lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200227132836.GB161459@google.com>
Date:   Thu, 27 Feb 2020 08:28:36 -0500
From:   Joel Fernandes <joel@...lfernandes.org>
To:     Aman Sharma <amanharitsh123@...il.com>
Cc:     linux-kernel-mentees@...ts.linuxfoundation.org,
        "Paul E. McKenney" <paulmck@...nel.org>,
        Josh Triplett <josh@...htriplett.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
        Lai Jiangshan <jiangshanlai@...il.com>,
        Jonathan Corbet <corbet@....net>, rcu@...r.kernel.org,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [Linux-kernel-mentees] [PATCH] doc: Convert rculist_nulls.txt to
 rculist_nulls.rst

On Thu, Feb 27, 2020 at 04:14:46PM +0530, Aman Sharma wrote:
> This patch converts rculist_nulls from .txt to .rst format, and also adds
> it to the index.rst file.

When posting such patches, could you clarify what has changed during the
conversion when you write the commit message?

thanks,

 - Joel


> Signed-off-by: Aman Sharma <amanharitsh123@...il.com>
> ---
>  Documentation/RCU/index.rst         |   1 +
>  Documentation/RCU/rculist_nulls.rst | 179 ++++++++++++++++++++++++++++
>  Documentation/RCU/rculist_nulls.txt | 172 --------------------------
>  3 files changed, 180 insertions(+), 172 deletions(-)
>  create mode 100644 Documentation/RCU/rculist_nulls.rst
>  delete mode 100644 Documentation/RCU/rculist_nulls.txt
> 
> diff --git a/Documentation/RCU/index.rst b/Documentation/RCU/index.rst
> index d60eb4ba2cd0..2cf55bd141b3 100644
> --- a/Documentation/RCU/index.rst
> +++ b/Documentation/RCU/index.rst
> @@ -10,6 +10,7 @@ RCU concepts
>     arrayRCU
>     rcubarrier
>     rcu_dereference
> +   rculist_nulls
>     checklist
>     whatisRCU
>     rcu
> diff --git a/Documentation/RCU/rculist_nulls.rst b/Documentation/RCU/rculist_nulls.rst
> new file mode 100644
> index 000000000000..8e04de44fe3d
> --- /dev/null
> +++ b/Documentation/RCU/rculist_nulls.rst
> @@ -0,0 +1,179 @@
> +.. _rculist_nulls_doc:
> +
> +Using hlist_nulls to protect read-mostly linked lists and objects using SLAB_TYPESAFE_BY_RCU allocations.
> +=========================================================================================================
> +
> +Please read the basics in Documentation/RCU/listRCU.rst
> +
> +Using special makers (called 'nulls') is a convenient way
> +to solve following problem :
> +
> +A typical RCU linked list managing objects which are
> +allocated with SLAB_TYPESAFE_BY_RCU kmem_cache can
> +use following algos :
> +
> +1. Lookup algo
> +--------------
> +::
> +
> +   rcu_read_lock()
> +   begin:
> +   obj = lockless_lookup(key);
> +   if (obj) {
> +   if (!try_get_ref(obj)) // might fail for free objects
> +      goto begin;
> +   /*
> +      * Because a writer could delete object, and a writer could
> +      * reuse these object before the RCU grace period, we
> +      * must check key after getting the reference on object
> +      */
> +   if (obj->key != key) { // not the object we expected
> +      put_ref(obj);
> +      goto begin;
> +      }
> +   }
> +   rcu_read_unlock();
> +
> +Beware that lockless_lookup(key) cannot use traditional hlist_for_each_entry_rcu()
> +but a version with an additional memory barrier (smp_rmb()) ::
> +
> +   lockless_lookup(key)
> +   {
> +      struct hlist_node *node, *next;
> +      for (pos = rcu_dereference((head)->first);
> +            pos && ({ next = pos->next; smp_rmb(); prefetch(next); 1; }) &&
> +            ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; });
> +            pos = rcu_dereference(next))
> +         if (obj->key == key)
> +            return obj;
> +      return NULL;
> +
> +And note the traditional hlist_for_each_entry_rcu() misses this smp_rmb() ::
> +
> +   struct hlist_node *node;
> +   for (pos = rcu_dereference((head)->first);
> +		pos && ({ prefetch(pos->next); 1; }) &&
> +		({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; });
> +		pos = rcu_dereference(pos->next))
> +      if (obj->key == key)
> +         return obj;
> +   return NULL;
> +}
> +
> +Quoting Corey Minyard :
> +
> +"If the object is moved from one list to another list in-between the
> + time the hash is calculated and the next field is accessed, and the
> + object has moved to the end of a new list, the traversal will not
> + complete properly on the list it should have, since the object will
> + be on the end of the new list and there's not a way to tell it's on a
> + new list and restart the list traversal.  I think that this can be
> + solved by pre-fetching the "next" field (with proper barriers) before
> + checking the key."
> +
> +2. Insert algo
> +----------------
> +
> +We need to make sure a reader cannot read the new 'obj->obj_next' value
> +and previous value of 'obj->key'. Or else, an item could be deleted
> +from a chain, and inserted into another chain. If new chain was empty
> +before the move, 'next' pointer is NULL, and lockless reader can
> +not detect it missed following items in original chain ::
> +
> +   /*
> +   * Please note that new inserts are done at the head of list,
> +   * not in the middle or end.
> +   */
> +   obj = kmem_cache_alloc(...);
> +   lock_chain(); // typically a spin_lock()
> +   obj->key = key;
> +   /*
> +   * we need to make sure obj->key is updated before obj->next
> +   * or obj->refcnt
> +   */
> +   smp_wmb();
> +   atomic_set(&obj->refcnt, 1);
> +   hlist_add_head_rcu(&obj->obj_node, list);
> +   unlock_chain(); // typically a spin_unlock()
> +
> +
> +3. Remove algo
> +--------------
> +Nothing special here, we can use a standard RCU hlist deletion.
> +But thanks to SLAB_TYPESAFE_BY_RCU, beware a deleted object can be reused
> +very very fast (before the end of RCU grace period) ::
> +
> +   if (put_last_reference_on(obj) {
> +      lock_chain(); // typically a spin_lock()
> +      hlist_del_init_rcu(&obj->obj_node);
> +      unlock_chain(); // typically a spin_unlock()
> +      kmem_cache_free(cachep, obj);
> +   }
> +
> +
> +
> +With hlist_nulls we can avoid extra smp_rmb() in lockless_lookup()
> +and extra smp_wmb() in insert function.
> +
> +For example, if we choose to store the slot number as the 'nulls'
> +end-of-list marker for each slot of the hash table, we can detect
> +a race (some writer did a delete and/or a move of an object
> +to another chain) checking the final 'nulls' value if
> +the lookup met the end of chain. If final 'nulls' value
> +is not the slot number, then we must restart the lookup at
> +the beginning. If the object was moved to the same chain,
> +then the reader doesn't care : It might eventually
> +scan the list again without harm.
> +
> +
> +1. lookup algo
> +--------------
> +::
> +
> +   head = &table[slot];
> +   rcu_read_lock();
> +   begin:
> +   hlist_nulls_for_each_entry_rcu(obj, node, head, member) {
> +      if (obj->key == key) {
> +         if (!try_get_ref(obj)) // might fail for free objects
> +            goto begin;
> +         if (obj->key != key) { // not the object we expected
> +            put_ref(obj);
> +            goto begin;
> +         }
> +   goto out;
> +   }
> +   /*
> +   * if the nulls value we got at the end of this lookup is
> +   * not the expected one, we must restart lookup.
> +   * We probably met an item that was moved to another chain.
> +   */
> +   if (get_nulls_value(node) != slot)
> +      goto begin;
> +   obj = NULL;
> +
> +   out:
> +   rcu_read_unlock();
> +
> +2. Insert function
> +------------------
> +
> +::
> +
> +   /*
> +   * Please note that new inserts are done at the head of list,
> +   * not in the middle or end.
> +   */
> +   obj = kmem_cache_alloc(cachep);
> +   lock_chain(); // typically a spin_lock()
> +   obj->key = key;
> +   /*
> +   * changes to obj->key must be visible before refcnt one
> +   */
> +   smp_wmb();
> +   atomic_set(&obj->refcnt, 1);
> +   /*
> +   * insert obj in RCU way (readers might be traversing chain)
> +   */
> +   hlist_nulls_add_head_rcu(&obj->obj_node, list);
> +   unlock_chain(); // typically a spin_unlock()
> diff --git a/Documentation/RCU/rculist_nulls.txt b/Documentation/RCU/rculist_nulls.txt
> deleted file mode 100644
> index 23f115dc87cf..000000000000
> --- a/Documentation/RCU/rculist_nulls.txt
> +++ /dev/null
> @@ -1,172 +0,0 @@
> -Using hlist_nulls to protect read-mostly linked lists and
> -objects using SLAB_TYPESAFE_BY_RCU allocations.
> -
> -Please read the basics in Documentation/RCU/listRCU.rst
> -
> -Using special makers (called 'nulls') is a convenient way
> -to solve following problem :
> -
> -A typical RCU linked list managing objects which are
> -allocated with SLAB_TYPESAFE_BY_RCU kmem_cache can
> -use following algos :
> -
> -1) Lookup algo
> ---------------
> -rcu_read_lock()
> -begin:
> -obj = lockless_lookup(key);
> -if (obj) {
> -  if (!try_get_ref(obj)) // might fail for free objects
> -    goto begin;
> -  /*
> -   * Because a writer could delete object, and a writer could
> -   * reuse these object before the RCU grace period, we
> -   * must check key after getting the reference on object
> -   */
> -  if (obj->key != key) { // not the object we expected
> -     put_ref(obj);
> -     goto begin;
> -   }
> -}
> -rcu_read_unlock();
> -
> -Beware that lockless_lookup(key) cannot use traditional hlist_for_each_entry_rcu()
> -but a version with an additional memory barrier (smp_rmb())
> -
> -lockless_lookup(key)
> -{
> -   struct hlist_node *node, *next;
> -   for (pos = rcu_dereference((head)->first);
> -          pos && ({ next = pos->next; smp_rmb(); prefetch(next); 1; }) &&
> -          ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; });
> -          pos = rcu_dereference(next))
> -      if (obj->key == key)
> -         return obj;
> -   return NULL;
> -
> -And note the traditional hlist_for_each_entry_rcu() misses this smp_rmb() :
> -
> -   struct hlist_node *node;
> -   for (pos = rcu_dereference((head)->first);
> -		pos && ({ prefetch(pos->next); 1; }) &&
> -		({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; });
> -		pos = rcu_dereference(pos->next))
> -      if (obj->key == key)
> -         return obj;
> -   return NULL;
> -}
> -
> -Quoting Corey Minyard :
> -
> -"If the object is moved from one list to another list in-between the
> - time the hash is calculated and the next field is accessed, and the
> - object has moved to the end of a new list, the traversal will not
> - complete properly on the list it should have, since the object will
> - be on the end of the new list and there's not a way to tell it's on a
> - new list and restart the list traversal.  I think that this can be
> - solved by pre-fetching the "next" field (with proper barriers) before
> - checking the key."
> -
> -2) Insert algo :
> -----------------
> -
> -We need to make sure a reader cannot read the new 'obj->obj_next' value
> -and previous value of 'obj->key'. Or else, an item could be deleted
> -from a chain, and inserted into another chain. If new chain was empty
> -before the move, 'next' pointer is NULL, and lockless reader can
> -not detect it missed following items in original chain.
> -
> -/*
> - * Please note that new inserts are done at the head of list,
> - * not in the middle or end.
> - */
> -obj = kmem_cache_alloc(...);
> -lock_chain(); // typically a spin_lock()
> -obj->key = key;
> -/*
> - * we need to make sure obj->key is updated before obj->next
> - * or obj->refcnt
> - */
> -smp_wmb();
> -atomic_set(&obj->refcnt, 1);
> -hlist_add_head_rcu(&obj->obj_node, list);
> -unlock_chain(); // typically a spin_unlock()
> -
> -
> -3) Remove algo
> ---------------
> -Nothing special here, we can use a standard RCU hlist deletion.
> -But thanks to SLAB_TYPESAFE_BY_RCU, beware a deleted object can be reused
> -very very fast (before the end of RCU grace period)
> -
> -if (put_last_reference_on(obj) {
> -   lock_chain(); // typically a spin_lock()
> -   hlist_del_init_rcu(&obj->obj_node);
> -   unlock_chain(); // typically a spin_unlock()
> -   kmem_cache_free(cachep, obj);
> -}
> -
> -
> -
> ---------------------------------------------------------------------------
> -With hlist_nulls we can avoid extra smp_rmb() in lockless_lookup()
> -and extra smp_wmb() in insert function.
> -
> -For example, if we choose to store the slot number as the 'nulls'
> -end-of-list marker for each slot of the hash table, we can detect
> -a race (some writer did a delete and/or a move of an object
> -to another chain) checking the final 'nulls' value if
> -the lookup met the end of chain. If final 'nulls' value
> -is not the slot number, then we must restart the lookup at
> -the beginning. If the object was moved to the same chain,
> -then the reader doesn't care : It might eventually
> -scan the list again without harm.
> -
> -
> -1) lookup algo
> -
> - head = &table[slot];
> - rcu_read_lock();
> -begin:
> - hlist_nulls_for_each_entry_rcu(obj, node, head, member) {
> -   if (obj->key == key) {
> -      if (!try_get_ref(obj)) // might fail for free objects
> -         goto begin;
> -      if (obj->key != key) { // not the object we expected
> -         put_ref(obj);
> -         goto begin;
> -      }
> -  goto out;
> - }
> -/*
> - * if the nulls value we got at the end of this lookup is
> - * not the expected one, we must restart lookup.
> - * We probably met an item that was moved to another chain.
> - */
> - if (get_nulls_value(node) != slot)
> -   goto begin;
> - obj = NULL;
> -
> -out:
> - rcu_read_unlock();
> -
> -2) Insert function :
> ---------------------
> -
> -/*
> - * Please note that new inserts are done at the head of list,
> - * not in the middle or end.
> - */
> -obj = kmem_cache_alloc(cachep);
> -lock_chain(); // typically a spin_lock()
> -obj->key = key;
> -/*
> - * changes to obj->key must be visible before refcnt one
> - */
> -smp_wmb();
> -atomic_set(&obj->refcnt, 1);
> -/*
> - * insert obj in RCU way (readers might be traversing chain)
> - */
> -hlist_nulls_add_head_rcu(&obj->obj_node, list);
> -unlock_chain(); // typically a spin_unlock()
> -- 
> 2.20.1
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ