lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Zh6_d1T48qpANoCk@boqun-archlinux>
Date: Tue, 16 Apr 2024 11:12:07 -0700
From: Boqun Feng <boqun.feng@...il.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Mark Rutland <mark.rutland@....com>, rust-for-linux@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org,
	llvm@...ts.linux.dev, Miguel Ojeda <ojeda@...nel.org>,
	Alex Gaynor <alex.gaynor@...il.com>,
	Wedson Almeida Filho <wedsonaf@...il.com>,	Gary Guo <gary@...yguo.net>,
	"Bj\"orn Roy Baron" <bjorn3_gh@...tonmail.com>,
	Benno Lossin <benno.lossin@...ton.me>,
	Andreas Hindborg <a.hindborg@...sung.com>,
	Alice Ryhl <aliceryhl@...gle.com>,
	Alan Stern <stern@...land.harvard.edu>,
	Andrea Parri <parri.andrea@...il.com>,	Will Deacon <will@...nel.org>,
 Nicholas Piggin <npiggin@...il.com>,	David Howells <dhowells@...hat.com>,
	Jade Alglave <j.alglave@....ac.uk>,	Luc Maranget <luc.maranget@...ia.fr>,
	"Paul E. McKenney" <paulmck@...nel.org>,
	Akira Yokosawa <akiyks@...il.com>,	Daniel Lustig <dlustig@...dia.com>,
	Joel Fernandes <joel@...lfernandes.org>,
	Nathan Chancellor <nathan@...nel.org>,
	Nick Desaulniers <ndesaulniers@...gle.com>,	kent.overstreet@...il.com,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>, elver@...gle.com,
	Thomas Gleixner <tglx@...utronix.de>,	Ingo Molnar <mingo@...hat.com>,
 Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Catalin Marinas <catalin.marinas@....com>,	torvalds@...ux-foundation.org,
 linux-arm-kernel@...ts.infradead.org,	linux-fsdevel@...r.kernel.org
Subject: Re: [WIP 0/3] Memory model and atomic API in Rust

On Tue, Apr 09, 2024 at 12:50:15PM +0200, Peter Zijlstra wrote:
> On Mon, Mar 25, 2024 at 01:59:55PM -0700, Boqun Feng wrote:
> > On Mon, Mar 25, 2024 at 10:44:45AM +0000, Mark Rutland wrote:
> > [...]
> > > > 
> > > > * I choose to re-implement atomics in Rust `asm` because we are still
> > > >   figuring out how we can make it easy and maintainable for Rust to call
> > > >   a C function _inlinely_ (Gary makes some progress [2]). Otherwise,
> > > >   atomic primitives would be function calls, and that can be performance
> > > >   bottleneck in a few cases.
> > > 
> > > I don't think we want to maintain two copies of each architecture's atomics.
> > > This gets painful very quickly (e.g. as arm64's atomics get patched between
> > > LL/SC and LSE forms).
> > > 
> > 
> > No argument here ;-)
> 
> Didn't we talk about bindgen being able to convert inline C functions
> into equivalent inline Rust functions? ISTR that getting stuck on Rust

Yes, we did.

> not having a useful inline asm.
> 

Mostly two features were missing: 1) asm goto and 2) memory operands,
#1 gets implemented[1] by Gary, and should be available in Rust 1.78
(plan to release at May 2, 2024); For #2, my understanding is that
arch-specific effort is needed (since different architectures may have
different contraints on memory operands), I haven't yet found anyone is
working on this.

(background explanation for broader audience: in GCC's inline asm, you
can specify an memory location, other than a register location, as an
input or output of an asm block's operand[2], but current Rust inline
asm doesn't provide this functionality, by default, without option
"pure", "nomem", etc, every asm block in Rust can be thought as a C asm
block with "memory" clobber)

That being said, if you look at the link I shared or this gist from
Gary:

	https://gist.github.com/nbdd0121/d4bf7dd7f9b6d6b50fa18b1092f45a3c

there is another way (yeah, we probably also have discussed this
previously), basically what it does is compiling the functions in a C
file as LLVM IR, so that Rust can call these functions at LLVM IR level.
This in theory is doing some local LTO, and I've tested that it works
for asm blocks. We still need to tweak our build system to make this
work, but should it work, it would mean that Rust can call a C function
in a pretty efficient way.

> But fixing all that in a hurry seems like the much saner path forward.

So a sane plan to me is wiring our atomics into Rust functions via what
Mark has (i.e. starting off as FFI calls), then we can switch to the
"local LTO" approach when it's ready. In case that "local LTO" needs
more work and we do have performance need, we can always either 1)
manually implement some primitives in Rust asm, or 2) look into how
bindgen or other tools can translate simple C functions (asm blocks)
into Rust.

Regards,
Boqun

[1]: https://github.com/rust-lang/rust/pull/119365
[2]: https://gcc.gnu.org/onlinedocs/gcc/Simple-Constraints.html#index-m-in-constraint

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ