lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 May 2024 09:21:59 -0700
From: "Paul E. McKenney" <paulmck@...nel.org>
To: Leonardo Bras <leobras@...hat.com>
Cc: Sean Christopherson <seanjc@...gle.com>,
	Paolo Bonzini <pbonzini@...hat.com>,
	Frederic Weisbecker <frederic@...nel.org>,
	Neeraj Upadhyay <quic_neeraju@...cinc.com>,
	Joel Fernandes <joel@...lfernandes.org>,
	Josh Triplett <josh@...htriplett.org>,
	Boqun Feng <boqun.feng@...il.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	Lai Jiangshan <jiangshanlai@...il.com>,
	Zqiang <qiang.zhang1211@...il.com>,
	Marcelo Tosatti <mtosatti@...hat.com>, kvm@...r.kernel.org,
	linux-kernel@...r.kernel.org, rcu@...r.kernel.org
Subject: Re: [RFC PATCH v1 0/2] Avoid rcu_core() if CPU just left guest vcpu

On Fri, May 10, 2024 at 01:06:40PM -0300, Leonardo Bras wrote:
> On Thu, May 09, 2024 at 04:45:53PM -0700, Paul E. McKenney wrote:
> > On Thu, May 09, 2024 at 07:14:18AM -0300, Leonardo Bras wrote:
> > > On Thu, May 09, 2024 at 05:16:57AM -0300, Leonardo Bras wrote:
> > 
> > [ . . . ]
> > 
> > > > Here I suppose something like this can take care of not needing to convert 
> > > > ms -> jiffies every rcu_pending():
> > > > 
> > > > +	nocb_patience_delay = msecs_to_jiffies(nocb_patience_delay);
> > > > 
> > > 
> > > Uh, there is more to it, actually. We need to make sure the user 
> > > understands that we are rounding-down the value to multiple of a jiffy 
> > > period, so it's not a surprise if the delay value is not exactly the same 
> > > as the passed on kernel cmdline.
> > > 
> > > So something like bellow diff should be ok, as this behavior is explained 
> > > in the docs, and pr_info() will print the effective value.
> > > 
> > > What do you think?
> > 
> > Good point, and I have taken your advice on making the documentation
> > say what it does.
> 
> Thanks :)
> 
> > 
> > > Thanks!
> > > Leo
> > > 
> > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> > > index 0a3b0fd1910e..9a50be9fd9eb 100644
> > > --- a/Documentation/admin-guide/kernel-parameters.txt
> > > +++ b/Documentation/admin-guide/kernel-parameters.txt
> > > @@ -4974,20 +4974,28 @@
> > >                         otherwise be caused by callback floods through
> > >                         use of the ->nocb_bypass list.  However, in the
> > >                         common non-flooded case, RCU queues directly to
> > >                         the main ->cblist in order to avoid the extra
> > >                         overhead of the ->nocb_bypass list and its lock.
> > >                         But if there are too many callbacks queued during
> > >                         a single jiffy, RCU pre-queues the callbacks into
> > >                         the ->nocb_bypass queue.  The definition of "too
> > >                         many" is supplied by this kernel boot parameter.
> > >  
> > > +       rcutree.nocb_patience_delay= [KNL]
> > > +                       On callback-offloaded (rcu_nocbs) CPUs, avoid
> > > +                       disturbing RCU unless the grace period has
> > > +                       reached the specified age in milliseconds.
> > > +                       Defaults to zero.  Large values will be capped
> > > +                       at five seconds. Values rounded-down to a multiple
> > > +                       of a jiffy period.
> > > +
> > >         rcutree.qhimark= [KNL]
> > >                         Set threshold of queued RCU callbacks beyond which
> > >                         batch limiting is disabled.
> > >  
> > >         rcutree.qlowmark= [KNL]
> > >                         Set threshold of queued RCU callbacks below which
> > >                         batch limiting is re-enabled.
> > >  
> > >         rcutree.qovld= [KNL]
> > >                         Set threshold of queued RCU callbacks beyond which
> > > diff --git a/kernel/rcu/tree.h b/kernel/rcu/tree.h
> > > index fcf2b4aa3441..62ede401420f 100644
> > > --- a/kernel/rcu/tree.h
> > > +++ b/kernel/rcu/tree.h
> > > @@ -512,20 +512,21 @@ do {                                                              \
> > >         local_irq_save(flags);                                  \
> > >         if (rcu_segcblist_is_offloaded(&(rdp)->cblist)) \
> > >                 raw_spin_lock(&(rdp)->nocb_lock);               \
> > >  } while (0)
> > >  #else /* #ifdef CONFIG_RCU_NOCB_CPU */
> > >  #define rcu_nocb_lock_irqsave(rdp, flags) local_irq_save(flags)
> > >  #endif /* #else #ifdef CONFIG_RCU_NOCB_CPU */
> > >  
> > >  static void rcu_bind_gp_kthread(void);
> > >  static bool rcu_nohz_full_cpu(void);
> > > +static bool rcu_on_patience_delay(void);
> > 
> > I don't think we need an access function, but will check below.
> > 
> > >  /* Forward declarations for tree_stall.h */
> > >  static void record_gp_stall_check_time(void);
> > >  static void rcu_iw_handler(struct irq_work *iwp);
> > >  static void check_cpu_stall(struct rcu_data *rdp);
> > >  static void rcu_check_gp_start_stall(struct rcu_node *rnp, struct rcu_data *rdp,
> > >                                      const unsigned long gpssdelay);
> > >  
> > >  /* Forward declarations for tree_exp.h. */
> > >  static void sync_rcu_do_polled_gp(struct work_struct *wp);
> > > diff --git a/kernel/rcu/tree_plugin.h b/kernel/rcu/tree_plugin.h
> > > index 340bbefe5f65..639243b0410f 100644
> > > --- a/kernel/rcu/tree_plugin.h
> > > +++ b/kernel/rcu/tree_plugin.h
> > > @@ -5,20 +5,21 @@
> > >   * or preemptible semantics.
> > >   *
> > >   * Copyright Red Hat, 2009
> > >   * Copyright IBM Corporation, 2009
> > >   *
> > >   * Author: Ingo Molnar <mingo@...e.hu>
> > >   *        Paul E. McKenney <paulmck@...ux.ibm.com>
> > >   */
> > >  
> > >  #include "../locking/rtmutex_common.h"
> > > +#include <linux/jiffies.h>
> > 
> > This is already pulled in by the enclosing tree.c file, so it should not
> > be necessary to include it again. 
> 
> Even better :)
> 
> > (Or did you get a build failure when
> > leaving this out?)
> 
> I didn't, it's just that my editor complained the symbols were not getting 
> properly resolved, so I included it and it was fixed. But since clangd is 
> know to make some mistakes, I should have compile-test'd before adding it.

Ah, got it!  ;-)

> > >  static bool rcu_rdp_is_offloaded(struct rcu_data *rdp)
> > >  {
> > >         /*
> > >          * In order to read the offloaded state of an rdp in a safe
> > >          * and stable way and prevent from its value to be changed
> > >          * under us, we must either hold the barrier mutex, the cpu
> > >          * hotplug lock (read or write) or the nocb lock. Local
> > >          * non-preemptible reads are also safe. NOCB kthreads and
> > >          * timers have their own means of synchronization against the
> > > @@ -86,20 +87,33 @@ static void __init rcu_bootup_announce_oddness(void)
> > >         if (rcu_kick_kthreads)
> > >                 pr_info("\tKick kthreads if too-long grace period.\n");
> > >         if (IS_ENABLED(CONFIG_DEBUG_OBJECTS_RCU_HEAD))
> > >                 pr_info("\tRCU callback double-/use-after-free debug is enabled.\n");
> > >         if (gp_preinit_delay)
> > >                 pr_info("\tRCU debug GP pre-init slowdown %d jiffies.\n", gp_preinit_delay);
> > >         if (gp_init_delay)
> > >                 pr_info("\tRCU debug GP init slowdown %d jiffies.\n", gp_init_delay);
> > >         if (gp_cleanup_delay)
> > >                 pr_info("\tRCU debug GP cleanup slowdown %d jiffies.\n", gp_cleanup_delay);
> > > +       if (nocb_patience_delay < 0) {
> > > +               pr_info("\tRCU NOCB CPU patience negative (%d), resetting to zero.\n",
> > > +                       nocb_patience_delay);
> > > +               nocb_patience_delay = 0;
> > > +       } else if (nocb_patience_delay > 5 * MSEC_PER_SEC) {
> > > +               pr_info("\tRCU NOCB CPU patience too large (%d), resetting to %ld.\n",
> > > +                       nocb_patience_delay, 5 * MSEC_PER_SEC);
> > > +               nocb_patience_delay = msecs_to_jiffies(5 * MSEC_PER_SEC);
> > > +       } else if (nocb_patience_delay) {
> > > +               nocb_patience_delay = msecs_to_jiffies(nocb_patience_delay);
> > > +               pr_info("\tRCU NOCB CPU patience set to %d milliseconds.\n",
> > > +                       jiffies_to_msecs(nocb_patience_delay);
> > > +       }
> > 
> > I just did this here at the end:
> > 
> > 	nocb_patience_delay_jiffies = msecs_to_jiffies(nocb_patience_delay);
> > 
> > Ah, you are wanting to print out the milliseconds after the rounding
> > to jiffies.
> 
> That's right, just to make sure the user gets the effective patience time, 
> instead of the before-rounding one, which was on input.
> 
> > I am going to hold off on that for the moment, but I hear your request
> > and I have not yet said "no".  ;-)
> 
> Sure :)
> It's just something I think it's nice to have (as a user).

If you would like to do a separate patch adding this, here are the
requirements:

o	If the current code prints nothing, nothing additional should
	be printed.

o	If the rounding ended up with the same value (as it should in
	systems with HZ=1000), nothing additional should be printed.

o	Your choice as to whether or not you want to print out the
	jiffies value.

o	If the additional message is on a new line, it needs to be
	indented so that it is clear that it is subordinate to the
	previous message.

	Otherwise, you can use pr_cont() to continue the previous
	line, of course being careful about "\n".

Probably also something that I am forgetting, but that is most of it.

> > >         if (!use_softirq)
> > >                 pr_info("\tRCU_SOFTIRQ processing moved to rcuc kthreads.\n");
> > >         if (IS_ENABLED(CONFIG_RCU_EQS_DEBUG))
> > >                 pr_info("\tRCU debug extended QS entry/exit.\n");
> > >         rcupdate_announce_bootup_oddness();
> > >  }
> > >  
> > >  #ifdef CONFIG_PREEMPT_RCU
> > >  
> > >  static void rcu_report_exp_rnp(struct rcu_node *rnp, bool wake);
> > > @@ -1260,10 +1274,29 @@ static bool rcu_nohz_full_cpu(void)
> > >  
> > >  /*
> > >   * Bind the RCU grace-period kthreads to the housekeeping CPU.
> > >   */
> > >  static void rcu_bind_gp_kthread(void)
> > >  {
> > >         if (!tick_nohz_full_enabled())
> > >                 return;
> > >         housekeeping_affine(current, HK_TYPE_RCU);
> > >  }
> > > +
> > > +/*
> > > + * Is this CPU a NO_HZ_FULL CPU that should ignore RCU if the time since the
> > > + * start of current grace period is smaller than nocb_patience_delay ?
> > > + *
> > > + * This code relies on the fact that all NO_HZ_FULL CPUs are also
> > > + * RCU_NOCB_CPU CPUs.
> > > + */
> > > +static bool rcu_on_patience_delay(void)
> > > +{
> > > +#ifdef CONFIG_NO_HZ_FULL
> > 
> > You lost me on this one.  Why do we need the #ifdef instead of
> > IS_ENABLED()?  Also, please note that rcu_nohz_full_cpu() is already a
> > compile-time @false in CONFIG_NO_HZ_FULL=n kernels.
> 
> You are right. rcu_nohz_full_cpu() has a high chance of being inlined on
> 	if ((...) && rcu_nohz_full_cpu())
> And since it returns false, this whole statement will be compiled out, and 
> the new function will not exist in CONFIG_NO_HZ_FULL=n, so there  is no 
> need to test it.

Very good!  You had me going there for a bit.  ;-)

> > > +       if (!nocb_patience_delay)
> > > +               return false;
> > 
> > We get this automatically with the comparison below, right?
> 
> Right
> 
> >   If so, we
> > are not gaining much by creating the helper function.  Or am I missing
> > some trick here?
> 
> Well, it's a fastpath. Up to here, we just need to read 
> nocb_patience_delay{,_jiffies} from memory.

Just nocb_patience_delay_jiffies, correct?  Unless I am missing something,
nocb_patience_delay is unused after boot.

> If we don't include the fastpath we have to read jiffies and 
> rcu_state.gp_start, which can take extra time: up to 2 cache misses.
> 
> I thought it could be relevant, as we reduce the overhead of the new 
> parameter when it's disabled (patience=0). 
> 
> Do you think that could be relevant?

Well, the hardware's opinion is what matters.  ;-)

But the caller's code path reads jiffies a few times, so it should
be hot in the cache, correct?

But that does lead to another topic, namely the possibility of tagging
nocb_patience_delay_jiffies with __read_mostly.  And there might be
a number of other of RCU's variables that could be similarly tagged
in order to avoid false sharing.  (But is there any false sharing?
This might be worth testing.)

							Thanx, Paul

> Thanks!
> Leo
> 
> > 
> > 							Thanx, Paul
> > 
> > > +       if (time_before(jiffies, READ_ONCE(rcu_state.gp_start) + nocb_patience_delay))
> > > +               return true;
> > > +#endif /* #ifdef CONFIG_NO_HZ_FULL */
> > > +       return false;
> > > +}
> > > diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c
> > > index 7560e204198b..7a2d94370ab4 100644
> > > --- a/kernel/rcu/tree.c
> > > +++ b/kernel/rcu/tree.c
> > > @@ -169,20 +169,22 @@ static int kthread_prio = IS_ENABLED(CONFIG_RCU_BOOST) ? 1 : 0;
> > >  module_param(kthread_prio, int, 0444);
> > >  
> > >  /* Delay in jiffies for grace-period initialization delays, debug only. */
> > >  
> > >  static int gp_preinit_delay;
> > >  module_param(gp_preinit_delay, int, 0444);
> > >  static int gp_init_delay;
> > >  module_param(gp_init_delay, int, 0444);
> > >  static int gp_cleanup_delay;
> > >  module_param(gp_cleanup_delay, int, 0444);
> > > +static int nocb_patience_delay;
> > > +module_param(nocb_patience_delay, int, 0444);
> > >  
> > >  // Add delay to rcu_read_unlock() for strict grace periods.
> > >  static int rcu_unlock_delay;
> > >  #ifdef CONFIG_RCU_STRICT_GRACE_PERIOD
> > >  module_param(rcu_unlock_delay, int, 0444);
> > >  #endif
> > >  
> > >  /*
> > >   * This rcu parameter is runtime-read-only. It reflects
> > >   * a minimum allowed number of objects which can be cached
> > > @@ -4340,25 +4342,27 @@ static int rcu_pending(int user)
> > >         lockdep_assert_irqs_disabled();
> > >  
> > >         /* Check for CPU stalls, if enabled. */
> > >         check_cpu_stall(rdp);
> > >  
> > >         /* Does this CPU need a deferred NOCB wakeup? */
> > >         if (rcu_nocb_need_deferred_wakeup(rdp, RCU_NOCB_WAKE))
> > >                 return 1;
> > >  
> > >         /* Is this a nohz_full CPU in userspace or idle?  (Ignore RCU if so.) */
> > > -       if ((user || rcu_is_cpu_rrupt_from_idle()) && rcu_nohz_full_cpu())
> > > +       gp_in_progress = rcu_gp_in_progress();
> > > +       if ((user || rcu_is_cpu_rrupt_from_idle() ||
> > > +            (gp_in_progress && rcu_on_patience_delay())) &&
> > > +           rcu_nohz_full_cpu())
> > >                 return 0;
> > >  
> > >         /* Is the RCU core waiting for a quiescent state from this CPU? */
> > > -       gp_in_progress = rcu_gp_in_progress();
> > >         if (rdp->core_needs_qs && !rdp->cpu_no_qs.b.norm && gp_in_progress)
> > >                 return 1;
> > >  
> > >         /* Does this CPU have callbacks ready to invoke? */
> > >         if (!rcu_rdp_is_offloaded(rdp) &&
> > >             rcu_segcblist_ready_cbs(&rdp->cblist))
> > >                 return 1;
> > >  
> > >         /* Has RCU gone idle with this CPU needing another grace period? */
> > >         if (!gp_in_progress && rcu_segcblist_is_enabled(&rdp->cblist) &&
> > > 
> > > 
> > > 
> > 
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ