Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2845446imm; Mon, 16 Jul 2018 15:32:16 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfY9JnVAV8/Qz88WAQYcTKFRp7M/KTwvxfO9l3HdjQoFZ+o1pQJRf4u/6vGjsLlFfvczuoE X-Received: by 2002:a62:c4c3:: with SMTP id h64-v6mr19739199pfk.39.1531780336892; Mon, 16 Jul 2018 15:32:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531780336; cv=none; d=google.com; s=arc-20160816; b=ckjPzIqqw7cyUUf8AfgqvWw5q4dFAKIvMIxHtJsm+JjN28s6czUvIdPlu6CfP3fGFt 4ZpauEJK0ivuScnNydH8xlfQY7NZqx70b1e/dgGNdqfKH1ry4lq2pCegw7lkfHBuzdxJ eQGhxTnVfUmOWsUmr3W7QCJkkNJr3/QtGKpirLS459YqPiJO+ve196VZe1zIC41UwO/g NduZIWdCsE/oIb9wRrg2xm5YCdtPnpZj0jqOH0hpKJmz8XVmJyr231obmpLnEQppR8Yv AlHfOCuBqAFcTnL2X6yzX8/krCMasXUD19M0hExFBDp65E3L6JeQTvmJxnwMg/HpR7Qb wbKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=aKBuJscRPGIDqdVRia+CvXPNCNqNZrNASGDcq9B+Xu8=; b=wOyPRvccDDBSp3Zsxj7a3K9rkrfXOzDyBdlFoWdZB/csOhN+R6TnIc6bJoXiAtiXaH u6SCDAsHoWVEZrd3VgR44Ho0GhL6H2AkaW79fsdvc7CYZRLgscLl3R35zGrtNWRW0z0C MxgSOIGEId2/2kO+WZWH6JkdTNOCTKpvH/ulOOYRPVrIQ7jSkN2/BAIsqSL79gRV1Ghi PQiTDy/EEophljTDpCBE7Wy2YtOqBWGa2DqkPPdeUnxFo54tbnhowibP/HYDMuVjaO+G cWQlzn4WlR2mYYSaZaCJt2WsMvIeK7MFK0+2At+ApHVv8eS+xKaGu5y4ptQABQe4VaMs jmaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v4-v6si30745649pgc.450.2018.07.16.15.32.01; Mon, 16 Jul 2018 15:32:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730229AbeGPW7u (ORCPT + 99 others); Mon, 16 Jul 2018 18:59:50 -0400 Received: from www62.your-server.de ([213.133.104.62]:40060 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728524AbeGPW7u (ORCPT ); Mon, 16 Jul 2018 18:59:50 -0400 Received: from [88.198.220.130] (helo=sslproxy01.your-server.de) by www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85_2) (envelope-from ) id 1ffC0Z-0006uN-5I; Tue, 17 Jul 2018 00:30:19 +0200 Received: from [62.203.87.61] (helo=linux.home) by sslproxy01.your-server.de with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1ffC0Y-0000ui-UC; Tue, 17 Jul 2018 00:30:19 +0200 Subject: Re: [PATCH v2 bpf 3/5] bpf: bpf_prog_array_free() should take a generic non-rcu pointer To: Roman Gushchin , netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org, kernel-team@fb.com, Alexei Starovoitov References: <20180713194114.2711-1-guro@fb.com> <20180713194114.2711-3-guro@fb.com> From: Daniel Borkmann Message-ID: <41b5f919-3155-5bd4-2774-84efd58650e2@iogearbox.net> Date: Tue, 17 Jul 2018 00:30:18 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: <20180713194114.2711-3-guro@fb.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.100.0/24759/Mon Jul 16 22:54:23 2018) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07/13/2018 09:41 PM, Roman Gushchin wrote: > bpf_prog_array_free() should take a generic non-rcu pointer > as an argument, as freeing the objects assumes that we're > holding an exclusive rights on it. > > rcu_access_pointer() can be used to convert a __rcu pointer to > a generic pointer before passing it to bpf_prog_array_free(), > if necessary. > > This patch eliminates the following sparse warning: > kernel/bpf/core.c:1556:9: warning: incorrect type in argument 1 (different address spaces) > kernel/bpf/core.c:1556:9: expected struct callback_head *head > kernel/bpf/core.c:1556:9: got struct callback_head [noderef] * > > Fixes: 324bda9e6c5a ("bpf: multi program support for cgroup+bpf") > Signed-off-by: Roman Gushchin > Cc: Alexei Starovoitov > Cc: Daniel Borkmann > --- > drivers/media/rc/bpf-lirc.c | 6 +++--- > include/linux/bpf.h | 2 +- > kernel/bpf/cgroup.c | 11 ++++++----- > kernel/bpf/core.c | 5 ++--- > kernel/trace/bpf_trace.c | 8 ++++---- > 5 files changed, 16 insertions(+), 16 deletions(-) > > diff --git a/drivers/media/rc/bpf-lirc.c b/drivers/media/rc/bpf-lirc.c > index fcfab6635f9c..509b262aa0dc 100644 > --- a/drivers/media/rc/bpf-lirc.c > +++ b/drivers/media/rc/bpf-lirc.c > @@ -135,7 +135,7 @@ static int lirc_bpf_attach(struct rc_dev *rcdev, struct bpf_prog *prog) > goto unlock; > > rcu_assign_pointer(raw->progs, new_array); > - bpf_prog_array_free(old_array); > + bpf_prog_array_free(rcu_access_pointer(old_array)); Taking this one as an example, why can't we already do the rcu_dereference() on the 'old_array = raw->progs' where we fetch the old_array initially? Then we also wouldn't need the rcu_access_pointer() on bpf_prog_array_free() and yet another rcu_dereference() inside the bpf_prog_array_copy() from your later patch? Regarding former, rcu_access_pointer() should also only be used for testing the pointer value, but deeper in bpf_prog_array_free() we also deref it, etc. > unlock: > mutex_unlock(&ir_raw_handler_lock); > @@ -173,7 +173,7 @@ static int lirc_bpf_detach(struct rc_dev *rcdev, struct bpf_prog *prog) > goto unlock; > > rcu_assign_pointer(raw->progs, new_array); > - bpf_prog_array_free(old_array); > + bpf_prog_array_free(rcu_access_pointer(old_array)); > unlock: > mutex_unlock(&ir_raw_handler_lock); > return ret; > @@ -204,7 +204,7 @@ void lirc_bpf_free(struct rc_dev *rcdev) > while (*progs) > bpf_prog_put(*progs++); > > - bpf_prog_array_free(rcdev->raw->progs); > + bpf_prog_array_free(rcu_access_pointer(rcdev->raw->progs)); > }