Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1326822ybh; Thu, 23 Jul 2020 06:18:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwKerEFI3Y2lRFHJ8KZGTFzqinUNoBv3mE6U/Or1Ll5nmp9ZJDikZKLmpdKLuUjoB1cYl72 X-Received: by 2002:a17:906:ca4c:: with SMTP id jx12mr410401ejb.231.1595510292363; Thu, 23 Jul 2020 06:18:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595510292; cv=none; d=google.com; s=arc-20160816; b=Kf9+ZdPRE3MRRhjBqp+2O7Jw2YjmqHsMLHeiShdzJ3Gk+XvTzk9MinSF2iH1CHSN03 Ew+Jm7Hqb5lP4OgN79Vj6zva58gjzlTcuDyhfgvWhJvp2cA41Xyn79OX+nGSPgwRu5wc RQvarpZzRJpST8/6SADCcVVMtyy7ftsqG53/iZz9EMOkgxjvEgt16WB7fQqkLbSdVP20 3IHauE3DKl/TBrjBYnHAuosnWKgsPUtu/ailumPK1I5hWSYlEDrk56Veu4zUPdXN28Ut hIIaPL0wk3m26jQ4FKWA7EV29Rzpo/PokPvLgkMrWme4kITG9kp78grjiHWFml69kx6s 80uQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:references :in-reply-to:subject:cc:to:dkim-signature:dkim-signature:from; bh=eZpHq0wJmoP/QXQlRoyC1nwl6NlG0XCOjSsjs7SeBVk=; b=ZjVTLLLM3nNAM+ubCZ5uk8xneh94m4Yydv8YJj6M5ocdD0KobTUlRzpkUa8s8RmE8D tiHP1Bi4UKA/IDn9l/NMiYLDXKnbGw11s5Rpvx0WuG6l8kKubT0JPjfFMlgwUWM12RoK yIO/G1JbsnoJjnf9nY81f3n4Ne305mtCCVP1nH/fskeQWqxgwLmN/RBVJj0G5epKS4Po KjFlzMDTh9H6Ir1s2/o8pFO5qBPh0zGPRg7ZQRyN5JkCu0kw4mkImP6I+nyf1353f7hs jCaOEcvsgtPJh9VDidvwAr+UmXMV5gHppTVXy7YApifMLiYREq/1IHOTOwKLEDgeqwEE 1CYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=I5uUAnsl; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=WwsN8Q02; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s24si2100240ejd.737.2020.07.23.06.17.49; Thu, 23 Jul 2020 06:18:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=I5uUAnsl; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=WwsN8Q02; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729315AbgGWNRH (ORCPT + 99 others); Thu, 23 Jul 2020 09:17:07 -0400 Received: from Galois.linutronix.de ([193.142.43.55]:57992 "EHLO galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728995AbgGWNRG (ORCPT ); Thu, 23 Jul 2020 09:17:06 -0400 From: Thomas Gleixner DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1595510224; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eZpHq0wJmoP/QXQlRoyC1nwl6NlG0XCOjSsjs7SeBVk=; b=I5uUAnslI9iohcWcGvwQ1La8igmc08Dgutc4K//ZOliRBQaRsCvuWzc70N//cMry0vvrwH BKtNKQK2R6FuwQbymWrVlq1H766ZtytsV+w3XlJHlILbIxNyCPFOrkPY/PgkLStzNEVlpZ ExnlHmkAFLgeRofqnevAlRou3mGVDq+YsL5M5ajc2FXqt0WB/u24ZCK3ed6yEdWGmWC9T2 ISXOUS0/toZi2WFWflYc+eIH8Qw7UsY8Ip8KA+qKQMRU7Sfo89WKBsASebhKJ25ZKzPVfF EAPBco13PdctmXrPup1XDQFusXVSvpOdaemNoWJMM0RFwWrGyE5G60g+AWBCuQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1595510224; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=eZpHq0wJmoP/QXQlRoyC1nwl6NlG0XCOjSsjs7SeBVk=; b=WwsN8Q02+6+OIT1IGfrmoJ1cKOXiIf+cRiWF3uIDoAkx/POgXeIUtk17XXPG2yXE9l/RJX We5XQT2JyzofwSBg== To: Alex Belits , "frederic\@kernel.org" , "rostedt\@goodmis.org" Cc: Prasun Kapoor , "mingo\@kernel.org" , "davem\@davemloft.net" , "linux-api\@vger.kernel.org" , "peterz\@infradead.org" , "linux-arch\@vger.kernel.org" , "catalin.marinas\@arm.com" , "will\@kernel.org" , "linux-arm-kernel\@lists.infradead.org" , "linux-kernel\@vger.kernel.org" , "netdev\@vger.kernel.org" Subject: Re: [PATCH v4 00/13] "Task_isolation" mode In-Reply-To: <04be044c1bcd76b7438b7563edc35383417f12c8.camel@marvell.com> References: <04be044c1bcd76b7438b7563edc35383417f12c8.camel@marvell.com> Date: Thu, 23 Jul 2020 15:17:04 +0200 Message-ID: <87imeextf3.fsf@nanos.tec.linutronix.de> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Alex, Alex Belits writes: > This is a new version of task isolation implementation. Previous version is at > https://lore.kernel.org/lkml/07c25c246c55012981ec0296eee23e68c719333a.camel@marvell.com/ > > Mostly this covers race conditions prevention on breaking isolation. Early after kernel entry, > task_isolation_enter() is called to update flags visible to other CPU cores and to perform > synchronization if necessary. Before this call only "safe" operations happen, as long as > CONFIG_TRACE_IRQFLAGS is not enabled. Without going into details of the individual patches, let me give you a high level view of this series: 1) Entry code handling: That's completely broken vs. the careful ordering and instrumentation protection of the entry code. You can't just slap stuff randomly into places which you think are safe w/o actually trying to understand why this code is ordered in the way it is. This clearly was never built and tested with any of the relevant debug options enabled. Both build and boot would have told you. 2) Instruction synchronization Trying to do instruction synchronization delayed is a clear recipe for hard to diagnose failures. Just because it blew not up in your face does not make it correct in any way. It's broken by design and violates _all_ rules of safe instruction patching and introduces a complete trainwreck in x86 NMI processing. If you really think that this is correct, then please have at least the courtesy to come up with a detailed and precise argumentation why this is a valid approach. While writing that up you surely will find out why it is not. 3) Debug calls Sprinkling debug calls around the codebase randomly is not going to happen. That's an unmaintainable mess. Aside of that none of these dmesg based debug things is necessary. This can simply be monitored with tracing. 4) Tons of undocumented smp barriers See Documentation/process/submit-checklist.rst #25 5) Signal on page fault Why is this a magic task isolation feature instead of making it something which can be used in general? There are other legit reasons why a task might want a notification about an unexpected (resolved) page fault. 6) Coding style violations all over the place Using checkpatch.pl is mandatory 7) Not Cc'ed maintainers While your Cc list is huge, you completely fail to Cc the relevant maintainers of various files and subsystems as requested in Documentation/process/* 8) Changelogs Most of the changelogs have something along the lines: 'task isolation does not want X, so do Y to make it not do X' without any single line of explanation why this approach was chosen and why it is correct under all circumstances and cannot have nasty side effects. It's not the job of the reviewers/maintainers to figure this out. Please come up with a coherent design first and then address the identified issues one by one in a way which is palatable and reviewable. Throwing a big pile of completely undocumented 'works for me' mess over the fence does not get you anywhere, not even to the point that people are willing to review it in detail. Thanks, tglx