lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 22 Jul 2019 14:26:07 +0100
From:   Marc Zyngier <marc.zyngier@....com>
To:     Russell King - ARM Linux admin <linux@...linux.org.uk>
Cc:     Petr Mladek <pmladek@...e.com>,
        Mark Rutland <mark.rutland@....com>,
        Pavel Tatashin <pasha.tatashin@...een.com>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will.deacon@....com>,
        linux-kernel@...r.kernel.org, Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        John Stultz <john.stultz@...aro.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 1/3] printk: Allow architecture-specific timestamping
 function

On 22/07/2019 14:03, Russell King - ARM Linux admin wrote:
> On Mon, Jul 22, 2019 at 01:47:57PM +0100, Marc Zyngier wrote:
>> On 22/07/2019 12:25, Petr Mladek wrote:
>>> On Mon 2019-07-22 11:33:28, Marc Zyngier wrote:
>>>> printk currently relies on local_clock to time-stamp the kernel
>>>> messages. In order to allow the timestamping (and only that)
>>>> to be overridden by architecture-specific code, let's declare
>>>> a new timestamp_clock() function, which gets used by the printk
>>>> code. Architectures willing to make use of this facility will
>>>> have to define CONFIG_ARCH_HAS_TIMESTAMP_CLOCK.
>>>>
>>>> The default is of course to return local_clock(), so that the
>>>> existing behaviour stays unchanged.
>>>>
>>>> Signed-off-by: Marc Zyngier <marc.zyngier@....com>
>>>> ---
>>>>  include/linux/sched/clock.h | 13 +++++++++++++
>>>>  kernel/printk/printk.c      |  4 ++--
>>>>  2 files changed, 15 insertions(+), 2 deletions(-)
>>>>
>>>> diff --git a/include/linux/sched/clock.h b/include/linux/sched/clock.h
>>>> index 867d588314e0..3cf4b2a8ce18 100644
>>>> --- a/include/linux/sched/clock.h
>>>> +++ b/include/linux/sched/clock.h
>>>> @@ -98,4 +98,17 @@ static inline void enable_sched_clock_irqtime(void) {}
>>>>  static inline void disable_sched_clock_irqtime(void) {}
>>>>  #endif
>>>>  
>>>> +#ifdef CONFIG_ARCH_HAS_TIMESTAMP_CLOCK
>>>> +/* Special need architectures can provide their timestamping function */
>>>
>>> The commit message and the above comment should be more specific
>>> about what are the special needs.
>>>
>>> It must be clear how and why the clock differs from the other
>>> clocks, especially from lock_clock().
>>
>> Fair enough. How about something along the lines of:
>>
>> "An architecture can override the timestamp clock (which defaults to
>> local_clock) if local_clock is not significant early enough (sched_clock
>> being available too late)."
> 
> We have:
> 1) the standard clocksource
> 2) the sched_clock, which is _supposed_ to be initialised early
> 3) persistent_clock
> 
> Do we really need another clock?
> 
> Why not initialise sched_clock() early (as in, before sched_init(),
> which is where the first sched_clock() read occurs) ?

Because, as you hint at below, that's not generally possible if you need
to identify the system early enough to discover that you need to apply
an erratum workaround. If you init sched_clock() before you know what
you're running on, you may end-up with a clock that can jump in either
direction.

And while the first call to sched_clock happens pretty late, the
timestamping code uses it pretty early, via the local_clock() indirection.

> 
> We've already been around the argument that sched_clock() apparently
> can't be initialised early enough (which is the argument I had in reply
> to the sched_clock() situation on ARM32) then how does inventing
> timestamp_clock() solve this problem?

It allows the kernel message to be timestamped with a potentially
unreliable clock without breaking the promise that sched_clock() will
not go backward or otherwise behave erratically.

> Wouldn't timestamp_clock() also suffer from the very same "we can't
> initialise it early enough" issue, and it'll just be setup along side
> clocksources, just like sched_clock() has become?

At least on arm64, the architected counter is always available, and
doesn't require any setup (at least none by the time the kernel is booted).

> I fail to see what adding yet another architecture specific clock
> implementation buys, apart from yet more complexity.
> 

It buys us early timestamping without forcing us to deal with an
unreliable. The additional complexity looks pretty minimal to me, and no
other architecture is forced to use it.

	M.
-- 
Jazz is not dead. It just smells funny...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ