public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Florian Weimer <fweimer@redhat.com>
To: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Carlos O'Donell <carlos@redhat.com>,
	Joseph Myers <joseph@codesourcery.com>,
	Szabolcs Nagy <szabolcs.nagy@arm.com>,
	libc-alpha@sourceware.org, Thomas Gleixner <tglx@linutronix.de>,
	Ben Maurer <bmaurer@fb.com>,
	Peter Zijlstra <peterz@infradead.org>,
	"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
	Boqun Feng <boqun.feng@gmail.com>,
	Will Deacon <will.deacon@arm.com>,
	Dave Watson <davejwatson@fb.com>, Paul Turner <pjt@google.com>,
	Rich Felker <dalias@libc.org>,
	linux-kernel@vger.kernel.org, linux-api@vger.kernel.org
Subject: Re: [PATCH 1/5] glibc: Perform rseq(2) registration at C startup and thread creation (v10)
Date: Mon, 27 May 2019 13:19:36 +0200	[thread overview]
Message-ID: <87h89gjgaf.fsf@oldenburg2.str.redhat.com> (raw)
In-Reply-To: <20190503184219.19266-2-mathieu.desnoyers@efficios.com> (Mathieu Desnoyers's message of "Fri, 3 May 2019 14:42:15 -0400")

* Mathieu Desnoyers:

> +/* volatile because fields can be read/updated by the kernel.  */
> +__thread volatile struct rseq __rseq_abi = {
> +  .cpu_id = RSEQ_CPU_ID_UNINITIALIZED,
> +};

As I've explained repeatedly, the volatile qualifier is wrong because it
is impossible to get rid of it.  (Accessing an object declared volatile
using non-volatile pointers is undefined.)  Code using __rseq_abi should
use relaxed MO atomics or signal fences/compiler barriers, as
appropriate.

> +/* Advertise Restartable Sequences registration ownership across
> +   application and shared libraries.
> +
> +   Libraries and applications must check whether this variable is zero or
> +   non-zero if they wish to perform rseq registration on their own. If it
> +   is zero, it means restartable sequence registration is not handled, and
> +   the library or application is free to perform rseq registration. In
> +   that case, the library or application is taking ownership of rseq
> +   registration, and may set __rseq_handled to 1. It may then set it back
> +   to 0 after it completes unregistering rseq.
> +
> +   If __rseq_handled is found to be non-zero, it means that another
> +   library (or the application) is currently handling rseq registration.
> +
> +   Typical use of __rseq_handled is within library constructors and
> +   destructors, or at program startup.  */
> +
> +int __rseq_handled;

It's not clear to me whether the intent is that __rseq_handled reflects
kernel support for rseq or not.  Currently, it only tells us whether
glibc has been built with rseq support or not.  It does not reflect
kernel support.  I'm still not convinced that this symbol is necessary,
especially if we mandate a kernel header version which defines __NR_rseq
for building glibc (which may happen due to the time64_t work).

Furthermore, the reference to ELF constructors is misleading.  I believe
the code you added to __libc_start_main to initialize __rseq_handled and
register __seq_abi with the kernel runs *after* ELF constructors have
executed (and not at all if the main program is written in Go, alas).
All initialization activity for the shared case needs to happen in
elf/rtld.c or called from there, probably as part of the security
initialization code or thereabouts.

Thanks,
Florian

  reply	other threads:[~2019-05-27 11:20 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20190503184219.19266-1-mathieu.desnoyers@efficios.com>
2019-05-03 18:42 ` [PATCH 1/5] glibc: Perform rseq(2) registration at C startup and thread creation (v10) Mathieu Desnoyers
2019-05-27 11:19   ` Florian Weimer [this message]
2019-05-27 19:27     ` Mathieu Desnoyers
2019-05-29 15:45       ` Mathieu Desnoyers
2019-05-30 20:56         ` Mathieu Desnoyers
2019-05-31  8:06           ` Florian Weimer
2019-05-31 14:48             ` Mathieu Desnoyers
2019-05-31 15:46               ` Florian Weimer
2019-05-31 18:10                 ` Mathieu Desnoyers
2019-06-04 11:46                   ` Florian Weimer
2019-06-04 15:57                     ` Mathieu Desnoyers
2019-06-06 11:57                       ` Florian Weimer
2019-06-10 14:43                         ` Carlos O'Donell
2019-06-12 14:00                           ` Mathieu Desnoyers
2019-06-14 10:03                             ` Mathieu Desnoyers
2019-06-14 10:06                               ` Florian Weimer
2019-06-14 10:14                                 ` Mathieu Desnoyers
2019-06-14 11:35                                   ` Florian Weimer
2019-06-14 12:55                                     ` Mathieu Desnoyers
2019-06-14 13:01                                       ` Mathieu Desnoyers
2019-06-14 13:09                                         ` Florian Weimer
2019-06-14 13:18                                           ` Mathieu Desnoyers
2019-06-14 13:24                                             ` Florian Weimer
2019-06-14 13:34                                               ` Mathieu Desnoyers
2019-06-14 13:42                                                 ` Florian Weimer
2019-06-14 13:47                                                   ` Mathieu Desnoyers
2019-06-14 13:53                                                     ` Florian Weimer
2019-06-14 13:59                                                       ` Mathieu Desnoyers
2019-06-14 13:29                                         ` David Laight
2019-06-14 13:39                                           ` Mathieu Desnoyers
2019-06-12 14:16                         ` Mathieu Desnoyers
2019-06-12 14:22                           ` Florian Weimer
2019-06-12 14:36                             ` Mathieu Desnoyers
2019-06-12 14:43                               ` Florian Weimer
2019-05-03 18:42 ` [PATCH 2/5] glibc: sched_getcpu(): use rseq cpu_id TLS on Linux (v4) Mathieu Desnoyers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87h89gjgaf.fsf@oldenburg2.str.redhat.com \
    --to=fweimer@redhat.com \
    --cc=bmaurer@fb.com \
    --cc=boqun.feng@gmail.com \
    --cc=carlos@redhat.com \
    --cc=dalias@libc.org \
    --cc=davejwatson@fb.com \
    --cc=joseph@codesourcery.com \
    --cc=libc-alpha@sourceware.org \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mathieu.desnoyers@efficios.com \
    --cc=paulmck@linux.vnet.ibm.com \
    --cc=peterz@infradead.org \
    --cc=pjt@google.com \
    --cc=szabolcs.nagy@arm.com \
    --cc=tglx@linutronix.de \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox