From: Joel Fernandes <joel@joelfernandes.org>
To: Frederic Weisbecker <frederic@kernel.org>
Cc: "Paul E . McKenney" <paulmck@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
quic_neeraju@quicinc.com, rcu@vger.kernel.org,
Lai Jiangshan <jiangshanlai@gmail.com>
Subject: Re: [PATCH 1/3] srcu: Warn when NMI-unsafe API is used in NMI
Date: Fri, 14 Oct 2022 22:45:04 +0000 [thread overview]
Message-ID: <Y0nmcH0SktDdonyW@google.com> (raw)
In-Reply-To: <20221013172244.1099010-2-frederic@kernel.org>
On Thu, Oct 13, 2022 at 07:22:42PM +0200, Frederic Weisbecker wrote:
> Using the NMI-unsafe reader API from within NMIs is very likely to be
> buggy for three reasons:
>
> 1) NMIs aren't strictly re-entrant (a pending nested NMI will execute
> at the end of the current one) so it should be fine to use a
> non-atomic increment here. However breakpoints can still interrupt
> NMIs and if a breakpoint callback has a reader on that same ssp, a
> racy increment can happen.
>
> 2) If the only reader site for a given ssp is in an NMI, RCU is definetly
definitely
> a better choice over SRCU.
Just checking - because NMI are by definition not-preemptibe, so SRCU over
RCU doesn't make much sense right?
Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org>
thanks,
- Joel
>
> 3) Because of the previous reason (2), an ssp having an SRCU read side
> critical section in an NMI is likely to have another one from a task
> context.
>
> For all these reasons, warn if an nmi unsafe reader API is used from an
> NMI.
>
> Signed-off-by: Frederic Weisbecker <frederic@kernel.org>
> ---
> kernel/rcu/srcutree.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/kernel/rcu/srcutree.c b/kernel/rcu/srcutree.c
> index c54142374793..8b7ef1031d89 100644
> --- a/kernel/rcu/srcutree.c
> +++ b/kernel/rcu/srcutree.c
> @@ -642,6 +642,8 @@ static void srcu_check_nmi_safety(struct srcu_struct *ssp, bool nmi_safe)
>
> if (!IS_ENABLED(CONFIG_PROVE_RCU))
> return;
> + /* NMI-unsafe use in NMI is a bad sign */
> + WARN_ON_ONCE(!nmi_safe && in_nmi());
> sdp = raw_cpu_ptr(ssp->sda);
> old_nmi_safe_mask = READ_ONCE(sdp->srcu_nmi_safety);
> if (!old_nmi_safe_mask) {
> --
> 2.25.1
>
next prev parent reply other threads:[~2022-10-14 22:45 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-13 17:22 [PATCH 0/3] srcu: A few NMI-safe debugging updates Frederic Weisbecker
2022-10-13 17:22 ` [PATCH 1/3] srcu: Warn when NMI-unsafe API is used in NMI Frederic Weisbecker
2022-10-14 22:45 ` Joel Fernandes [this message]
2022-10-20 22:16 ` Paul E. McKenney
2022-10-13 17:22 ` [PATCH 2/3] srcu: Explain the reason behind the read side critical section on GP start Frederic Weisbecker
2022-10-13 17:22 ` [PATCH 3/3] srcu: Debug NMI safety even on archs that don't require it Frederic Weisbecker
2022-10-14 18:35 ` [PATCH 0/3] srcu: A few NMI-safe debugging updates Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y0nmcH0SktDdonyW@google.com \
--to=joel@joelfernandes.org \
--cc=frederic@kernel.org \
--cc=jiangshanlai@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=paulmck@kernel.org \
--cc=quic_neeraju@quicinc.com \
--cc=rcu@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox