On Thu, Dec 09, 2021 at 12:47:35PM -0500, Steven Rostedt wrote:
> On Thu, 9 Dec 2021 09:40:50 -0800
> Beau Belgrave <beaub@xxxxxxxxxxxxxxxxxxx> wrote:
>
> > No, this is not a fast path, and I don't have a problem moving to a
> > mutex if you feel that is better. I've likely become too close to this
> > code to know when things are confusing for others.
>
> Yeah. I really dislike the "protection by algorithms" then protection by
> locking unless it is a fast path.
>
> If this was a fast path then I'd be more concerned. I dislike global locks
> as well, but unless contention becomes a concern, I don't think we should
> worry about it.
Sure thing.
>
> Also, for this comment:
>
> +static int user_events_release(struct inode *node, struct file *file)
> +{
> + struct user_event_refs *refs;
> + struct user_event *user;
> + int i;
> +
> + /*
> + * refs is protected by RCU and could in theory change immediately
> + * before this call on another core. To ensure we read the latest
> + * version of refs we acquire the RCU read lock again.
> + */
> + rcu_read_lock_sched();
> + refs = rcu_dereference_sched(file->private_data);
> + rcu_read_unlock_sched();
>
> How do you see refs changing on another core if this can only be called
> when nothing has a reference to it?
>
> I think this comment and grabbing the rcu locks is what is causing me
> concern.
>
> -- Steve
User program task:
CPU0: ioctl(fd, REG)
CPU1: close(fd)
IE: Some program registers and then immediately calls close on the file.
If the CPU migrates right between the 2 and the close swaps, it is
possible this could occur.
This could be attempted in tight loops maliciously as well.
I assume with a mutex there that some barrier is imposed to ensure
correct reads in this condition? (By virtue of the mutex acquire/check)
Thanks,
-Beau
|