On 03/27/21 22:01, Thomas Gleixner wrote: > And while you carefully reworded the comment, did you actually read what > it said and what is says now? > > > - * cpu_down() which takes cpu maps lock. cpu maps lock > > - * needs to be held as this might race against in kernel > > - * abusers of the hotplug machinery (thermal management). > > vs. > > > + * cpu_down() which takes cpu maps lock. cpu maps lock > > + * needed to be held as this might race against in-kernel > > + * abusers of the hotplug machinery (thermal management). > > The big fat hint is: "cpu maps lock needs to be held as this ...." and > it still needs to be held for the above loop to work correctly at > all. See also below. > > So just moving comments blindly around and making them past tense is not > cutting it. Quite the contrary the comments make no sense anymore. They > became uncomprehensible word salad. > > Now for the second part of that comment: > > > + * .... This is > > + * called under the sysfs hotplug lock, so it is properly > > + * serialized against the regular offline usage. > > So there are two layers of protection: > > cpu_maps_lock and sysfs hotplug lock > > One protects surprisingly against concurrent sysfs writes and the other > is required to serialize in kernel usage. > > Now lets look at the original protection: > > lock(sysfs) > lock(cpu_maps) > hotplug > dev->offline = new_state > uevent() > unlock(cpu_maps) > unlock(sysfs) > > and the one you created: > > lock(sysfs) > lock(cpu_maps) > hotplug > unlock(cpu_maps) > dev->offline = new_state > uevent() > unlock(sysfs) > > Where is that protection scope change mentioned in the change log and > where is the analysis that it is correct? The comment do still need updating though. Its reference to thermal management is cryptic. I couldn't see who performs hotplug operations in thermal code. I also think generally that comment is no longer valid after the refactor I did to 'prevent' in-kernel users from calling cpu_up/down() directly and force them all to go via device_offline/online() which is wrapped via the add/remove_cpu() 33c3736ec888 cpu/hotplug: Hide cpu_up/down() So I think except for suspend/resume/hibernate/kexec, all in-kernel users should be serialized by lock(hotplug) now. Since uevents() don't matter for suspend/resume/hiberante/kexec I think moving it outside of lock(cpu_maps) is fine. So IIUC in the past we had the race userspace in-kernel users lock(hotplug) cpuhp_smt_disable() lock(cpu_maps) cpu_down() lock(cpu_maps) So they were serialized by cpu_maps lock. But that should not happen now since in-kernel (except for the aforementioned) users should use remove_cpu(). userspace in-kernel users lock(hotplug) cpuhp_smt_disable() lock(cpu_maps) remove_cpu() lock(hotplug) device_offline() cpu_down() lock(cpu_maps) Which forces the serialization at lock(hotplug), which is what lock_device_hotplug_sysfs() is actually tries to hold. So I think that race condition should not happen now. Or did I miss something? The only loophole is that cpu_device_up() could be abused if not caught by reviewers. I didn't find a way to warn/error if someone other than cpu_subsys_online() uses it. We rely on a comment explaining it.. I think cpuhp_smt_disable/enable can safely call device_offline/online now. Although it might still be more efficient to hold lock(cpu_maps) once than repeatedly in a loop. If we do that, then cpu_up_down_serialize_trainwrech() can be called from cpu_device_up/down() which implies !task_frozen. Can't remember now if Alexey moved the uevent() handling out of the loop for efficiency reasons or was seeing something else. I doubt it was the latter. Thanks -- Qais Yousef
