From: Will Deacon <will.deacon@arm.com>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: Ingo Molnar <mingo@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
kasan-dev <kasan-dev@googlegroups.com>,
the arch/x86 maintainers <x86@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [PATCH v6 0/4] x86, kasan: add KASAN checks to atomic operations
Date: Wed, 31 Jan 2018 16:17:26 +0000 [thread overview]
Message-ID: <20180131161725.GA18758@arm.com> (raw)
In-Reply-To: <CACT4Y+Y1Qbsd4DOb6K6y0MVC2e_StjgYERE9ntJmQb+6BtZciA@mail.gmail.com>
On Wed, Jan 31, 2018 at 09:53:10AM +0100, Dmitry Vyukov wrote:
> On Wed, Jan 31, 2018 at 8:28 AM, Ingo Molnar <mingo@kernel.org> wrote:
> > * Will Deacon <will.deacon@arm.com> wrote:
> >> e.g. for atomic[64]_read, your asm-generic header looks like:
> >>
> >> #ifndef _LINUX_ATOMIC_INSTRUMENTED_H
> >> #define _LINUX_ATOMIC_INSTRUMENTED_H
> >>
> >> #include <linux/build_bug.h>
> >> #include <linux/kasan-checks.h>
> >>
> >> static __always_inline int __atomic_read_instrumented(const atomic_t *v)
> >> {
> >> kasan_check_read(v, sizeof(*v));
> >> return atomic_read(v);
> >> }
> >>
> >> static __always_inline s64 __atomic64_read_instrumented(const atomic64_t *v)
> >> {
> >> kasan_check_read(v, sizeof(*v));
> >> return atomic64_read(v);
> >> }
> >>
> >> #undef atomic_read
> >> #undef atomic64_read
> >>
> >> #define atomic_read __atomic_read_instrumented
> >> #define atomic64_read __atomic64_read_instrumented
> >>
> >> #endif /* _LINUX_ATOMIC_INSTRUMENTED_H */
> >>
> >> and the arch code just includes that in asm/atomic.h once it's done with
> >> its definitions.
> >>
> >> What do you think? Too stinky?
> >
> > Hm, so while this could work - I actually *like* the low level changes: they are
> > straightforward, trivial, easy to read and they add the arch_ prefix that makes it
> > abundantly clear that this isn't the highest level interface.
> >
> > The KASAN callbacks in the generic methods are also abundantly clear and very easy
> > to read. I could literally verify the sanity of the series while still being only
> > half awake. ;-)
> >
> > Also note that the arch renaming should be 'trivial', in the sense that any
> > missing rename results in a clear build breakage. Plus any architecture making use
> > of this new KASAN feature should probably be tested before it's enabled - and the
> > renaming of the low level atomic APIs kind of forces that too.
> >
> > So while this approach creates some churn, this series is IMHO a marked
> > improvement over the previous iterations.
>
>
> I think I mildly leaning towards Ingo's point.
> I guess people will first find the version in arch (because that's
> where they used to be), but that version is actually not the one that
> is called.
> The renaming is mechanical and you get build errors if anything is
> wrong. It's macros that caused hard to debug runtime crashes and
> multiple revisions of this series.
Sure, and it sounds like you're proposing to do the arm64 changes anyway so
I'm not complaining! Just thought I'd float the alternative to see what
people think.
Will
next prev parent reply other threads:[~2018-01-31 16:17 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-29 17:26 [PATCH v6 0/4] x86, kasan: add KASAN checks to atomic operations Dmitry Vyukov
2018-01-29 17:26 ` [PATCH v6 1/4] locking/atomic: Add asm-generic/atomic-instrumented.h Dmitry Vyukov
2018-01-29 17:26 ` [PATCH v6 2/4] x86: switch atomic.h to use atomic-instrumented.h Dmitry Vyukov
2018-03-12 12:24 ` [tip:locking/core] locking/atomic/x86: Switch " tip-bot for Dmitry Vyukov
2018-01-29 17:26 ` [PATCH v6 3/4] asm-generic: add KASAN instrumentation to atomic operations Dmitry Vyukov
2018-03-12 12:24 ` [tip:locking/core] locking/atomic, asm-generic: Add " tip-bot for Dmitry Vyukov
2018-01-29 17:26 ` [PATCH v6 4/4] asm-generic, x86: add comments for atomic instrumentation Dmitry Vyukov
2018-03-12 12:25 ` [tip:locking/core] locking/atomic, asm-generic, x86: Add " tip-bot for Dmitry Vyukov
2018-01-30 9:23 ` [PATCH v6 0/4] x86, kasan: add KASAN checks to atomic operations Dmitry Vyukov
2018-01-30 9:27 ` Dmitry Vyukov
2018-01-30 15:36 ` Will Deacon
2018-01-31 7:28 ` Ingo Molnar
2018-01-31 8:53 ` Dmitry Vyukov
2018-01-31 16:17 ` Will Deacon [this message]
2018-02-07 14:17 ` Dmitry Vyukov
2018-02-20 10:40 ` Dmitry Vyukov
2018-02-26 12:52 ` Dmitry Vyukov
-- strict thread matches above, loose matches on Subject: below --
2017-06-17 9:15 [PATCH v4 0/7] " Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 1/7] x86: un-macro-ify atomic ops implementation Dmitry Vyukov
2017-06-22 11:04 ` [tip:locking/core] locking/atomic/x86: Un-macro-ify " tip-bot for Dmitry Vyukov
2017-07-25 13:54 ` tip-bot for Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 2/7] x86: use s64* for old arg of atomic64_try_cmpxchg() Dmitry Vyukov
2017-06-22 11:04 ` [tip:locking/core] locking/atomic/x86: Use 's64 *' for 'old' argument " tip-bot for Dmitry Vyukov
2017-07-25 13:55 ` tip-bot for Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 3/7] asm-generic: add atomic-instrumented.h Dmitry Vyukov
2017-06-19 10:50 ` Mark Rutland
2017-06-22 11:05 ` [tip:locking/core] locking/atomic: Add asm-generic/atomic-instrumented.h tip-bot for Dmitry Vyukov
2018-03-12 12:23 ` [tip:locking/core] locking/atomic, asm-generic: " tip-bot for Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 4/7] x86: switch atomic.h to use atomic-instrumented.h Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 5/7] kasan: allow kasan_check_read/write() to accept pointers to volatiles Dmitry Vyukov
2017-06-19 10:50 ` Mark Rutland
2017-06-19 13:11 ` Dmitry Vyukov
2017-06-22 8:25 ` Ingo Molnar
2017-06-22 14:15 ` Dmitry Vyukov
2017-06-17 9:15 ` [PATCH v4 6/7] asm-generic: add KASAN instrumentation to atomic operations Dmitry Vyukov
2017-06-19 10:51 ` Mark Rutland
2017-06-17 9:15 ` [PATCH v4 7/7] asm-generic, x86: add comments for atomic instrumentation Dmitry Vyukov
2017-06-19 10:54 ` Mark Rutland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180131161725.GA18758@arm.com \
--to=will.deacon@arm.com \
--cc=aryabinin@virtuozzo.com \
--cc=dvyukov@google.com \
--cc=hpa@zytor.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).