Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2758808imu;
        Fri, 23 Nov 2018 14:21:34 -0800 (PST)
X-Google-Smtp-Source: AJdET5eE9XgLMYkj6oWAQZgWiCYCfNKPAOEuaLvWsuyVn54DOqSGRVqiAK206hTTuVB2FaNhyxLV
X-Received: by 2002:a62:c28e:: with SMTP id w14mr17822246pfk.115.1543011694220;
        Fri, 23 Nov 2018 14:21:34 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543011694; cv=none;
        d=google.com; s=arc-20160816;
        b=u/6zLCZZVJTQdvg/61pl31i8QlYHbF/1fpRKUy4eomMXBNddVzsGig39X27VnjLoD7
         S5UGf7VzW6W/SbbXQTT3wBp44temdzGfkO7+9u32FUimwDu26hYwkx9wa0tp5q4RpZGZ
         BGAl+xtg1Ez0eji9Qx6VTPMEztKV4fIAjjtl/tvW55dcGQtACZH+V56ToYsi7sDaW9Wb
         ilStWhPPUn/sV8AoSKFEufaT2hvHaA0nvAWCoSeQ9BT8lAFZC5aRyywH+bREzO5CggWe
         gPyAMghNYFSSzlwlsbyH+mJ4DlS6oX1MPv2AvtKPxt4F4gmLJqBol6B0zI1oleYTfA6E
         ArjA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:thread-index:thread-topic
         :content-transfer-encoding:mime-version:subject:references
         :in-reply-to:message-id:cc:to:from:date:dkim-signature:dkim-filter;
        bh=/jGcv3ikfocAK+t2x7GFxnhMfNd9oklnCzgNoZY7JQc=;
        b=Pw1AxVX5OyAwbQADpBL8/9UVEO/42dZc++VVusG80TKeZHUjCNGK+d2FCgwpOoB6Ck
         jOtNpSd9pX1XGhERFaLtaNvIu+Qb+xtuT9i/DHWOEVsr3InwPNq9dzbFzoby8zzfn+Of
         qKEV0HLT46gtKs+foA67kU+bQdjd6glne+QqDsWSbdKoPoFvEM1Sd7gQKAbPgl6/T7BV
         qymsKa13IuvDf06PO5J7uxD5V4ftHBNhTnMR8J9Io6DXIlUSrVqKTNX8/w5A+lqihfE9
         YaTn6Oy38ARZ8tpZUG46tb94fohJPHazFePlNLsK3l6ZjLnGb5OMwBOH0xQQiL8Mpro+
         fgaA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@efficios.com header.s=default header.b=dHL9CJrM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d187-v6si60589859pfa.68.2018.11.23.14.20.39;
        Fri, 23 Nov 2018 14:21:34 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@efficios.com header.s=default header.b=dHL9CJrM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2405723AbeKWBoC (ORCPT <rfc822;kkoh.linux@gmail.com>
        + 99 others); Thu, 22 Nov 2018 20:44:02 -0500
Received: from mail.efficios.com ([167.114.142.138]:51508 "EHLO
        mail.efficios.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728272AbeKWBoC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 22 Nov 2018 20:44:02 -0500
Received: from localhost (ip6-localhost [IPv6:::1])
        by mail.efficios.com (Postfix) with ESMTP id 7E3B02504CC;
        Thu, 22 Nov 2018 10:04:17 -0500 (EST)
Received: from mail.efficios.com ([IPv6:::1])
        by localhost (mail02.efficios.com [IPv6:::1]) (amavisd-new, port 10032)
        with ESMTP id W2wSU6brnzaR; Thu, 22 Nov 2018 10:04:17 -0500 (EST)
Received: from localhost (ip6-localhost [IPv6:::1])
        by mail.efficios.com (Postfix) with ESMTP id 082972504B9;
        Thu, 22 Nov 2018 10:04:17 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.efficios.com 082972504B9
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficios.com;
        s=default; t=1542899057;
        bh=/jGcv3ikfocAK+t2x7GFxnhMfNd9oklnCzgNoZY7JQc=;
        h=Date:From:To:Message-ID:MIME-Version;
        b=dHL9CJrMrXqdieDm5o+mEAgBq+bCJsMhBLoNFnq/fDMxi2KMSTodQRd3pLI98nj2l
         wOOWbMXfuJRX5Tw3NIGQFE2zZzhNcS5Wv8KKQ2s1QiGvdFu0Ts6G7HzUcFy7worGiL
         7dgFb9nxwOiOX/IU2FlusrEhbqj6i/E4axMm0+UX3TT3OjEDLF5aWmmpvkPKWFQpXw
         +eQrjT8VPjlGE063I91d/VV1yw4aNLLLqQsirmMAW1+1/8WjdHYW4pUWhcaCulVGlv
         +YZTAQosV90jzZum7orL0ON/bgBr9dhVZlqI0J3D8W9D6VOklTdMqamhxFc62wl/nx
         NNPEenWBFRnmw==
X-Virus-Scanned: amavisd-new at efficios.com
Received: from mail.efficios.com ([IPv6:::1])
        by localhost (mail02.efficios.com [IPv6:::1]) (amavisd-new, port 10026)
        with ESMTP id wV8wBdqjCTrL; Thu, 22 Nov 2018 10:04:16 -0500 (EST)
Received: from mail02.efficios.com (mail02.efficios.com [167.114.142.138])
        by mail.efficios.com (Postfix) with ESMTP id DB5C72504B2;
        Thu, 22 Nov 2018 10:04:16 -0500 (EST)
Date:   Thu, 22 Nov 2018 10:04:16 -0500 (EST)
From:   Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
To:     Rich Felker <dalias@libc.org>
Cc:     carlos <carlos@redhat.com>, Florian Weimer <fweimer@redhat.com>,
        Joseph Myers <joseph@codesourcery.com>,
        Szabolcs Nagy <szabolcs.nagy@arm.com>,
        libc-alpha <libc-alpha@sourceware.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ben Maurer <bmaurer@fb.com>,
        Peter Zijlstra <peterz@infradead.org>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        Boqun Feng <boqun.feng@gmail.com>,
        Will Deacon <will.deacon@arm.com>,
        Dave Watson <davejwatson@fb.com>, Paul Turner <pjt@google.com>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        linux-api <linux-api@vger.kernel.org>
Message-ID: <782067422.9852.1542899056778.JavaMail.zimbra@efficios.com>
In-Reply-To: <20181122143603.GD23599@brightrain.aerifal.cx>
References: <20181121183936.8176-1-mathieu.desnoyers@efficios.com> <20181122143603.GD23599@brightrain.aerifal.cx>
Subject: Re: [RFC PATCH v4 1/5] glibc: Perform rseq(2) registration at nptl
 init and thread creation
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Originating-IP: [167.114.142.138]
X-Mailer: Zimbra 8.8.10_GA_3047 (ZimbraWebClient - FF52 (Linux)/8.8.10_GA_3041)
Thread-Topic: glibc: Perform rseq(2) registration at nptl init and thread creation
Thread-Index: tTPuXGNepoFLbbnqmkjFnnTYo2v1fg==
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

----- On Nov 22, 2018, at 9:36 AM, Rich Felker dalias@libc.org wrote:

> On Wed, Nov 21, 2018 at 01:39:32PM -0500, Mathieu Desnoyers wrote:
>> Register rseq(2) TLS for each thread (including main), and unregister
>> for each thread (excluding main). "rseq" stands for Restartable
>> Sequences.
> 
> Maybe I'm missing something obvious, but "unregister" does not seem to
> be a meaningful operation. Can you clarify what it's for?

There are really two ways rseq TLS can end up being unregistered: either
through an explicit call to the rseq "unregister", or when the OS frees the
thread's task struct.

You bring an interesting point here: do we need to explicitly unregister
rseq at thread exit, or can we leave that to the OS ?

The key thing to look for here is whether it's valid to access the
TLS area of the thread from preemption or signal delivery happening
at the very end of START_THREAD_DEFN. If it's OK to access it until
the very end of the thread lifetime, then we could do without an
explicit unregistration. However, if at any given point of the late
thread lifetime we end up in a situation where reading or writing to
that TLS area can cause corruption, then we need to carefully
unregister it before that memory is reclaimed/reused.

What we have below the current location for the __rseq_unregister_current_thread ()
call is as follows. I'm not all that convinced that it's valid to access the TLS
area up until __exit_thread () at the very end, especially after setting
setxid_futex back to 0.

Thoughts ?

  /* Unregister rseq TLS from kernel. */
  if (has_rseq && __rseq_unregister_current_thread ())
    abort();

  advise_stack_range (pd->stackblock, pd->stackblock_size, (uintptr_t) pd,
                      pd->guardsize);

  /* If the thread is detached free the TCB.  */
  if (IS_DETACHED (pd))
    /* Free the TCB.  */
    __free_tcb (pd);
  else if (__glibc_unlikely (pd->cancelhandling & SETXID_BITMASK))
    {
      /* Some other thread might call any of the setXid functions and expect
         us to reply.  In this case wait until we did that.  */
      do
        /* XXX This differs from the typical futex_wait_simple pattern in that
           the futex_wait condition (setxid_futex) is different from the
           condition used in the surrounding loop (cancelhandling).  We need
           to check and document why this is correct.  */
        futex_wait_simple (&pd->setxid_futex, 0, FUTEX_PRIVATE);
      while (pd->cancelhandling & SETXID_BITMASK);

      /* Reset the value so that the stack can be reused.  */
      pd->setxid_futex = 0;
    }

  /* We cannot call '_exit' here.  '_exit' will terminate the process.

     The 'exit' implementation in the kernel will signal when the
     process is really dead since 'clone' got passed the CLONE_CHILD_CLEARTID
     flag.  The 'tid' field in the TCB will be set to zero.

     The exit code is zero since in case all threads exit by calling
     'pthread_exit' the exit status must be 0 (zero).  */
  __exit_thread ();

  /* NOTREACHED */

Thanks,

Mathieu


-- 
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com