Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp783610rwl; Wed, 12 Apr 2023 04:12:03 -0700 (PDT) X-Google-Smtp-Source: AKy350ZOJEu9prCfern5UJAOs4Pfic45mmDL+iNN2kTBE6JAWs1tgdbCJMMHAib8m48ANbOWMbCU X-Received: by 2002:a05:6a20:60d5:b0:cd:a334:a52b with SMTP id q21-20020a056a2060d500b000cda334a52bmr12960570pza.30.1681297923053; Wed, 12 Apr 2023 04:12:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681297923; cv=none; d=google.com; s=arc-20160816; b=BSbTPAV6Sb+ahMcrUCd+DxUi0VOioqMk5cKG0Hmaox0cwHWLSzSh2QRD+3kKVfdmfW axX5gS3t0cqqtZsAbm7NrvnChzcPJLttA7PZsztgiS2NncOCZxqApNTWl9AoZ5veqw/s 7PPHVaGM3oJnQA2BAY4zxV/yJAe4BGu0eHAkgDCIQRvJMzlE/iV7eOYUiMeBO38EpmZi /OFdV8uTf8l/+l1ackmyVJwWwYashNM7/CHsluX0//Wupcyqdjoj18ljmNU5VnQW/mF1 v14p79bgbBiQKtriaJew0LxTdPeFY5hQr94lz+pQnURqd1WuzT9c0tWKlzZNzlwujrtC uP+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=chKAIM4ZxxQVL8Xid6ujCOrtYPL9y4QPjMJ/OigHilk=; b=ntuzTBd3LoVGzZdD8OYf7aOYe72wnvCzhkVYuPC7OmGDihvrVc7Z/x9u+TbLu3fBx3 /BzcEZJ+pcLyYTfbTZE/mT0Ll1RvjYg1My9K2xdIuYUI9JPLFnKnkm7jqnD0fCmaSz7o K9k6vRhiNqzWSTh+ePknjwGyBat77uIQpQtjIUfWFCllAEGZk2MaSvY49TH8jNW+ph4E HqPO9EIs8dYnhP4/wmH9bDdPHHU+4dL3oKH/mHYdFBkAEupTaP4LhPU2dl/aJj5rsPmw imAgkBpXmCi/hnWap+JsffibqrRtv/Mu9RKC5hxsLtNDIESD4vuKjDQksbshJ7IFZ+kD y+8Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="nU/I7mbo"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s6-20020a656446000000b0051add13746dsi6353598pgv.22.2023.04.12.04.11.51; Wed, 12 Apr 2023 04:12:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b="nU/I7mbo"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229612AbjDLLKp (ORCPT + 99 others); Wed, 12 Apr 2023 07:10:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35150 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229565AbjDLLKo (ORCPT ); Wed, 12 Apr 2023 07:10:44 -0400 Received: from mail-yb1-xb29.google.com (mail-yb1-xb29.google.com [IPv6:2607:f8b0:4864:20::b29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 058006EA5; Wed, 12 Apr 2023 04:10:19 -0700 (PDT) Received: by mail-yb1-xb29.google.com with SMTP id q5so14069254ybk.7; Wed, 12 Apr 2023 04:10:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681297810; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=chKAIM4ZxxQVL8Xid6ujCOrtYPL9y4QPjMJ/OigHilk=; b=nU/I7mboOTPCQqM4XPuxWrMb0lfd5MpHHU1F2gzx9H0Md857K1Sms/0Dmw3g2UjMPA azq9eMvskSskpkHs6DdwT+qdC6JEHLmmu/hwNId1aFImiKTDtBydjXXSgeSllRqvKbyt 3xpMnZsAN/knei+Rfj7CvvETRm06iRGm8TyVlanOZMevwX+NVLMYXQ1BWutyV2Yd0Ljo n+KEkMI3nAu5ih3xMGAPXzmAeYKhXxchwMid0maejPmfhKBgvY7T8j5N6BZEHW6whU16 5omAJbGTdM7IsTIoxcs+4AIqZ7H6Oapd0Nnjr8SHgKF4qoOOoQ2mGFd4ZMqAO7onPRsq hAng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1681297810; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=chKAIM4ZxxQVL8Xid6ujCOrtYPL9y4QPjMJ/OigHilk=; b=Z0J31zOI3Lam5F+uvPn969/EY/hIn2q3sfumVmAVii7gJrXsQw5N1AHCJGjyMjx7qF i/C9BCO2SITSD2GkWSDXUWIwa4ohjw/5XFQgQkBbxFI5oQMwxXcXBkcEwcjpq4dwGv8q Q2GbOYF/Hxw+AxjvNHcz/LLDUBbTErn0MAecUmjN3S8kqf+x2PE4PQnUEg5H9NNzFpOv zplHMOmI5q6RaX3z3FQgo06gNINrj2l5TDEPWP4qmr7kn24HVqFTsGFWWvYjyVcEuGaR PwSoPpwvQ6ddKFrqLJoBDr6du/3TCfJ98njK1yuo/++BaU5FfeQ7fQN/SAZ6R8ii41js +Kuw== X-Gm-Message-State: AAQBX9dtgHgEjgNKytH2Gh+3r+ApMOxd1zRPehxXrLJ6ZG2aZVlcn0bP w6ebjaBl3av3EPzTP7j2dpcELuU1Axfq92KfhDc= X-Received: by 2002:a25:73c2:0:b0:b8f:3e29:fb9a with SMTP id o185-20020a2573c2000000b00b8f3e29fb9amr894425ybc.6.1681297809723; Wed, 12 Apr 2023 04:10:09 -0700 (PDT) MIME-Version: 1.0 References: <20230411054543.21278-1-wedsonaf@gmail.com> <20230411054543.21278-11-wedsonaf@gmail.com> In-Reply-To: From: Wedson Almeida Filho Date: Wed, 12 Apr 2023 08:09:58 -0300 Message-ID: Subject: Re: [PATCH v4 11/13] rust: lock: add `Guard::do_unlocked` To: Boqun Feng Cc: rust-for-linux@vger.kernel.org, Miguel Ojeda , Alex Gaynor , Gary Guo , =?UTF-8?Q?Bj=C3=B6rn_Roy_Baron?= , linux-kernel@vger.kernel.org, Wedson Almeida Filho , Martin Rodriguez Reboredo Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 11 Apr 2023 at 18:18, Boqun Feng wrote: > > On Tue, Apr 11, 2023 at 02:45:41AM -0300, Wedson Almeida Filho wrote: > > From: Wedson Almeida Filho > > > > It releases the lock, executes some function provided by the caller, > > then reacquires the lock. This is preparation for the implementation of > > condvars, which will sleep after between unlocking and relocking. > > > > We need an explicit `relock` method for primitives like `SpinLock` that > > have an irqsave variant: we use the guard state to determine if the lock > > was originally acquired with the regular `lock` function or > > `lock_irqsave`. > > > > Reviewed-by: Martin Rodriguez Reboredo > > Signed-off-by: Wedson Almeida Filho > > --- > > v1 -> v2: No changes > > v2 -> v3: No changes > > v3 -> v4: No changes > > > > rust/kernel/sync/lock.rs | 25 +++++++++++++++++++++++++ > > rust/kernel/sync/lock/spinlock.rs | 17 +++++++++++++++-- > > 2 files changed, 40 insertions(+), 2 deletions(-) > > > > diff --git a/rust/kernel/sync/lock.rs b/rust/kernel/sync/lock.rs > > index 819b8ea5ba2b..cde57756795f 100644 > > --- a/rust/kernel/sync/lock.rs > > +++ b/rust/kernel/sync/lock.rs > > @@ -22,6 +22,9 @@ pub mod spinlock; > > /// > > /// - Implementers must ensure that only one thread/CPU may access the protected data once the lock > > /// is owned, that is, between calls to `lock` and `unlock`. > > +/// - Implementers must also ensure that `relock` uses the same locking method as the original > > +/// lock operation. For example, it should disable interrupts if [`IrqSaveBackend::lock_irqsave`] > > +/// is used. > > pub unsafe trait Backend { > > /// The state required by the lock. > > type State; > > @@ -55,6 +58,17 @@ pub unsafe trait Backend { > > /// > > /// It must only be called by the current owner of the lock. > > unsafe fn unlock(ptr: *mut Self::State, guard_state: &Self::GuardState); > > + > > + /// Reacquires the lock, making the caller its owner. > > + /// > > + /// # Safety > > + /// > > + /// Callers must ensure that `state` comes from a previous call to [`Backend::lock`] (or > > I think you mean > > "Callers must ensure that `guard_state` comes ..." > > , right? That's right, thanks for spotting this! I renamed the parameter names (based on your feedback :)) but didn't update the comment accordingly. Will do. > Regards, > Boqun > > > + /// variant) that has been unlocked with [`Backend::unlock`] and will be relocked now. > > + unsafe fn relock(ptr: *mut Self::State, guard_state: &mut Self::GuardState) { > > + // SAFETY: The safety requirements ensure that the lock is initialised. > > + *guard_state = unsafe { Self::lock(ptr) }; > > + } > > } > > > > /// The "backend" of a lock that supports the irq-save variant. > > @@ -164,6 +178,17 @@ pub struct Guard<'a, T: ?Sized, B: Backend> { > > // SAFETY: `Guard` is sync when the data protected by the lock is also sync. > > unsafe impl Sync for Guard<'_, T, B> {} > > > > +impl Guard<'_, T, B> { > > + #[allow(dead_code)] > > + pub(crate) fn do_unlocked(&mut self, cb: impl FnOnce()) { > > + // SAFETY: The caller owns the lock, so it is safe to unlock it. > > + unsafe { B::unlock(self.lock.state.get(), &self.state) }; > > + cb(); > > + // SAFETY: The lock was just unlocked above and is being relocked now. > > + unsafe { B::relock(self.lock.state.get(), &mut self.state) }; > > + } > > +} > > + > > impl core::ops::Deref for Guard<'_, T, B> { > > type Target = T; > > > > diff --git a/rust/kernel/sync/lock/spinlock.rs b/rust/kernel/sync/lock/spinlock.rs > > index 34dec09a97c0..e2a2f68e6d93 100644 > > --- a/rust/kernel/sync/lock/spinlock.rs > > +++ b/rust/kernel/sync/lock/spinlock.rs > > @@ -4,6 +4,7 @@ > > //! > > //! This module allows Rust code to use the kernel's `spinlock_t`. > > > > +use super::IrqSaveBackend; > > use crate::bindings; > > > > /// Creates a [`SpinLock`] initialiser with the given name and a newly-created lock class. > > @@ -95,7 +96,8 @@ pub type SpinLock = super::Lock; > > /// A kernel `spinlock_t` lock backend. > > pub struct SpinLockBackend; > > > > -// SAFETY: The underlying kernel `spinlock_t` object ensures mutual exclusion. > > +// SAFETY: The underlying kernel `spinlock_t` object ensures mutual exclusion. `relock` uses the > > +// same scheme as `unlock` to figure out which locking method was used originally. > > unsafe impl super::Backend for SpinLockBackend { > > type State = bindings::spinlock_t; > > type GuardState = Option; > > @@ -127,13 +129,24 @@ unsafe impl super::Backend for SpinLockBackend { > > None => unsafe { bindings::spin_unlock(ptr) }, > > } > > } > > + > > + unsafe fn relock(ptr: *mut Self::State, guard_state: &mut Self::GuardState) { > > + let _ = match guard_state { > > + // SAFETY: The safety requiments of this function ensure that `ptr` has been > > + // initialised. > > + None => unsafe { Self::lock(ptr) }, > > + // SAFETY: The safety requiments of this function ensure that `ptr` has been > > + // initialised. > > + Some(_) => unsafe { Self::lock_irqsave(ptr) }, > > + }; > > + } > > } > > > > // SAFETY: The underlying kernel `spinlock_t` object ensures mutual exclusion. We use the `irqsave` > > // variant of the C lock acquisition functions to disable interrupts and retrieve the original > > // interrupt state, and the `irqrestore` variant of the lock release functions to restore the state > > // in `unlock` -- we use the guard context to determine which method was used to acquire the lock. > > -unsafe impl super::IrqSaveBackend for SpinLockBackend { > > +unsafe impl IrqSaveBackend for SpinLockBackend { > > unsafe fn lock_irqsave(ptr: *mut Self::State) -> Self::GuardState { > > // SAFETY: The safety requirements of this function ensure that `ptr` points to valid > > // memory, and that it has been initialised before. > > -- > > 2.34.1 > >