From: Chandra Seetharaman <sekharan@us.ibm.com>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: Keith Owens <kaos@ocs.com.au>,
Kernel development list <linux-kernel@vger.kernel.org>
Subject: Re: Notifier chains are unsafe
Date: Mon, 31 Oct 2005 14:22:57 -0800 [thread overview]
Message-ID: <1130797377.3586.357.camel@linuxchandra> (raw)
In-Reply-To: <Pine.LNX.4.44L0.0510291024510.12207-100000@netrider.rowland.org>
On Sat, 2005-10-29 at 10:51 -0400, Alan Stern wrote:
> On Fri, 28 Oct 2005, Chandra Seetharaman wrote:
>
> > On Fri, 2005-10-28 at 10:23 -0400, Alan Stern wrote:
> > > On Thu, 27 Oct 2005, Chandra Seetharaman wrote:
> > >
> > > > So, requirements to fix the bug are:
> > > > - no sleeping in register/unregister(if we want to keep the
> > > > current way of use. We can change it and make the relevant
> > > > changes in the kernel code, if it is agreeable)
> > >
> > > I think we will have to make these changes. In principal it shouldn't be
> > > hard to add a simple "enabled" flag to each callout which currently is
> > > registered/unregistered atomically or while running. We could even put
> > > such a flag into the notifier_block structure and add routines to set or
> > > clear it, using appropriate barriers.
> >
> > I do not understand the purpose of enabled flag. Can you clarify
>
> Something like this:
>
> struct notifier_block {
> int (*notifier_call)(struct notifier_block *self, unsigned long,
> void *);
> struct list_head node;
> int priority;
> int enabled;
> };
>
> int notifier_call_chain(struct notifier_head *nh, unsigned long val,
> void *v)
> {
> int ret = 0;
> notifier_block *b;
>
> if (list_empty(&nh->chain)) /* Optimize for common case */
> return ret;
>
> smp_rmb();
> list_for_each_entry(b, &nh->chain, node) {
> if (b->enabled) {
> ret = b->notifier_call(b, val, v);
> if (ret & NOTIFY_STOP_MASK)
> break;
> }
> }
>
> return ret;
> }
>
> #define notifier_block_enable(b) set_wmb((b)->enabled, 1)
> #define notifier_block_disable(b) set_wmb((b)->enabled, 0)
>
I am not getting the complete picture. So, in unregister we would just
disable and never delete the notifier_block ? Or
notifier_block_enable/disable will be used by external entities
directly ?
>
> It occurred to me that there _is_ a way to do unregister for atomic chains
> without blocking. Add to struct notifier_head
>
> atomic_t num_callers;
>
> Then in notifier_call_chain, do atomic_inc(&nh->num_callers) at the start
> and atomic_dec(&nh->num_callers) at the end. Finally, make unregister do
> this:
>
> int notifier_chain_unregister(struct notifier_head *nh,
> struct notifier_block *n)
> {
> if (nh->type == ATOMIC_NOTIFIER) {
> spin_lock(nh->lock);
> list_del(&n->node);
> smp_mb();
> while (atomic_read(&nh->num_callers) > 0)
> cpu_relax();
> spin_unlock(nh->lock);
> } else {
> ...
> }
> return 0;
> }
But, how is the list protected in call_chain (will you be holding the
lock in call_chain() while incrementing the atomic variable).
>
> I don't mean to suggest that this is better than using RCU, and with
> notifier_block_disable it probably isn't needed. However it is worth
> thinking about.
>
> Alan Stern
>
>
--
----------------------------------------------------------------------
Chandra Seetharaman | Be careful what you choose....
- sekharan@us.ibm.com | .......you may get it.
----------------------------------------------------------------------
next prev parent reply other threads:[~2005-10-31 22:23 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-24 20:48 Notifier chains are unsafe Alan Stern
2005-10-25 16:59 ` Joe Seigh
2005-10-25 23:30 ` Chandra Seetharaman
2005-10-26 18:46 ` Alan Stern
2005-10-26 19:05 ` Andreas Kleen
2005-10-26 20:40 ` Alan Stern
2005-10-26 21:44 ` Andi Kleen
2005-10-26 23:20 ` Chandra Seetharaman
2005-10-27 1:17 ` Joe Seigh
2005-10-28 1:36 ` Chandra Seetharaman
2005-10-27 14:13 ` Alan Stern
2005-10-26 22:40 ` Chandra Seetharaman
2005-10-27 15:28 ` Alan Stern
2005-10-27 20:43 ` Chandra Seetharaman
2005-10-27 21:21 ` Alan Stern
2005-10-27 23:02 ` Chandra Seetharaman
2005-10-28 0:48 ` Keith Owens
2005-10-28 1:34 ` Chandra Seetharaman
2005-10-28 14:23 ` Alan Stern
2005-10-28 22:15 ` Chandra Seetharaman
2005-10-29 14:51 ` Alan Stern
2005-10-31 22:22 ` Chandra Seetharaman [this message]
2005-11-01 15:24 ` Alan Stern
2005-11-01 20:20 ` Chandra Seetharaman
2005-11-01 21:20 ` Alan Stern
2005-11-02 9:50 ` Keith Owens
2005-11-02 16:03 ` Alan Stern
[not found] ` <mailman.1130460600.30060.linux-kernel2news@redhat.com>
2005-10-28 4:35 ` Pete Zaitcev
2005-10-25 23:43 ` Andi Kleen
2005-10-26 0:01 ` Chandra Seetharaman
2005-10-26 17:11 ` Andreas Kleen
2005-10-27 2:46 ` Herbert Xu
2005-10-29 12:25 ` Joe Seigh
2005-10-26 6:11 ` Keith Owens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1130797377.3586.357.camel@linuxchandra \
--to=sekharan@us.ibm.com \
--cc=kaos@ocs.com.au \
--cc=linux-kernel@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.