Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp139820imm; Tue, 17 Jul 2018 15:39:47 -0700 (PDT) X-Google-Smtp-Source: AAOMgpd/GXjJq8incuP2wL7mP/NaDJwxQO6Ile62UC+eBbnhmwugaWVQ8fSAPNfaQYzzebwcoZWM X-Received: by 2002:a65:64c6:: with SMTP id t6-v6mr3344147pgv.223.1531867186976; Tue, 17 Jul 2018 15:39:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531867186; cv=none; d=google.com; s=arc-20160816; b=mB2aa0RrqndnN9Qk0ffp9PIfQnEfJSwHIMQxaD5jUgNLTEeKszE3UgWZThF2ZhP46g IxZVlb3qccfR7Xz3OMXtoec9Q5/1sBbpabO94PqO/V7sCTkUa4ZmxnB7eTbo/2hNnKyA VZjnDPJYeshMFRa+CXdgJ29MQ0cK0hAk3EaTNE71US20DqcV1Zu3gwac22lOwRh9KXqF EC+mdS3ZavVY8MYY18r4BbnxOMEh3pCd0KYTyMr05TI8+z54UTegDraNFE6fr1n7Jwkv nFaqEp0AFaWVFrNlDYL/OjD/nKqLY6hDyx8mu+LmCVwGPOofHq66u3qFkcMIg1OBYHdm ebOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=rotngWkZ51xksCVj+qA7ci1GI7Wyd//9AwFO/LN4yxo=; b=PrtdZyCldQEYyZPt4ns3twugzu13MQOD2X3wNco3Pgu3PEIy+axpktXwo8f4lJWUPG y1+CI8fV4gRa8Fv+dnyByfZ9ulwAt+xPlQiOv6HrS0FEM7oZmX7yredB86iqotYR2CFQ 8bs9Kh+sQaDe9O6go8FV6dk+FiPIMXXNfeHORQkHCFKNLjAwJzyO3JaG1rvx8Ds8wn3t KZasgZaGIyySlMxWIwlYzUtoCGr8PyJI4y2Zc0RGRoI+gLfK9c353XdGz46KMwY3lGDQ yENMFA5NEcgEJZ0nPsqDox/tHRnn46FkXQjmgpfZU8vEI9JN6EuOV9u0TxJ08ZlQwRjG iz9Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x19-v6si1915789pgl.660.2018.07.17.15.39.29; Tue, 17 Jul 2018 15:39:46 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731138AbeGQXNl (ORCPT + 99 others); Tue, 17 Jul 2018 19:13:41 -0400 Received: from www62.your-server.de ([213.133.104.62]:60104 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729840AbeGQXNl (ORCPT ); Tue, 17 Jul 2018 19:13:41 -0400 Received: from [78.46.172.2] (helo=sslproxy05.your-server.de) by www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85_2) (envelope-from ) id 1ffYcN-0000TY-7B; Wed, 18 Jul 2018 00:38:51 +0200 Received: from [62.203.87.61] (helo=linux.home) by sslproxy05.your-server.de with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1ffYcN-0005Fo-1t; Wed, 18 Jul 2018 00:38:51 +0200 Subject: Re: [PATCH v2 bpf 3/5] bpf: bpf_prog_array_free() should take a generic non-rcu pointer To: Roman Gushchin Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-team@fb.com, Alexei Starovoitov References: <20180713194114.2711-1-guro@fb.com> <20180713194114.2711-3-guro@fb.com> <41b5f919-3155-5bd4-2774-84efd58650e2@iogearbox.net> <20180716225715.GB3898@castle.DHCP.thefacebook.com> From: Daniel Borkmann Message-ID: <1a40b0a8-7440-f2d2-d743-64901b5d1bfe@iogearbox.net> Date: Wed, 18 Jul 2018 00:38:50 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: <20180716225715.GB3898@castle.DHCP.thefacebook.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.100.0/24760/Tue Jul 17 06:40:15 2018) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07/17/2018 12:57 AM, Roman Gushchin wrote: > On Tue, Jul 17, 2018 at 12:30:18AM +0200, Daniel Borkmann wrote: >> On 07/13/2018 09:41 PM, Roman Gushchin wrote: >>> bpf_prog_array_free() should take a generic non-rcu pointer >>> as an argument, as freeing the objects assumes that we're >>> holding an exclusive rights on it. >>> >>> rcu_access_pointer() can be used to convert a __rcu pointer to >>> a generic pointer before passing it to bpf_prog_array_free(), >>> if necessary. >>> >>> This patch eliminates the following sparse warning: >>> kernel/bpf/core.c:1556:9: warning: incorrect type in argument 1 (different address spaces) >>> kernel/bpf/core.c:1556:9: expected struct callback_head *head >>> kernel/bpf/core.c:1556:9: got struct callback_head [noderef] * >>> >>> Fixes: 324bda9e6c5a ("bpf: multi program support for cgroup+bpf") >>> Signed-off-by: Roman Gushchin >>> Cc: Alexei Starovoitov >>> Cc: Daniel Borkmann >>> --- >>> drivers/media/rc/bpf-lirc.c | 6 +++--- >>> include/linux/bpf.h | 2 +- >>> kernel/bpf/cgroup.c | 11 ++++++----- >>> kernel/bpf/core.c | 5 ++--- >>> kernel/trace/bpf_trace.c | 8 ++++---- >>> 5 files changed, 16 insertions(+), 16 deletions(-) >>> >>> diff --git a/drivers/media/rc/bpf-lirc.c b/drivers/media/rc/bpf-lirc.c >>> index fcfab6635f9c..509b262aa0dc 100644 >>> --- a/drivers/media/rc/bpf-lirc.c >>> +++ b/drivers/media/rc/bpf-lirc.c >>> @@ -135,7 +135,7 @@ static int lirc_bpf_attach(struct rc_dev *rcdev, struct bpf_prog *prog) >>> goto unlock; >>> >>> rcu_assign_pointer(raw->progs, new_array); >>> - bpf_prog_array_free(old_array); >>> + bpf_prog_array_free(rcu_access_pointer(old_array)); >> >> Taking this one as an example, why can't we already do the rcu_dereference() on the >> 'old_array = raw->progs' where we fetch the old_array initially? Then we also wouldn't >> need the rcu_access_pointer() on bpf_prog_array_free() and yet another rcu_dereference() >> inside the bpf_prog_array_copy() from your later patch? > > We can, but then we have to change bpf_prog_array_copy() args annotation, > and also all places, where it's called. > IMO, basically all local variables and function args marked as __rcu > should be not marked as RCU, but fixing them all is beyond this patchset. Right, agree, the __rcu markings seem somewhat arbitrary. :-( I think we need to investigate this a bit deeper and do a proper audit on the whole bpf prog array's RCU handling (probably won't get to it in next two weeks but put onto backlog just in case it's still unresolved till then). That said, given this has been there for quite a while and it's rc5 now, I think we could start out on bpf-next with the obvious candidates which should be okay even if it ends up bigger. First two from this series we could already take in if you prefer. Thanks, Daniel