Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932261AbcCKTaz (ORCPT ); Fri, 11 Mar 2016 14:30:55 -0500 Received: from mail-ob0-f169.google.com ([209.85.214.169]:34046 "EHLO mail-ob0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932070AbcCKTax (ORCPT ); Fri, 11 Mar 2016 14:30:53 -0500 MIME-Version: 1.0 In-Reply-To: References: <06079088639eddd756e2092b735ce4a682081308.1457486598.git.luto@kernel.org> <20160309085631.GA3247@gmail.com> <20160309113449.GZ29662@port70.net> <20160310033446.GL9349@brightrain.aerifal.cx> <20160310111646.GA13102@gmail.com> <20160310164104.GM9349@brightrain.aerifal.cx> <20160310180331.GB15940@gmail.com> <20160310232819.GR9349@brightrain.aerifal.cx> <20160311093347.GA17749@gmail.com> <20160311113914.GD29662@port70.net> From: Andy Lutomirski Date: Fri, 11 Mar 2016 11:30:32 -0800 Message-ID: Subject: Re: [musl] Re: [RFC PATCH] x86/vdso/32: Add AT_SYSINFO cancellation helpers To: Linus Torvalds Cc: Ingo Molnar , Rich Felker , Andy Lutomirski , "the arch/x86 maintainers" , Linux Kernel Mailing List , Borislav Petkov , "musl@lists.openwall.com" , Andrew Morton , Thomas Gleixner , Peter Zijlstra Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2299 Lines: 50 On Fri, Mar 11, 2016 at 11:27 AM, Linus Torvalds wrote: > On Fri, Mar 11, 2016 at 3:39 AM, Szabolcs Nagy wrote: >> >> i think the sticky signal design would work, but more >> complex than what we have and adds some atomic rmw ops >> into common code paths and not backward compatible. >> >> not using vsyscalls for cancellation-points sounds easier. > > Hmm. Ok, so I think I understand your needs, and your current model > does sound easier. But the cost of not using vsyscalls is really quite > high. > > It sounds like the main worry is that some system calls are guaranteed > cancellation points, and if the signal slips in between your > cancellation point check and the system call, you lose that ability. > > I'm assuming that if the "canceltype" is asynchronous, you never have > this problem, because the cancellation can be done in the signal > handler itself, which avoids the whole race. > > Am I getting closer to understanding the particular semantics you are > looking for? > > Because if that's the case, I wonder if what you really want is not > "sticky signals" as much as "synchronous signals" - ie the ability to > say that a signal shouldn't ever interrupt in random places, but only > at well-defined points (where a system call would be one such point - > are there others?) > > So then you could make "pthread_setcanceltype()" just set that flag > for the cancellation signal, and just know that the signal itself will > always be deferred to such a synchronous point (ie system call entry). > > We already have the ability to catch things at system call entry > (ptrace needs it, for example), so we could possibly make our signal > delivery have a mode where a signal does *not* cause user space > execution to be interrupted by a signal handler, but instead just sets > a bit in the thread info state that then causes the next system call > to take the signal. I think that this would almost work for musl, except that musl would still need to be able to tell whether the syscall that eventually gets interrupted is a cancellation point, which still may require some ability to unwind from the vdso. The syscall handler can easily tell the syscall number (it's in EAX), but it may need the effective EIP as well. --Andy