Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp9461943pxu; Mon, 28 Dec 2020 17:24:28 -0800 (PST) X-Google-Smtp-Source: ABdhPJyvlzFxshJ9Gb64asd67NfX41JfXYNLb8nFX/bGaxucmtFJDu9f6DIocgR5usS4ZzUTmvFN X-Received: by 2002:a17:907:20cc:: with SMTP id qq12mr45772102ejb.316.1609205068027; Mon, 28 Dec 2020 17:24:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609205068; cv=none; d=google.com; s=arc-20160816; b=GOu+rUdzT89hkaCkuwBRV3RLJwTvNhjjmlsVcPwT3Hs0ZpUBc5VFUY9alZ//XJXieV 0HHdvnhspKwp7lHnWse7UeKGgBVsYEWdZwQ9KqBIOprk5jP7byw/oTT8TWuB1Mzwc4se qkNqA5CvtSimP6Cgf+voeLz8dOgiRuIf/+dG2FMuHU93ioM7wCutmThdpz41y6IbCxgg 7lhIPXx0GHGjBVk5Cf4jDucTL7VZ8TXeIpT0VoJ9ML3vYz4ocA4BNHu11EMPTv5b2/05 1qZ+oyxywHXIMEnIYDOFn8JAQHLn6gK6hBZIpKXxH+siPC9bXQigsGnIMZg/onfSNvmG zT6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=9QWueFoX46bASvYc3JoD/wDe6SIFvsehDB2wYLC5Qro=; b=V1YpRGbCN48RM+OZi8yAapm9HmcnH9sql6zhztHAyMxRR+ozkmgLJz2wisDq2uyE1G KnSSiAdJJKOHnwzwaZtiui1T2ZRdxX+OrGQ7LNTTb2cAWKC+72aR7p26TeDZ4V/tUOxm nyy+ZYtoDOZ0K0pEdDlNw2RvDKrM3CkE6uVtufWp+T/kDQAHlysX7veD38pBT2/onGj1 Rqle0MpipygC3rx2NZ6GDRBbeqqbgdx+lsw8BRDUlpDX7WiVac6I8PUZFUeW/zzF3byU lEDmo3QbtlcxTaTFxRBOiB4eutM8HxTBc6Be/h/nCPvSnX/Y5FxY+cYT7GGogRitJkzh gkBQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=kC8erHWC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t6si21143268edq.353.2020.12.28.17.24.06; Mon, 28 Dec 2020 17:24:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=kC8erHWC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728893AbgL1SbY (ORCPT + 99 others); Mon, 28 Dec 2020 13:31:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43666 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728888AbgL1SbX (ORCPT ); Mon, 28 Dec 2020 13:31:23 -0500 Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 188E7C061793 for ; Mon, 28 Dec 2020 10:30:03 -0800 (PST) Received: by mail-lf1-x132.google.com with SMTP id s26so25753581lfc.8 for ; Mon, 28 Dec 2020 10:30:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9QWueFoX46bASvYc3JoD/wDe6SIFvsehDB2wYLC5Qro=; b=kC8erHWC7LJljd/G34/JaHHsVnKmOkmodMYD6VYbi1frfV7aUiFi4ghdP5U/jRYjxy Tnnwz+m3WZxE/dL3rkP+C4A/veMY+6cha1JGdQaGU8Wz1F1bxwm/R2RZMdRO98LnkUBm cYPK1X8bqfX/mKN53uFzCwLJfQOB3+zF892PLrZTmSH8IocXMFfPvCQnYoCAfLsExCZl Sgm0r3NQPWN5nJkagtSh/CbGKomwwEFYDVDryUx9aRtUw95jIZf3obX3t0zci7zmGP4S a4ECxd5nFqgw7+mPV8Dee4cuyjkV2RBVkp4uN5wld/yuUnwFjs5Q4WB6U+KIrk84OcpQ gmDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9QWueFoX46bASvYc3JoD/wDe6SIFvsehDB2wYLC5Qro=; b=LSAA7PsxcNtYk7nJEV3vnSVTZPLSEfWDRLU1epDiu0g0LLoGJp8hnlFIrlxpc9sHzJ OqS4ByQISQ1Src617IZMDhWiNRJLK6Kf0WHZfE+NQPAVd+kQhMC10c3nZZLckGIZBc6W +K5u68IEHYH168p+BUqxTaqO2o2ml4FkXcUk3sWySHmUDAgU4Y01WMYn5x7VXid6symp 6UvRTgNWgMPJL/sR8WXoBwmn7Fez9NcahF4a1tZuKSlvyFD5Gjll0/Ha0EdN6ZJLZJdz EmhW43GF15xmck4dg6PSTQ0XRAMjcrutKh2JiTf8UrRB8F+EPfH8PjSz2n5zaCtZvpcP ECsA== X-Gm-Message-State: AOAM531lpWT1uG2eux40ozlVXMwm+GV01x2Ueoe+qxfHH/ER6/yyCvyL b4G/MM04USpd/Y+FBiSmYTIoNKfbRQayoKyspKN+WEn34l2QGw== X-Received: by 2002:a19:716:: with SMTP id 22mr19106749lfh.390.1609180201389; Mon, 28 Dec 2020 10:30:01 -0800 (PST) MIME-Version: 1.0 References: <1836294649.3345.1609100294833.JavaMail.zimbra@efficios.com> <20201228102537.GG1551@shell.armlinux.org.uk> In-Reply-To: From: Jann Horn Date: Mon, 28 Dec 2020 19:29:34 +0100 Message-ID: Subject: Re: [RFC please help] membarrier: Rewrite sync_core_before_usermode() To: Andy Lutomirski , Will Deacon Cc: Russell King - ARM Linux admin , Mathieu Desnoyers , x86 , linux-kernel , Nicholas Piggin , Arnd Bergmann , Michael Ellerman , Benjamin Herrenschmidt , Paul Mackerras , linuxppc-dev , Catalin Marinas , linux-arm-kernel , stable Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Dec 28, 2020 at 6:14 PM Andy Lutomirski wrote: > On Mon, Dec 28, 2020 at 2:25 AM Russell King - ARM Linux admin > wrote: > > > > On Sun, Dec 27, 2020 at 01:36:13PM -0800, Andy Lutomirski wrote: > > > On Sun, Dec 27, 2020 at 12:18 PM Mathieu Desnoyers > > > wrote: > > > > > > > > ----- On Dec 27, 2020, at 1:28 PM, Andy Lutomirski luto@kernel.org wrote: > > > > > > > > > > > > > > > > > I admit that I'm rather surprised that the code worked at all on arm64, > > > > > and I'm suspicious that it has never been very well tested. My apologies > > > > > for not reviewing this more carefully in the first place. > > > > > > > > Please refer to Documentation/features/sched/membarrier-sync-core/arch-support.txt > > > > > > > > It clearly states that only arm, arm64, powerpc and x86 support the membarrier > > > > sync core feature as of now: > > > > > > Sigh, I missed arm (32). Russell or ARM folks, what's the right > > > incantation to make the CPU notice instruction changes initiated by > > > other cores on 32-bit ARM? > > > > You need to call flush_icache_range(), since the changes need to be > > flushed from the data cache to the point of unification (of the Harvard > > I and D), and the instruction cache needs to be invalidated so it can > > then see those updated instructions. This will also take care of the > > necessary barriers that the CPU requires for you. > > With what parameters? From looking at the header, this is for the > case in which the kernel writes some memory and then intends to > execute it. That's not what membarrier() does at all. membarrier() > works like this: > > User thread 1: > > write to RWX memory *or* write to an RW alias of an X region. > membarrier(...); > somehow tell thread 2 that we're ready (with a store release, perhaps, > or even just a relaxed store.) > > User thread 2: > > wait for the indication from thread 1. > barrier(); > jump to the code. > > membarrier() is, for better or for worse, not given a range of addresses. > > On x86, the documentation is a bit weak, but a strict reading > indicates that thread 2 must execute a serializing instruction at some > point after thread 1 writes the code and before thread 2 runs it. > membarrier() does this by sending an IPI and ensuring that a > "serializing" instruction (thanks for great terminology, Intel) is > executed. Note that flush_icache_range() is a no-op on x86, and I've > asked Intel's architects to please clarify their precise rules. No > response yet. > > On arm64, flush_icache_range() seems to send an IPI, and that's not > what I want. membarrier() already does an IPI. After chatting with rmk about this (but without claiming that any of this is his opinion), based on the manpage, I think membarrier() currently doesn't really claim to be synchronizing caches? It just serializes cores. So arguably if userspace wants to use membarrier() to synchronize code changes, userspace should first do the code change, then flush icache as appropriate for the architecture, and then do the membarrier() to ensure that the old code is unused? For 32-bit arm, rmk pointed out that that would be the cacheflush() syscall. That might cause you to end up with two IPIs instead of one in total, but we probably don't care _that_ much about extra IPIs on 32-bit arm? For arm64, I believe userspace can flush icache across the entire system with some instructions from userspace - "DC CVAU" followed by "DSB ISH", or something like that, I think? (See e.g. compat_arm_syscall(), the arm64 compat code that implements the 32-bit arm cacheflush() syscall.)