lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <65c16b16de625_d4122941c@dwillia2-mobl3.amr.corp.intel.com.notmuch>
Date: Mon, 5 Feb 2024 15:11:19 -0800
From: Dan Williams <dan.j.williams@...el.com>
To: Ira Weiny <ira.weiny@...el.com>, Dan Williams <dan.j.williams@...el.com>,
	"Fabio M. De Francesco" <fabio.maria.de.francesco@...ux.intel.com>, "Peter
 Zijlstra" <peterz@...radead.org>, <linux-kernel@...r.kernel.org>
CC: <linux-cxl@...r.kernel.org>, Ingo Molnar <mingo@...nel.org>, "Jonathan
 Cameron" <Jonathan.Cameron@...wei.com>, "Fabio M. De Francesco"
	<fabio.maria.de.francesco@...ux.intel.com>, Ira Weiny <ira.weiny@...el.com>
Subject: RE: [PATCH 1/2 v2] cleanup: Add cond_guard() to conditional guards

Ira Weiny wrote:
> Dan Williams wrote:
> > Fabio M. De Francesco wrote:
> > > Add cond_guard() macro to conditional guards.
> > > 
> > > cond_guard() is a guard to be used with the conditional variants of locks,
> > > like down_read_trylock() or mutex_lock_interruptible().
> > > 
> > > It takes a statement (or more statements in a block) that is passed to its
> > > second argument. That statement (or block) is executed if waiting for a
> > > lock is interrupted or if a _trylock() fails in case of contention.
> > > 
> > > Usage example:
> > > 
> > > 	cond_guard(rwsem_read_try, { printk(...); return 0; }, &semaphore);
> > > 
> > > Consistently with the other guards, locks are unlocked at the exit of the
> > > scope where cond_guard() is called.
> > > 
> > > Cc: Peter Zijlstra <peterz@...radead.org>
> > > Suggested-by: Dan Williams <dan.j.williams@...el.com>
> > > Suggested-by: Ira Weiny <ira.weiny@...el.com>
> > > Signed-off-by: Fabio M. De Francesco <fabio.maria.de.francesco@...ux.intel.com>
> > > ---
> > >  include/linux/cleanup.h | 14 ++++++++++++++
> > >  1 file changed, 14 insertions(+)
> > > 
> > > diff --git a/include/linux/cleanup.h b/include/linux/cleanup.h
> > > index c2d09bc4f976..88af56600325 100644
> > > --- a/include/linux/cleanup.h
> > > +++ b/include/linux/cleanup.h
> > > @@ -134,6 +134,16 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \
> > >   *	an anonymous instance of the (guard) class, not recommended for
> > >   *	conditional locks.
> > >   *
> > > + * cond_guard(name, fail, args...):
> > > + *	a guard to be used with the conditional variants of locks, like
> > > + *	down_read_trylock() or mutex_lock_interruptible. 'fail' are one or more
> > > + *	statements that are executed when waiting for a lock is interrupted or
> > > + *	when a _trylock() fails in case of contention.
> > > + *
> > > + *	Example:
> > > + *
> > > + *		cond_guard(rwsem_read_try, { printk(...); return 0; }, &semaphore);
> > 
> > That _fail argument likely needs to be a statement expression for the
> > multi-statement case.
> 
> You mean ({ ... }) as discussed here?
> 
> https://lore.kernel.org/all/65c1578c76def_37447929456@iweiny-mobl.notmuch/

Yes.

> > > + *
> > >   * scoped_guard (name, args...) { }:
> > >   *	similar to CLASS(name, scope)(args), except the variable (with the
> > >   *	explicit name 'scope') is declard in a for-loop such that its scope is
> > > @@ -165,6 +175,10 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \
> > >  
> > >  #define __guard_ptr(_name) class_##_name##_lock_ptr
> > >  
> > > +#define cond_guard(_name, _fail, args...) \
> > > +	CLASS(_name, scope)(args); \
> > > +	if (!__guard_ptr(_name)(&scope)) _fail
> > 
> > No, as I stated before this is broken for usages of:
> > 
> >     if () cond_guard() else if ()
> > 
> > The 'else' in the definition is critical, this builds for me (untested):
> 
> I did not test Fabios work directly but I don't understand this example.
> It seems like your suggestion does nothing useful.  The cond_guard()
> becomes a single statement like...
> 
> 	if ()
> 		cond_guard();
> 	else ...
> 
> ... And can't protect anything.

A sequence to acquire and drop a lock is sometimes a barrier semantic.
Is it typical, no, is it possible, yes. I otherwise do not understand
the need to include the subtle side effect.

> cond_guard() as defined, the ';' must be used as part of cond_guard() and
> should complete the internal macro 'if' statement.
> 
> I think this would work:
> 
> 	if () {
> 		cond_guard();
> 		... do locked stuff ...
> 	} else ...
> 
> > 
> > diff --git a/include/linux/cleanup.h b/include/linux/cleanup.h
> > index 88af56600325..665407498781 100644
> > --- a/include/linux/cleanup.h
> > +++ b/include/linux/cleanup.h
> > @@ -142,7 +142,7 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \
> >   *
> >   *	Example:
> >   *
> > - *		cond_guard(rwsem_read_try, { printk(...); return 0; }, &semaphore);
> > + *		cond_guard(rwsem_read_try, ({ printk(...); return 0; }), &semaphore);
> >   *
> >   * scoped_guard (name, args...) { }:
> >   *	similar to CLASS(name, scope)(args), except the variable (with the
> > @@ -177,7 +177,8 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \
> >  
> >  #define cond_guard(_name, _fail, args...) \
> >  	CLASS(_name, scope)(args); \
> > -	if (!__guard_ptr(_name)(&scope)) _fail
> > +	if (!__guard_ptr(_name)(&scope)) _fail; \
> 
> Building on what I found for scoped_cond_guard() this should be
> 
> > +	if (!__guard_ptr(_name)(&scope)) { _fail; }

That's still a dangling if () statement.

> 
> And drop the else.  The else needs to clearly be part of an outside if in
> your example.

Please just rely on a statement-expression for the odd multi-statement _fail
use case and include the else in the definition to remove any room for
confusion.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ