Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2302182pxa; Mon, 3 Aug 2020 12:34:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwcPJWl76nSO1/SLMnzCt3J5Xc6qMq8AfqfB9nkYkAvw42HFpxoceJHEnBG2QWluBPJPMDg X-Received: by 2002:a50:fa99:: with SMTP id w25mr17716042edr.150.1596483274360; Mon, 03 Aug 2020 12:34:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1596483274; cv=none; d=google.com; s=arc-20160816; b=d1kjcNTeAI2jzPFQe5Dniuk+hFmib6tomFbAXHV5++VC1K0EJahHvGOPWxQemoii25 iy/bwJPi0hWSqYAmepSQBGWDLQrt1ASTB51CDXjVCNICe7Vg65Ok5GxbzbN7oX+i2OpE 9UFuKam+ac26rgcj6twE+aZ9RxBLrk/XmJ7+gYR+NMypFs38Pi/H/saLXgDcz9PqA4Q/ azrYyUJnCHqvz5ToEzkZeFzsw8nigtUhyki26ZLX6oGAo6k9hu01URDdqiFd6hcRa1yI I8ipK6/RD6dic1nv174dIsingggr5BZK4rabPbt+ZwI57x8vZjVDm911Q2gnsiosapYA VpvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=RvzegeXfDF+FVdvZWpUY2C/JYcGtzK0e5Km4cAoPNN8=; b=Z55RXUchH2V1Y+tUnG323HaEMruU6nJPOhPtkchWGUBjb1VYy7bF2GqJuGql709wW5 brsprrWlZNEx4KHpvUwDFiAYjerOFibXxWoYagkjNbsiXvV916oeidKv/8kL6eHsGTEF mTunzEA5wwy+P4GvPcFdsarFKhnU8vLdpmpGKrYbO9z4wTvWt8WlsIBU9cxsM73jBfOO UO6XonG1RfVuMtNkush82zhtCtZPMsC4DHh32fSpmMxH0LcGvl+TEOZqms/GCoZ4Q2Ry 26T0tpekxxAJDdflPJldjJ+x3K6ghvSbfpXHVqtj9FUYmA7qkXzOT0Z3EiK5FtsH2DkE Z1SQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@baylibre-com.20150623.gappssmtp.com header.s=20150623 header.b=jSmTnJX1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g10si12052532edv.457.2020.08.03.12.34.11; Mon, 03 Aug 2020 12:34:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@baylibre-com.20150623.gappssmtp.com header.s=20150623 header.b=jSmTnJX1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728005AbgHCTbz (ORCPT + 99 others); Mon, 3 Aug 2020 15:31:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51582 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727813AbgHCTby (ORCPT ); Mon, 3 Aug 2020 15:31:54 -0400 Received: from mail-qt1-x842.google.com (mail-qt1-x842.google.com [IPv6:2607:f8b0:4864:20::842]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B9BE0C06174A for ; Mon, 3 Aug 2020 12:31:54 -0700 (PDT) Received: by mail-qt1-x842.google.com with SMTP id b25so29147272qto.2 for ; Mon, 03 Aug 2020 12:31:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=baylibre-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RvzegeXfDF+FVdvZWpUY2C/JYcGtzK0e5Km4cAoPNN8=; b=jSmTnJX12hJqDm4wSS6o7mGjoyl/+MvIhk0XVP7uEzSk09YcYc0nfbe7zl7aGuS6wC SZGNqDDIANha72buny9X6caEYisJ0XYhId0is+ZwGaTqeHILDvgTJPVKJvBN+9ZYXvZP 0/nufiyHW+XAHqa5hL6CByacEB0uNBoHAuc4Kis0WamHtXH5CUsWqOiezhW9OIyk69+N oPiQemIU1078XmA59msE3KdOqcmq1SdKyAOJGFHHKvknx5m21uk7o6pQX+nWrZAsH1Oj YYTBVnF2EOEmJM9paMatW2pjQOsHClWl2IDuqTaFsRERReRg3AsBTwZj2m1vAcJQ5fLE ctSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RvzegeXfDF+FVdvZWpUY2C/JYcGtzK0e5Km4cAoPNN8=; b=smB7qZIZM/FZI3SH8vwobv3Tl2acMtR3GbN6rtfQ9/9xofjCg/+a7CkFPQMcKd2EfD PfwVBqIpOoHBbtAFi/YF4CsOI5HMZLASbNZfjYbu5SssXgcVb3o6lqYdqbFjtelwoe6n mkb9UVtgmfNUCPi5becbZQlfx748yQ8/clr6+o6J2Sn7Ir8rd3f3KkzmUvjkl57Eypq9 h3UNBHQ6nr+V7zil+R63AIV06kh0j61wF6PkGz4jH8GmSxsTmN8k/AEcp99SDcfXSnW4 M4hwW5LLGi5Xwlv0NiJ925Z0nCgGfvvUGikU21N36KAaS/vA19GqDgFAdnfZrYqnkZcZ 4h9A== X-Gm-Message-State: AOAM533cL5sC4NDU11PDD8I46/bIAVGs9XmBxqu8Lv50BZ5XFdE1b8vO hNgIy/h5m5S4Ey4/2Hjb7wEnIs5m8BCApEEqWiC2Aw== X-Received: by 2002:ac8:72cc:: with SMTP id o12mr17678716qtp.27.1596483113936; Mon, 03 Aug 2020 12:31:53 -0700 (PDT) MIME-Version: 1.0 References: <20200802083458.24323-1-brgl@bgdev.pl> <20200802083458.24323-2-brgl@bgdev.pl> In-Reply-To: From: Bartosz Golaszewski Date: Mon, 3 Aug 2020 21:31:42 +0200 Message-ID: Subject: Re: [PATCH v6 1/3] devres: provide devm_krealloc() To: Andy Shevchenko Cc: Bartosz Golaszewski , Jonathan Cameron , Hartmut Knaack , Lars-Peter Clausen , Peter Meerwald-Stadler , Michal Simek , Greg Kroah-Hartman , Guenter Roeck , Andy Shevchenko , linux-iio , linux-arm Mailing List , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Aug 2, 2020 at 12:42 PM Andy Shevchenko wrote: > [snip] > > I was thinking about this bit... Shouldn't we rather issue a simple > dev_warn() and return the existing pointer? > For example in some cases we might want to have resources coming > either from heap or from constant. Then, if at some circumstances we > would like to extend that memory (only for non-constant cases) we > would need to manage this ourselves. Otherwise we may simply call > krealloc(). > It seems that devm_kstrdup_const returns an initial pointer. Getting > NULL is kinda inconvenient (and actually dev_warn() might also be > quite a noise, however I would give a message to the user, because > it's something worth checking). > But this is inconsistent behavior: if you pass a pointer to ro memory to devm_krealloc() it will not resize it but by returning a valid pointer it will make you think it did -> you end up writing to ro memory in good faith. > ... > > > + spin_lock_irqsave(&dev->devres_lock, flags); > > + old_dr = find_dr(dev, devm_kmalloc_release, devm_kmalloc_match, ptr); > > + spin_unlock_irqrestore(&dev->devres_lock, flags); > > > + if (!old_dr) { > > I would have this under spin lock b/c of below. > > > + WARN(1, "Memory chunk not managed or managed by a different device."); > > + return NULL; > > + } > > > + old_head = old_dr->node.entry; > > This would be still better to be under spin lock. > > > + new_dr = krealloc(old_dr, total_size, gfp); > > + if (!new_dr) > > + return NULL; > > And perhaps spin lock taken already here. > > > + if (new_dr != old_dr) { > > + spin_lock_irqsave(&dev->devres_lock, flags); > > + list_replace(&old_head, &new_dr->node.entry); > > + spin_unlock_irqrestore(&dev->devres_lock, flags); > > + } > > Yes, I understand that covering more code under spin lock does not fix > any potential race, but at least it minimizes scope of the code that > is not under it to see exactly what is problematic. > > I probably will think more about a better approach to avoid potential races. My thinking behind this was this: we already have users who call devres_find() and do something with the retrieved resources without holding the devres_lock - so it's assumed that users are sane enough to not be getting in each other's way. Now I see that the difference is that here we're accessing the list node and it can change if another thread is adding a different devres to the same device. So this should definitely be protected somehow. I think that we may have to give up using real krealloc() and instead just reimplement its behavior in the following way: Still outside of spinlock check if the new total size is smaller or equal to the previous one. If so: return the same pointer. If not: allocate a new devres as if it were for devm_kmalloc() but don't add it to the list yet. Take the spinlock - check if we can find the devres - if not: kfree() the new and old chunk and return NULL. If yes: copy the contents of the devres node into the new chunk as well as the memory contents. Replace the old one on the list and free it. Release spinlock and return. Does that work? Bart