Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4769768rdb;
        Tue, 12 Dec 2023 08:51:08 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEcwdERqaLNOSZRpJA9Ty6Z1nWLGpYn/hdFMhfpiXzONNSAvnxk/g8sXVHpLpP0iBqRLKGu
X-Received: by 2002:a05:6a00:cd2:b0:6ce:54dc:2d0b with SMTP id b18-20020a056a000cd200b006ce54dc2d0bmr9532230pfv.1.1702399867992;
        Tue, 12 Dec 2023 08:51:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702399867; cv=none;
        d=google.com; s=arc-20160816;
        b=vhKqpTGTkdPKzVL+rSeQlVuebg6y78QFJVD9pBymlOIi7ALq+uICrXIoO9t6s+Kr07
         gP4+qYSXE42oozRwB6MoqBZ2xnwQb8EJt8Ak4kCXMkgeK3r7y+geVGPhj6jxkHclZRyo
         8PYOtnmttfMsE/r+2R1b+YT9Cf0GMUFn7NiV5h71Anmlr/oHDABOWQ6gu+5hzwp7Z/rI
         f8GqRJ+syNtIfFD8od9QoHwFbeWrb1+Ysh1uAqSy0FB7ZQqiguEuJ0Vfymi8iD/2s1vt
         yHxbQvNmb32F2eOGUxy6OX1A5mwnK9X47BXfApTWesHIkQOdzIA+e74sCu7ekeHgEaDD
         EZ9w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :feedback-id:references:in-reply-to:message-id:subject:cc:from:to
         :date:dkim-signature;
        bh=w38LyRHLZtbV6MXFwYHgJYUkLwMl4DKzg/6P9akEIm8=;
        fh=DCKQjgAWIxA3NWI9O2VzOBHopifTgFJfTsi5maunsFk=;
        b=NpSzrl3ajpgkYWDdMKeSB/d2lZm2A/eZUc7g8U+caQBBCAX13VsH+ypLqvi8laam5g
         RkXu3WO04LVJ24/ylprA2e/x7L19dedT8bBMDihY3mVFWfaO2CmWzlGzb1GTd5jAUNsJ
         SDRJ4E4RzNqihyJG/3dn7e1bBuJevq42ye3bDn5GqvRW+OXAD3Lvz2mMRDZ43kCLpW0E
         F5D8seyuM0Pfy/yKKMVRvFbzxJMEaM8oMe/R+F8y4uC7gA3VzUiUFwkn29htxtwclwzO
         1dUmU4r2oZdieOjRVg11bTBRz/dD/xAduejsG5ehdrSbfVVWhV3YqLaDRf3G8ITjHthE
         Yyag==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@proton.me header.s=protonmail header.b=Jp8ET7bH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=proton.me
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7])
        by mx.google.com with ESMTPS id t7-20020a63dd07000000b005c70983efd5si5584029pgg.629.2023.12.12.08.51.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Dec 2023 08:51:07 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@proton.me header.s=protonmail header.b=Jp8ET7bH;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=proton.me
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id D306480B01C8;
	Tue, 12 Dec 2023 08:51:06 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232642AbjLLQu5 (ORCPT
        <rfc822;aditya.jainadityajain.jain@gmail.com> + 99 others);
        Tue, 12 Dec 2023 11:50:57 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44486 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229702AbjLLQu4 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Dec 2023 11:50:56 -0500
Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch [185.70.43.22])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C8E0A6;
        Tue, 12 Dec 2023 08:51:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me;
        s=protonmail; t=1702399860; x=1702659060;
        bh=w38LyRHLZtbV6MXFwYHgJYUkLwMl4DKzg/6P9akEIm8=;
        h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
         Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
         Message-ID:BIMI-Selector;
        b=Jp8ET7bH3aUWWYk2XtraWwxkt6VOsNoTE6yTzBkO/5qlf8Uz7N1EHWsm6NaW0dL34
         6oSR5bu1enkU96x+sMJJNGD1qmYW/04YQIGibnzU67r8PcDR8IHWGvfejHQ0o9w4ub
         jKwJFBS7GtZscegHd4KGpVr2YDCPFUpV0R6e2Xj2UKh+qX2iRlsaP/nxolfneYK5hR
         KrRnoGDXDS/3jpnhYWaqpKCS82I1UNUG5plAcmWZW3n2q/5aRUHYcoUd+9UYINGzM2
         3miwsR87An1DUJgbf8yedooNSmwy2Lcn+KxifYodaS21XxJbGCWOboZmPwDfD/iuGg
         l/Eg9bptUz9Zg==
Date:   Tue, 12 Dec 2023 16:50:53 +0000
To:     Alice Ryhl <aliceryhl@google.com>
From:   Benno Lossin <benno.lossin@proton.me>
Cc:     a.hindborg@samsung.com, alex.gaynor@gmail.com, arve@android.com,
        bjorn3_gh@protonmail.com, boqun.feng@gmail.com, brauner@kernel.org,
        cmllamas@google.com, dan.j.williams@intel.com, dxu@dxuuu.xyz,
        gary@garyguo.net, gregkh@linuxfoundation.org,
        joel@joelfernandes.org, keescook@chromium.org,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
        maco@android.com, ojeda@kernel.org, peterz@infradead.org,
        rust-for-linux@vger.kernel.org, surenb@google.com,
        tglx@linutronix.de, tkjos@android.com, viro@zeniv.linux.org.uk,
        wedsonaf@gmail.com, willy@infradead.org
Subject: Re: [PATCH v2 6/7] rust: file: add `DeferredFdCloser`
Message-ID: <8idgiXA3NzJ1zv5FQ4UVhObREsn81yb7T_M6Z44-Mc0-Rta_Q_jmOAkmDCwLKgE221TtMmFiebz0Q8WJPhy4WpngTiTc5dxwg6qIffueYmY=@proton.me>
In-Reply-To: <CAH5fLggB_33jR1eyXSFhN=DN34wD7E6-ckSU8ABmQ50H-L3P-w@mail.gmail.com>
References: <MjDmZBGV04fVI1qzhceEjQgcmoBuo3YoVuiQdANKj9F1Ux5JFKud8hQpfeyLXI0O5HG6qicKFaYYzM7JAgR_kVQfMCeVdN6t7PjbPaz0D0U=@proton.me> <20231211153440.4162899-1-aliceryhl@google.com> <DNn_nN0MKmn9OoY7Gjn4fCUcwKD6ijDZyDXVHvouEa2w0o2yiXeRox3EUfAcbfoWqx0I24-8HqqzONjuTQIVxu2cfAoNQpUFJygPtQNXPM4=@proton.me> <CAH5fLggB_33jR1eyXSFhN=DN34wD7E6-ckSU8ABmQ50H-L3P-w@mail.gmail.com>
Feedback-ID: 71780778:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,
        RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS,
        T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 12 Dec 2023 08:51:06 -0800 (PST)

On 12/12/23 10:35, Alice Ryhl wrote:
> On Mon, Dec 11, 2023 at 6:23=E2=80=AFPM Benno Lossin <benno.lossin@proton=
.me> wrote:
>>
>>>>> +        // We update the file pointer that the task work is supposed=
 to fput.
>>>>> +        //
>>>>> +        // SAFETY: Task works are executed on the current thread onc=
e we return to userspace, so
>>>>> +        // this write is guaranteed to happen before `do_close_fd` i=
s called, which means that a
>>>>> +        // race is not possible here.
>>>>> +        //
>>>>> +        // It's okay to pass this pointer to the task work, since we=
 just acquired a refcount with
>>>>> +        // the previous call to `get_file`. Furthermore, the refcoun=
t will not drop to zero during
>>>>> +        // an `fdget` call, since we defer the `fput` until after re=
turning to userspace.
>>>>> +        unsafe { *file_field =3D file };
>>>>
>>>> A synchronization question: who guarantees that this write is actually
>>>> available to the cpu that executes `do_close_fd`? Is there some
>>>> synchronization run when returning to userspace?
>>>
>>> It's on the same thread, so it's just a sequenced-before relation.
>>>
>>> It's not like an interrupt. It runs after the syscall invocation has
>>> exited, but before it does the actual return-to-userspace stuff.
>>
>> Reasonable, can you also put this in a comment?
>=20
> What do you want me to add? I already say that it will be executed on
> the same thread.

Seems I missed that, then no need to add anything.

>>>>> +/// Represents a failure to close an fd in a deferred manner.
>>>>> +#[derive(Copy, Clone, Eq, PartialEq)]
>>>>> +pub enum DeferredFdCloseError {
>>>>> +    /// Closing the fd failed because we were unable to schedule a t=
ask work.
>>>>> +    TaskWorkUnavailable,
>>>>> +    /// Closing the fd failed because the fd does not exist.
>>>>> +    BadFd,
>>>>> +}
>>>>> +
>>>>> +impl From<DeferredFdCloseError> for Error {
>>>>> +    fn from(err: DeferredFdCloseError) -> Error {
>>>>> +        match err {
>>>>> +            DeferredFdCloseError::TaskWorkUnavailable =3D> ESRCH,
>>>>
>>>> This error reads "No such process", I am not sure if that is the best
>>>> way to express the problem in that situation. I took a quick look at t=
he
>>>> other error codes, but could not find a better fit. Do you have any
>>>> better ideas? Or is this the error that C binder uses?
>>>
>>> This is the error code that task_work_add returns. (It can't happen in
>>> Binder.)
>>>
>>> And I do think that it is a reasonable choice, because the error only
>>> happens if you're calling the method from a context that has no
>>> userspace process associated with it.
>>
>> I see.
>>
>> What do you think of making the Rust error more descriptive? So instead
>> of implementing `Debug` like you currently do, you print
>>
>>     $error ($variant)
>>
>> where $error =3D Error::from(*self) and $variant is the name of the
>> variant?
>>
>> This is more of a general suggestion, I don't think that this error type
>> in particular warrants this. But in general with Rust we do have the
>> option to have good error messages for every error while maintaining
>> efficient error values.
>=20
> I can #[derive(Debug)] instead, I guess?

Hmm I thought that might not be ideal, since then you would not have the
error code, only `TaskWorkUnavailable` or `BadFd`.
But if that is also acceptable, then I would go with the derived debug.

--=20
Cheers,
Benno