| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240925163530.GC27666@pendragon.ideasonboard.com>
Date: Wed, 25 Sep 2024 19:35:30 +0300
From: Laurent Pinchart <laurent.pinchart@...asonboard.com>
To: Tomi Valkeinen <tomi.valkeinen@...asonboard.com>
Cc: Mauro Carvalho Chehab <mchehab@...nel.org>,
Niklas Söderlund <niklas.soderlund@...natech.se>,
Hans Verkuil <hverkuil-cisco@...all.nl>,
Sakari Ailus <sakari.ailus@...ux.intel.com>,
linux-media@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-renesas-soc@...r.kernel.org,
Tomi Valkeinen <tomi.valkeinen+renesas@...asonboard.com>
Subject: Re: [PATCH 1/4] media: v4l2-subdev: Add cleanup macros for active
state
Hi Tomi,
On Tue, Sep 24, 2024 at 08:53:38PM +0300, Tomi Valkeinen wrote:
> On 24/09/2024 20:17, Laurent Pinchart wrote:
> > On Tue, Sep 17, 2024 at 05:09:29PM +0300, Tomi Valkeinen wrote:
> >> From: Tomi Valkeinen <tomi.valkeinen+renesas@...asonboard.com>
> >>
> >> Add cleanup macros for active state. These can be used to call
> >> v4l2_subdev_lock_and_get_active_state() and manage the unlocking either
> >> in unscoped or scoped fashion:
> >>
> >> This locks the state, gets it to the 'state' variable, and unlocks when
> >> exiting the surrounding scope:
> >>
> >> CLASS(v4l2_subdev_lock_and_get_active_state, state)(subdev);
> >>
> >> This does the same, but inside the given scope:
> >>
> >> scoped_v4l2_subdev_lock_and_get_active_state(subdev) {
> >> }
> >>
> >> Signed-off-by: Tomi Valkeinen <tomi.valkeinen+renesas@...asonboard.com>
> >> ---
> >> include/media/v4l2-subdev.h | 10 ++++++++++
> >> 1 file changed, 10 insertions(+)
> >>
> >> diff --git a/include/media/v4l2-subdev.h b/include/media/v4l2-subdev.h
> >> index bd235d325ff9..699007cfffd7 100644
> >> --- a/include/media/v4l2-subdev.h
> >> +++ b/include/media/v4l2-subdev.h
> >> @@ -8,6 +8,7 @@
> >> #ifndef _V4L2_SUBDEV_H
> >> #define _V4L2_SUBDEV_H
> >>
> >> +#include <linux/cleanup.h>
> >> #include <linux/types.h>
> >> #include <linux/v4l2-subdev.h>
> >> #include <media/media-entity.h>
> >> @@ -1854,6 +1855,15 @@ v4l2_subdev_lock_and_get_active_state(struct v4l2_subdev *sd)
> >> return sd->active_state;
> >> }
> >>
> >> +DEFINE_CLASS(v4l2_subdev_lock_and_get_active_state, struct v4l2_subdev_state *,
> >> + v4l2_subdev_unlock_state(_T),
> >> + v4l2_subdev_lock_and_get_active_state(sd), struct v4l2_subdev *sd);
> >> +
> >> +#define scoped_v4l2_subdev_lock_and_get_active_state(sd) \
> >> + for (CLASS(v4l2_subdev_lock_and_get_active_state, state)(sd), \
> >> + *done = NULL; \
> >> + !done; done = (void *)1)
> >
> > That a very long name :-S Could this be done using the scoped_guard()
> > macro instead ? For instance, with spinlocks you can do
> >
> > scoped_guard(spinlock_irqsave, &dev->lock) {
> > ...
> > }
> >
> > It would be nice to be able to write
> >
> > scoped_guard(v4l2_subdev_state, sd) {
>
> This can be done but then you need to pass the state to it, not sd. Or
> perhaps it would be possible to implicitly turn the sd into active
> state, but I don't like that at all...
>
> Or maybe:
>
> scoped_guard(v4l2_subdev_state, v4l2_subdev_get_unlocked_active_state(sd))
>
> Not very short either...
That's not very nice. Are there other examples in the kernel of
scoped_*() macros magically creating variables that are then used within
the scope ? I have a feeling we shouldn't do it here.
> > ...
> > }
> >
> > This being said, we would then end up with the state variable being
> > named scope, which wouldn't be great.
>
> No, it wouldn't.
>
> > This is actually one of my issues with the above macros, and especially
> > scoped_v4l2_subdev_lock_and_get_active_state(). It creates a local state
> > variable in the scope, which makes the code less readable in my opinion.
>
> It's trivial to add a variable name there, as mentioned in the intro letter.
>
> You mentioned the const/non-const state issue in the other email. I
> wonder if some macro-magic could be done for that... Or we can always
> just add "scoped_v4l2_subdev_lock_and_get_active_state_const()"! =)
And that's supposed to be an improvement ? :D
> Also, it's not like we have to use these _everywhere_. So maybe if you
> want a const state, don't use the scoped or the class.
Looking at the rest of your series there are very few instances of
scoped_v4l2_subdev_lock_and_get_active_state(), so I'm tempted to simply
leave it out. When one writes
scoped_guard(spinlock_irqsave, &dev->lock) {
}
It's clear that you're locking the lock for the scope using
spinlock_irqsave. The scoped guard performs a scoped action on an
existing object. The V4L2 subdev active state is different, I don't
think scoped_guard() gives the right semantics.
> > We could keep the class and drop
> > scoped_v4l2_subdev_lock_and_get_active_state(). I think I would like to
> > shorten the class name then.
> >
> > Another option is to use DEFINE_FREE() and __free() instead.
>
> That can be added too. I had them, but I didn't consider them as useful
> when I already added the class and scoped.
>
> I have to say I don't particularly like the look of either the scoped or
> the class, or even the free. But they're so useful wrt. error handling
> that I don't care if the syntax annoys me =).
CLASS() is a bit better once we'll get used to it, as the name of the
variable is explicit. It however doesn't solve the const issue.
Furthermore, its semantics is meant to represent creation of an object
with automatic destruction when it leaves the scope, while with the
subdev active state you're not creating an object. That's why I think
that an explicit variable with a __free() annotation may be the best
option for this.
> Also, I think in theory one should always just use the scoped macro,
> never the class. But as the scoped one adds indentation, in some cases
> using the class keeps the code formatting nicer.
--
Regards,
Laurent Pinchart
Powered by blists - more mailing lists