| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200720020731.GQ5369@dread.disaster.area>
Date: Mon, 20 Jul 2020 12:07:31 +1000
From: Dave Chinner <david@...morbit.com>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Matthew Wilcox <willy@...radead.org>, linux-kernel@...r.kernel.org,
linux-arch@...r.kernel.org,
"Paul E . McKenney" <paulmck@...nel.org>,
linux-fsdevel@...r.kernel.org, Akira Yokosawa <akiyks@...il.com>,
Alan Stern <stern@...land.harvard.edu>,
Andrea Parri <parri.andrea@...il.com>,
Boqun Feng <boqun.feng@...il.com>,
Daniel Lustig <dlustig@...dia.com>,
"Darrick J . Wong" <darrick.wong@...cle.com>,
David Howells <dhowells@...hat.com>,
Jade Alglave <j.alglave@....ac.uk>,
Luc Maranget <luc.maranget@...ia.fr>,
Nicholas Piggin <npiggin@...il.com>,
Peter Zijlstra <peterz@...radead.org>,
Will Deacon <will@...nel.org>
Subject: Re: [PATCH] tools/memory-model: document the "one-time init" pattern
On Fri, Jul 17, 2020 at 10:28:18PM -0700, Eric Biggers wrote:
> What do people think about the following instead? (Not proofread / tested yet,
> so please comment on the high-level approach, not minor mistakes :-) )
No huge long macros, please.
We don't accept people writing long complex static inline functions,
so for the same reasons it is not acceptable to write long complex
macros. Especially ones that use variable arguments and embed
invisible locking within them.
The whole serialisation/atomic/ordering APIs have fallen badly off
the macro cliff, to the point where finding out something as simple
as the order of parameters passed to cmpxchg and what semantics it
provides requires macro-spelunking 5 layers deep to find the generic
implementation function that contains a comment describing what it
does....
That's yet another barrier to understanding what all the different
synchronisation primitives do.
....
> In the fs/direct-io.c case we'd use:
>
> int sb_init_dio_done_wq(struct super_block *sb)
> {
> static DEFINE_MUTEX(sb_init_dio_done_mutex);
>
> return INIT_ONCE_PTR(&sb->s_dio_done_wq, &sb_init_dio_done_mutex,
> alloc_workqueue,
> "dio/%s", WQ_MEM_RECLAIM, 0, sb->s_id);
> }
Yeah, that's pretty horrible...
I *much* prefer an API like Willy's suggested to somethign like
this. Just because you can hide all sorts of stuff in macros doesn't
mean you should.
> The only part I really don't like is the way arguments are passed to the
> alloc_func. We could also make it work like the following, though it would
> break the usual rules since it looks like the function call is always executed,
> but it's not:
>
> return INIT_ONCE_PTR(&sb->s_dio_done_wq, &sb_init_dio_done_mutex,
> alloc_workqueue("dio/%s", WQ_MEM_RECLAIM, 0,
> sb->s_id));
Yeah, that's even worse. Code that does not do what it looks like it
should needs to be nuked from orbit.
Cheers,
Dave.
--
Dave Chinner
david@...morbit.com
Powered by blists - more mailing lists