lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ZuhKFxEVDtzoZEbw@phenom.ffwll.local>
Date: Mon, 16 Sep 2024 17:09:11 +0200
From: Simona Vetter <simona.vetter@...ll.ch>
To: Benno Lossin <benno.lossin@...ton.me>
Cc: Alice Ryhl <aliceryhl@...gle.com>, Miguel Ojeda <ojeda@...nel.org>,
	Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
	Björn Roy Baron <bjorn3_gh@...tonmail.com>,
	Andreas Hindborg <a.hindborg@...sung.com>,
	rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3] rust: add global lock support

On Fri, Sep 13, 2024 at 04:52:02PM +0000, Benno Lossin wrote:
> On 13.09.24 18:10, Alice Ryhl wrote:
> > On Fri, Sep 13, 2024 at 6:02 PM Simona Vetter <simona.vetter@...ll.ch> wrote:
> >> On Tue, Sep 10, 2024 at 02:23:34PM +0000, Alice Ryhl wrote:
> >>> Add support for creating global variables that are wrapped in a mutex or
> >>> spinlock. Optionally, the macro can generate a special LockedBy type
> >>> that does not require a runtime check.
> >>>
> >>> The implementation here is intended to replace the global mutex
> >>> workaround found in the Rust Binder RFC [1]. In both cases, the global
> >>> lock must be initialized before first use. The macro is unsafe to use
> >>> for the same reason.
> >>>
> >>> The separate initialization step is required because bindgen refuses to
> >>> expose __ARCH_SPIN_LOCK_UNLOCKED to Rust as a compile-time constant. It
> >>> just generates an `extern "C"` global reference instead. In the future,
> >>> we could expose the value of __ARCH_SPIN_LOCK_UNLOCKED to Rust in a way
> >>> that Rust can understand. This would remove the need for a separate
> >>> initialization step.
> >>
> >> Yeah it's just a raw C struct initializer, I wouldn't even know how to
> >> move that to rust.
> >>
> >> An absolute horrible idea, and I didn't try whether it's even possible:
> >> - put all the global locks of a type into a special linker section (we
> >>   need a macro anyway for them).
> >> - patch them up with a horrible linker script objtool patching with an
> >>   example lock initialized by the C macro.
> >>
> >> Even worse idea, on most architectures/config it's all zeros. Iirc the one
> >> I've found that might matter a bit is CONFIG_SMP=n with some lock
> >> debugging enabled. We could make rust support conditional on those, and
> >> then maybe a build-time check that it's actually all set to 0 ...
> >>
> >> Requiring the unsafe init just feels a bit disappointing to me, when the C
> >> side (including lockdep annotations) tries really hard to make global
> >> locks a one-liner.
> > 
> > I actually have a prototype lying around that gets rid of the
> > initialization step. The idea is to define some new macros:
> > 
> >  #define __ARCH_SPIN_LOCK_UNLOCKED      { 0 }
> > +#define __ARCH_SPIN_LOCK_UNLOCKED_TYP  unsigned int
> > +#define __ARCH_SPIN_LOCK_UNLOCKED_INT  0
> > 
> > Rust then uses the two new #defines to initialize the raw spin lock to
> > the right bytes. As long as __ARCH_SPIN_LOCK_UNLOCKED and
> > __ARCH_SPIN_LOCK_UNLOCKED_INT are represented by the same sequence of
> > bytes, it should work.
> 
> I have no idea if this is possible, but maybe one of the C experts can
> help with this: could we define `__ARCH_SPIN_LOCK_UNLOCKED` in terms of
> `__ARCH_SPIN_LOCK_UNLOCKED_INT`? That way there is only one source of
> truth.

Some arch are {{ 0 }}, but parisc is {{ 0x1a46, 0x1a46, 0x1a46, 0x1a46 }}

Everything else is reasonable though, with either 0 or 1 for unlucked and
one or two structs/unions around it (some arch though have named
initializers for that one field).
-Sima
-- 
Simona Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ