Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp87362pxb; Tue, 31 Aug 2021 15:49:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy6ZoFab/KkuxyVsFW0JKfyTnQD1WFrzb9gR/sa1CweFCfxo7spgtdqrPGMvmiWwvYJ5SMt X-Received: by 2002:a17:906:ae4f:: with SMTP id lf15mr32302539ejb.124.1630450148375; Tue, 31 Aug 2021 15:49:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630450148; cv=none; d=google.com; s=arc-20160816; b=GiqvyZKOFxpx5+YMx7Fke5ZcOykMuJG8iAzbTP/UHWmTJM/7vyWJ2FjmV95zcCLwj3 UZJDPZhymD5xw+El1bF/NOSjgqgz+p2EDNlaud6ztxVxCkW9JdElumtIOpjg/0LweVi8 +shtnP4BXfJUB0s/ePMoy3nK2TXbG26VQ9jxPr7G9jPnwt7EwUZkz7t4BYvIQ4MfMTP5 eDzED8Ewj7qtN2U6CaLDEz3OC4XqI65kesemA8NTDcrfRYMgKUw9uVkrgb4rSTLqCdZ3 hRU5Dr5YOvN/emFlmdMxEGghUjrBk1LphaqjY/QtXc4h3rMHTWSjWHMuowuo6jc+mG/s Fbsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=MHqLzHOU5w6GE8viA7VBL7rpO2AVuZg/dxclEvKZqX8=; b=WTV6fJasDuTdbWK/OOVfghOJ9/jvg+8/DskGbmtJr4XytE0tXKygQEzN+bthPymIfQ GabPfd/SSKzeK2vta5Bz8NDPq8jHyhX0rAiZrbcVVnDhCnJa//R3gPG4BNEC5EeMnGtA 6AkFU3dYEDtTxhQPVXSJDOa/JcQmRYB1ii7dH5u5wUpCW5YBjS5zzzwq8wVF69upI9Lx 2ZewN9u2zo5e17Kf5wMusWi9Vf9jcO1pkT62Zzj7hRKBxMYUlOxrz7+0yXkdfG5W/FIc oWozwIFsjo/w61sWJB3n3j/4JEtBdO5aU5Wt3CafKWjOm39FpoVb8DcrPTjesaH3BTZG KvwA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b11si18469708edr.415.2021.08.31.15.48.34; Tue, 31 Aug 2021 15:49:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240604AbhHaWRD (ORCPT + 99 others); Tue, 31 Aug 2021 18:17:03 -0400 Received: from mail-ed1-f41.google.com ([209.85.208.41]:44569 "EHLO mail-ed1-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240665AbhHaWRD (ORCPT ); Tue, 31 Aug 2021 18:17:03 -0400 Received: by mail-ed1-f41.google.com with SMTP id n11so759166edv.11 for ; Tue, 31 Aug 2021 15:16:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MHqLzHOU5w6GE8viA7VBL7rpO2AVuZg/dxclEvKZqX8=; b=jEQcrNM4B0kOAWqmuepF9bt35AHbXxt9vl2QG1IEqrGlUXI4dfIgHzyOLXN14giBEz Ift69HiOtecdgAzcVNQnE/+NQAaw15SUZCdRnFUnnniCwxOqVpofzF/J3u7IKgTRAqhn 4ZOnvNcsJgqAZDhgqbVsCSWAs1VLFg49I9MR3vUJ1IQX4Lyq6tlg/nZ5UZmmm5pbdzCL AMyn7w/NED7x/Qhvu2i9dRxSkIWoS06LrDcpYxxAdX0RkJIbehKFlROdENo0inALalzc XmHT8op2SNUqfAqK3mWypyQbuJ27QQqNqOBhAOB9vxRHKU0rpuaMet12uGWXcF0nnx2d 8dRg== X-Gm-Message-State: AOAM5325c97/QYcFxR/sQfa8iJYf5SJLxcqnA02H5GAjzwih/dIxJEjz 6eak0oZmA7xnqNoVI4XCx6o3DkAd2Fq0GpiRqNY= X-Received: by 2002:a05:6402:2050:: with SMTP id bc16mr12027591edb.92.1630448166812; Tue, 31 Aug 2021 15:16:06 -0700 (PDT) MIME-Version: 1.0 References: <20210730145957.7927-1-chang.seok.bae@intel.com> <20210730145957.7927-13-chang.seok.bae@intel.com> In-Reply-To: From: Len Brown Date: Tue, 31 Aug 2021 18:15:55 -0400 Message-ID: Subject: Re: [PATCH v9 12/26] x86/fpu/xstate: Use feature disable (XFD) to protect dynamic user state To: Dave Hansen Cc: Borislav Petkov , "Chang S. Bae" , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , X86 ML , "Brown, Len" , Thiago Macieira , "Liu, Jing2" , "Ravi V. Shankar" , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 30, 2021 at 2:04 PM Dave Hansen wrote: > > On 8/24/21 4:17 PM, Len Brown wrote: > > Even if your AMX thread pool threads were to invoke this system call > > as soon as possible... > > What is to say that the thread pool is created only at a time when memory > > is available? A thread could be created 24 hours into program execution > > under OOM conditions and this system call will return ENOMEM, and your program > > will in all likelihood throw up its arms and exit at the exact same place > > it would exit for transparently allocated buffers. > > I tried this exact line of reasoning with Thomas: it doesn't matter > where we run out of memory, we still need the same memory and we're > screwed either way. > > However, Thomas expressed a clear preference for ABIs which return > memory failures explicitly at syscalls versus implicit failures which > can happen on random instructions. > > One might say that the odds of checking for and handling a NULL value > (or ENOMEM) are the same as installing a signal handler. *But*, it's > infinitely easier to unroll state and recover from a NULL than it is to > handle it from within a signal handler. In other words, the explicit > ones *encourage* better programming. I agree. Indeed, I believe that there is universal agreement that a synchronous return code from a system call is a far superior programming model than decoding the location of a failure in a system call. (no, the IP isn't random -- it is always the 1st instruction in that thread to touch a TMM register). > I'd prefer removing the demand-driven allocation at this point. Adding a pre-allocate system call that can gracefully fail (even though it never will) is independent from removing demand-driver allocation. I would leave this to application developers. Honestly, the kernel shouldn't care. -- Len Brown, Intel Open Source Technology Center