still see a NULL
>> current->cpu_cache. We therefore return to userspace with a
>> wrong CPU number in the cache.
>>
>> The compiler barrier enforces ordering of the current->cpu_cache
>> address store before updating the *cpu_cache.
>
> Fair enough. Updating the comment might help.
>
>> >
>> >> + /*
>> >> + * Do an initial cpu cache update to ensure we won't hit
>> >> + * SIGSEGV if put_user() fails in the resume notifier.
>> >> + */
>> >
>> > If you get migrated before that call, then you SIGSEGV nevertheless.
>>
>> No, because the SIGSEGV is only triggered when returning to userspace.
>> We are still in the system call here. All we care about in the migration
>> schedule code is to check the current->cpu_cache to see if we need to
>> raise the resume notifier flag. No userspace access there.
>
> True. Should have went to bed instead of staring at that code tired :)
>
>> > You need that call here for the case you are NOT migrated before returning to
>> > user space because otherwise the variable is not updated.
>>
>> This call has two goals: indeed, populating the initial current CPU value,
>> but also checking if the address is valid (and -EFAULT on error).
>
> Right. So the comment should mention both.
Sure, I'm proposing the following documentation update:
diff --git a/kernel/getcpu_cache.c b/kernel/getcpu_cache.c
index 7053611..044f246 100644
--- a/kernel/getcpu_cache.c
+++ b/kernel/getcpu_cache.c
@@ -127,16 +127,27 @@ SYSCALL_DEFINE3(getcpu_cache, int, cmd, int32_t __user * __user *, cpu_cachep,
}
current->cpu_cache = cpu_cache;
/*
- * Migration checks the getcpu cache to see whether the
- * notify_resume flag should be set.
+ * Migration reads the current->cpu_cache pointer to
+ * decide whether the notify_resume flag should be set.
* Therefore, we need to ensure that the scheduler sees
- * the getcpu cache pointer update before we update the getcpu
- * cache content with the current CPU number.
+ * the getcpu cache pointer update before we update the
+ * getcpu cache content with the current CPU number.
+ * This ensures we don't return from the getcpu_cache
+ * system call to userspace with a wrong CPU number in
+ * the cache if preempted and migrated after the initial
+ * successful cpu cache update (below).
+ *
+ * This compiler barrier enforces ordering of the
+ * current->cpu_cache address store before update of the
+ * *cpu_cache.
*/
barrier();
/*
- * Do an initial cpu cache update to ensure we won't hit
- * SIGSEGV if put_user() fails in the resume notifier.
+ * Do an initial cpu cache update to populate the
+ * current CPU value, and to check whether the address
+ * is valid, thus ensuring we return -EFAULT in case or
+ * invalid address rather than triggering a SIGSEGV if
+ * put_user() fails in the resume notifier.
*/
if (getcpu_cache_update(cpu_cache)) {
current->cpu_cache = NULL;
Thanks!
Mathieu
>
> Thanks,
>
> tglx
--
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com
next prev parent reply other threads:[~2016-01-29 16:28 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-28 21:01 [RFC PATCH v3 0/5] getcpu_cache system call Mathieu Desnoyers
2016-01-28 21:01 ` Mathieu Desnoyers
2016-01-28 21:01 ` [RFC PATCH v3 1/5] getcpu_cache system call: cache CPU number of running thread Mathieu Desnoyers
[not found] ` <1454014885-29012-2-git-send-email-mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2016-01-28 21:52 ` Thomas Gleixner
2016-01-28 21:52 ` Thomas Gleixner
2016-01-28 22:44 ` Mathieu Desnoyers
2016-01-28 22:44 ` Mathieu Desnoyers
2016-01-29 8:39 ` Thomas Gleixner
2016-01-29 16:28 ` Mathieu Desnoyers [this message]
[not found] ` <1454014885-29012-1-git-send-email-mathieu.desnoyers-vg+e7yoeK/dWk0Htik3J/w@public.gmane.org>
2016-01-28 21:01 ` [RFC PATCH v3 2/5] getcpu_cache: ARM resume notifier Mathieu Desnoyers
2016-01-28 21:01 ` Mathieu Desnoyers
2016-01-28 21:01 ` [RFC PATCH v3 3/5] getcpu_cache: wire up ARM system call Mathieu Desnoyers
2016-01-28 21:01 ` Mathieu Desnoyers
2016-01-28 21:01 ` [RFC PATCH v3 4/5] getcpu_cache: x86 32/64 resume notifier Mathieu Desnoyers
2016-01-28 21:01 ` [RFC PATCH v3 5/5] getcpu_cache: wire up x86 32/64 system call Mathieu Desnoyers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1012105182.7814.1454084920873.JavaMail.zimbra@efficios.com \
--to=mathieu.desnoyers@efficios.com \
--cc=ahh@google.com \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=bmaurer@fb.com \
--cc=catalin.marinas@arm.com \
--cc=cl@linux.com \
--cc=davejwatson@fb.com \
--cc=josh@joshtriplett.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@arm.linux.org.uk \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mtk.manpages@gmail.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=peterz@infradead.org \
--cc=pjt@google.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.