lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Oct 2022 15:50:17 +0200
From:   Vlastimil Babka <vbabka@...e.cz>
To:     paulmck@...nel.org, Christoph Lameter <cl@...two.de>
Cc:     rcu@...r.kernel.org, linux-kernel@...r.kernel.org,
        kernel-team@...com, rostedt@...dmis.org,
        Pekka Enberg <penberg@...nel.org>,
        David Rientjes <rientjes@...gle.com>,
        Joonsoo Kim <iamjoonsoo.kim@....com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Roman Gushchin <roman.gushchin@...ux.dev>,
        Hyeonggon Yoo <42.hyeyoo@...il.com>, linux-mm@...ck.org
Subject: Re: [PATCH rcu 5/8] slab: Explain why SLAB_DESTROY_BY_RCU reference
 before locking

On 10/21/22 15:43, Paul E. McKenney wrote:
> On Fri, Oct 21, 2022 at 09:44:23AM +0200, Christoph Lameter wrote:
>> On Wed, 19 Oct 2022, Paul E. McKenney wrote:
>> 
>> > It is not obvious to the casual user why it is absolutely necessary to
>> > acquire a reference to a SLAB_DESTROY_BY_RCU structure before acquiring
>> > a lock in that structure.  Therefore, add a comment explaining this point.
>> 
>> Sorry but this is not correct and difficult to comprehend.
>> 
>> 1. You do not need a reference to a slab object after it was allocated.
>>    Objects must be properly protected by rcu_locks.
>> 
>> 2. Locks are initialized once on slab allocation via a constructor (*not* on object allocation via kmem_cache_alloc)
>> 
>> 3. Modifying locks at allocation/free is not possible since references to
>>    these objects may still persist after free and before alloc.
>> 
>> 4. The old term SLAB_DESTROY_BY_RCU is used here.
> 
> Thank you for looking this over, but Vlastimil beat you to it.  How does
> the update below look?

LGTM.

> 							Thanx, Paul
> 
> ------------------------------------------------------------------------
> 
> commit ff4c536e6b44e2e185e38c3653851f92e07139da
> Author: Paul E. McKenney <paulmck@...nel.org>
> Date:   Mon Sep 26 08:57:56 2022 -0700
> 
>     slab: Explain why SLAB_TYPESAFE_BY_RCU reference before locking
>     
>     It is not obvious to the casual user why it is absolutely necessary to
>     acquire a reference to a SLAB_TYPESAFE_BY_RCU structure before acquiring
>     a lock in that structure.  Therefore, add a comment explaining this point.
>     
>     [ paulmck: Apply Vlastimil Babka feedback. ]
>     
>     Signed-off-by: Paul E. McKenney <paulmck@...nel.org>

Acked-by: Vlastimil Babka <vbabka@...e.cz>

>     Cc: Christoph Lameter <cl@...ux.com>
>     Cc: Pekka Enberg <penberg@...nel.org>
>     Cc: David Rientjes <rientjes@...gle.com>
>     Cc: Joonsoo Kim <iamjoonsoo.kim@....com>
>     Cc: Andrew Morton <akpm@...ux-foundation.org>
>     Cc: Vlastimil Babka <vbabka@...e.cz>
>     Cc: Roman Gushchin <roman.gushchin@...ux.dev>
>     Cc: Hyeonggon Yoo <42.hyeyoo@...il.com>
>     Cc: <linux-mm@...ck.org>
> 
> diff --git a/include/linux/slab.h b/include/linux/slab.h
> index 90877fcde70bd..487418c7ea8cd 100644
> --- a/include/linux/slab.h
> +++ b/include/linux/slab.h
> @@ -76,6 +76,17 @@
>   * rcu_read_lock before reading the address, then rcu_read_unlock after
>   * taking the spinlock within the structure expected at that address.
>   *
> + * Note that it is not possible to acquire a lock within a structure
> + * allocated with SLAB_TYPESAFE_BY_RCU without first acquiring a reference
> + * as described above.  The reason is that SLAB_TYPESAFE_BY_RCU pages
> + * are not zeroed before being given to the slab, which means that any
> + * locks must be initialized after each and every kmem_struct_alloc().
> + * Alternatively, make the ctor passed to kmem_cache_create() initialize
> + * the locks at page-allocation time, as is done in __i915_request_ctor(),
> + * sighand_ctor(), and anon_vma_ctor().  Such a ctor permits readers
> + * to safely acquire those ctor-initialized locks under rcu_read_lock()
> + * protection.
> + *
>   * Note that SLAB_TYPESAFE_BY_RCU was originally named SLAB_DESTROY_BY_RCU.
>   */
>  /* Defer freeing slabs to RCU */

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ