Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp4750030pxb;
        Tue, 5 Oct 2021 09:31:55 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwevopvuBg6I4ac5SUESFntDNBoqY0x7NSDdmD7I0kbQbRKsdPYPbIrhLlVmPot9H8DZOiA
X-Received: by 2002:a63:f050:: with SMTP id s16mr16267148pgj.258.1633451515629;
        Tue, 05 Oct 2021 09:31:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1633451515; cv=none;
        d=google.com; s=arc-20160816;
        b=1KBUBxfZvGAckCh83u2WpShsiuGNozjciCDHyXONoaJM6kJf1u/8NQ0GL09M6anzQ2
         7gQvR7sTYB3k3C24RPFTG6vQU6pI5cbkoxKrr0mu4n03hCM+63xyuSTyvi5uN2GEefHp
         KFM1ujtXzqwgGlX5KhkIuuRKpSE3FhVXQyTYpe12O2trdzYRgry4PX7k1H71JgJTQjt6
         3U3D4248skQOuvkJe/1mbwJQxkkWycBzi5nECCtMB1bv2ED9MZgiaHfeKoM+AdW9TAJV
         pKqbgxv9CYkbYXC+mxVLftfG+Vf6E3FYZgs0Ui4y8VeTWfMuSEEwDhztIUbveJITRMVi
         pbkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:reply-to:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=ki2K7Cz6K5BZk/CM81m1szgtc6S2wOLbKixh4mO2Ee4=;
        b=RdEso34QWGYTFkcyJ5X8QLhheY7O/yYRASi8DczBROjdYqLHxZgS3azjIuYRSp7IbX
         L2azzALw+KytZicQdefEta87CsHdVldSVRoI6h1gtJKvqR3UXSqtiYhJ3QSHdcsSAcoP
         WSgPi33T8e/QqeX2YI/hjSoOHyrNdgUYxxqok0A3hnBMT09vTbBcI/LGa4NitRb5FpwE
         wOrtwwxSEMeBqvdayh+IMmnNAr9VpGworZ64f1LajO+TjethmA2Kqow4KG48gDyDqyW4
         T3FJmR3gGt9Ugbs5lMHkozDJuJz/ZbqXpp+cmo/SakKJ8yU6NPodCxDq/a1MqoyGNb6+
         OOFw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=AlXg6bGL;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id s16si2499871pjn.152.2021.10.05.09.31.29;
        Tue, 05 Oct 2021 09:31:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=AlXg6bGL;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236446AbhJEQbH (ORCPT <rfc822;lucas.de.marchi@gmail.com>
        + 99 others); Tue, 5 Oct 2021 12:31:07 -0400
Received: from mail.kernel.org ([198.145.29.99]:35046 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S236088AbhJEQbG (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Oct 2021 12:31:06 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 2189D61373;
        Tue,  5 Oct 2021 16:29:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1633451356;
        bh=iwigj6eqF85kwprTmioYxRpgk7wef6bzF9Dh2dvCPjw=;
        h=Date:From:To:Cc:Subject:Reply-To:References:In-Reply-To:From;
        b=AlXg6bGLNt7mMzBF/flLI36K2EjnFNxsBWAu6yprqL0wtI8WnL9FR1JLjxK+2foPA
         jfdoChtdolfmJnadyhnhdglJpcA3NvDTReEmu41CYpBxcx4I09xz/9jBm0JIM+oUBG
         GwrGAm2OhG7s5lqdXitgyMHwK2MpXzzkaPaEAoai+NN6loKruu6mH5D1vkxk873n+9
         ibhq+PXrqr9yCgkzlF01zxyvkwigyxbkPytXlmd9WIT93erDqC5KBKDcgFW/SWCM5c
         285Qeaajs7HoZNhb2B9+5VREBGmTjJmid0ze2Zv3L1ML7+tXNgHsYqLX89RJ3Noi4F
         gIB761HlQ35Dg==
Received: by paulmck-ThinkPad-P17-Gen-1.home (Postfix, from userid 1000)
        id D979A5C098A; Tue,  5 Oct 2021 09:29:15 -0700 (PDT)
Date:   Tue, 5 Oct 2021 09:29:15 -0700
From:   "Paul E. McKenney" <paulmck@kernel.org>
To:     Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc:     rostedt <rostedt@goodmis.org>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Josh Triplett <josh@joshtriplett.org>,
        Lai Jiangshan <jiangshanlai@gmail.com>,
        "Joel Fernandes, Google" <joel@joelfernandes.org>,
        Pablo Neira Ayuso <pablo@netfilter.org>,
        Jozsef Kadlecsik <kadlec@netfilter.org>,
        Florian Westphal <fw@strlen.de>,
        "David S. Miller" <davem@davemloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        David Ahern <dsahern@kernel.org>,
        Jakub Kicinski <kuba@kernel.org>, rcu <rcu@vger.kernel.org>,
        netfilter-devel <netfilter-devel@vger.kernel.org>,
        coreteam <coreteam@netfilter.org>,
        netdev <netdev@vger.kernel.org>
Subject: Re: [RFC][PATCH] rcu: Use typeof(p) instead of typeof(*p) *
Message-ID: <20211005162915.GT880162@paulmck-ThinkPad-P17-Gen-1>
Reply-To: paulmck@kernel.org
References: <20211005094728.203ecef2@gandalf.local.home>
 <505004021.2637.1633446912223.JavaMail.zimbra@efficios.com>
 <20211005115817.2e1b57bd@gandalf.local.home>
 <155148572.2789.1633450504238.JavaMail.zimbra@efficios.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <155148572.2789.1633450504238.JavaMail.zimbra@efficios.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Oct 05, 2021 at 12:15:04PM -0400, Mathieu Desnoyers wrote:
> ----- On Oct 5, 2021, at 11:58 AM, rostedt rostedt@goodmis.org wrote:
> 
> > On Tue, 5 Oct 2021 11:15:12 -0400 (EDT)
> > Mathieu Desnoyers <mathieu.desnoyers@efficios.com> wrote:
> > 
> >> ----- On Oct 5, 2021, at 9:47 AM, rostedt rostedt@goodmis.org wrote:
> >> [...]
> >> > #define rcu_dereference_raw(p) \
> >> > ({ \
> >> > 	/* Dependency order vs. p above. */ \
> >> > 	typeof(p) ________p1 = READ_ONCE(p); \
> >> > -	((typeof(*p) __force __kernel *)(________p1)); \
> >> > +	((typeof(p) __force __kernel)(________p1)); \
> >> > })
> >> 
> >> AFAIU doing so removes validation that @p is indeed a pointer, so a user might
> >> mistakenly
> >> try to use rcu_dereference() on an integer, and get away with it. I'm not sure
> >> we want to
> >> loosen this check. I wonder if there might be another way to achieve the same
> >> check without
> >> requiring the structure to be declared, e.g. with __builtin_types_compatible_p ?
> > 
> > Is that really an issue? Because you would be assigning it to an integer.
> > 
> > 
> >	x = rcu_dereference_raw(y);
> > 
> > And that just makes 'x' a copy of 'y' and not really a reference to it, thus
> > if you don't have a pointer, it's just a fancy READ_ONCE(y).
> 
> See Documentation/RCU/arrayRCU.rst:
> 
> "It might be tempting to consider use
> of RCU to instead protect the index into an array, however, this use
> case is **not** supported.  The problem with RCU-protected indexes into
> arrays is that compilers can play way too many optimization games with
> integers, which means that the rules governing handling of these indexes
> are far more trouble than they are worth.  If RCU-protected indexes into
> arrays prove to be particularly valuable (which they have not thus far),
> explicit cooperation from the compiler will be required to permit them
> to be safely used."
> 
> So AFAIU validation that rcu_dereference receives a pointer as parameter
> is done on purpose.

What Mathieu said!

On the other hand, I am starting to believe that explicit cooperation
from compilers might actually be forthcoming in my lifetime, so there
might well be that...

							Thanx, Paul