Received: by 2002:a05:6500:1b45:b0:1f5:f2ab:c469 with SMTP id cz5csp1210553lqb; Thu, 18 Apr 2024 03:34:11 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXYDaCELe1q6tMm9QucfHMzgqAeRMdS3/qCUqUkqweXBZ1cGZbuFQjqSzbWoI4iHDVGoMCOaCeOTN3KTSQLxJN52jXi/QjI3ddGz/gmCQ== X-Google-Smtp-Source: AGHT+IFMwuu4EizCd4HNoTbJ1Kkye7fe9rC95S+1UUx/OWj3v3ZSisByZYGmTq+tPnm4dSO/uFpM X-Received: by 2002:a17:906:2794:b0:a52:8da1:aeba with SMTP id j20-20020a170906279400b00a528da1aebamr1432806ejc.9.1713436451405; Thu, 18 Apr 2024 03:34:11 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713436451; cv=pass; d=google.com; s=arc-20160816; b=RpoqK86X35axgeiDO2Sc81A/lr+74LKroWF9swi+FDMrT1xC33nQpi4dBRBYNllMUq d6SrVuKGdkzw+vTk+mslm/q50su2MWaY5JOmit92r6upnx2pOgfBOYamji0bt2trt5jn zbSkrwdPOHitNlg1htClX2+eBDtmLHaAdTWoP+qrRKyBs1H8PkIhH+Wax0nCxqGw9IjM nfT8bzg8LvLLx18ynzJah8l1Sd4qpj94Z8n2nDzkE2mDeJfFx7fgdLs4f7TuQ0FqwrKS sh8CH0sExtBPjgDTAupGRjAxZYyiKcVGDTvcfRtqWwdrHofLMHx6r1D+Up3PSyTcui/k JovA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=8TqG/vX3kAJfrqS7HQAa54Wgm8mEhmbiwEFcC9upq5k=; fh=45heycNeEFuVOMitAmz5VQCGIC1zmTaQVCP/WckR6TA=; b=eHyCgvfl0S932ZXNpt5ykJ2s4KubOXuoy4nDmLZRkfIVIAe33cEb8Sm2JchlQ9LNAe MTJUqSS9oXe6wOWq2KI88ydbS4xbLNQfVuGhzkrFy8r7h4FfESiQ3+T/yHzSb/zqXhvA mBRoqLakh2mrlHKZ77YjFqFNr7ap3GD5t2NcK5NZdFAZJG/6qJWduV9nNn/YuUDHHY1M b1KwP/pntfFlPQOEc3HPM1ZhbxL+CNaY4gCkxFnOQhee7bHwZHAz8/cjOilRbuWoGUcI qVcAJ87ehfzaUbYFeJ2iv/YSm/q3VqLloaUY3W7uHAd80SLRqrKo0blUYZ26lcK64Y2v zrqQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.com header.s=google header.b=WI0ylXHy; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-149890-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-149890-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id t1-20020a170906a10100b00a51b9000041si738285ejy.436.2024.04.18.03.34.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 03:34:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-149890-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=google header.b=WI0ylXHy; arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com); spf=pass (google.com: domain of linux-kernel+bounces-149890-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-149890-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id F19631F235E2 for ; Thu, 18 Apr 2024 10:34:10 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E104C15AAAD; Thu, 18 Apr 2024 10:34:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b="WI0ylXHy" Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FE39433C7 for ; Thu, 18 Apr 2024 10:34:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.49 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713436442; cv=none; b=crirzmOgd0Xt4cgNMdJyzPX0wYSGn+MzX4/CXsj8EbshRESW0nSUs5URzy2yqOTLc2u9RcRHVh099BpvIaCCx9bTg1x9zYUqVSKj54mbESaz/PLDphIlj+077jjhOSDhDtbCD1Ul9+fVzYH451BCSJEeq6LkeTCuG7Ua6UXjPy4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713436442; c=relaxed/simple; bh=SNcM7mu59GTQp31Vc554XWfB/6nwJpgSz7akQJF/QzU=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=ZoIXA86P73F0L9rVELguK50wvvOY5lBBIy5CWVxJluyrcYsMlPXmsIo2VlCErg7x4arcU7RNdCFiDTZD0EMPytBZ36sZB4fl79W57v4fMvZwO0HGAMfTzNDRAkVUCBCz9x/mNlbAoaK6ctPUbsaQSiwhU+nRnKcQI0X78jbHhug= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b=WI0ylXHy; arc=none smtp.client-ip=209.85.221.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-343b92e54f5so504233f8f.0 for ; Thu, 18 Apr 2024 03:34:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=google; t=1713436439; x=1714041239; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=8TqG/vX3kAJfrqS7HQAa54Wgm8mEhmbiwEFcC9upq5k=; b=WI0ylXHyEURxWgBTavug8L3glbFz459uGVNM+IlK/rxtKl8HR2uztrpsp6uKM/qdy2 sIBw7ISyuuskiFEPOKEzSJLaj37fYmCRt6lyqrFFYCINyh5gn7U42TpRbxSVVJYiVLlM Ds/fBSEpRF5Cg8Kq2RGq/kX8pipeQwSDl4zU6cgDWFDHz1gFABERcuwd3fsK7KOvvNV9 H/kQQUhmwy0vJgsBLgQk+Bqt0XV7nhKUHPqgMEVqRAj9RESyeUCVBAo6X7CtJ/Hzw0/t f+nyZgf/AAyEe2PKlOxUjlvW5+W72ytXr2IafzNAyFF0gxhvso54CXjkfHweSjAjKfCi pyBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713436439; x=1714041239; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=8TqG/vX3kAJfrqS7HQAa54Wgm8mEhmbiwEFcC9upq5k=; b=hLqdbTkoU4MSBwrN1hZn0wehJGrNx7BynA5U/NOHib/1+5XUeUAK7FUOqnD2aQzNtB 3vv1g9iNIfuOKKK6TPbOb68scD/J6MuVBa/+yP6k/gSTCxdIYhAltw1mShlgWRU4y01t cDpJg+k4kWOrpvxePKV9BaTbdC5QWrqeKxqzzihtPPQ6zOrbYbDhwMeD/MTcLV+kUcEl 6nJQV7FeGvuAX8Fy82efLwR7OVxsuex9QsY3Au9iQUhn2W/IsuwOLcdlPYcDUP6/7dLE FEgLaMDpybEEZ/AaDEy+Z+0kNiG4yjrn2HBNZsaghu9P002PmoFsfCV7b1K7Eubqqeor GjrA== X-Forwarded-Encrypted: i=1; AJvYcCU2foGet6HKlpE7qboVumX5sHhZuIH6mfLXbW0NOCORgTdI3NgG9xZ0F/Fx5bJ3wo5qFQRLHYR/qdWXF6QlWsMAVUFBPUF6OGB3xPkF X-Gm-Message-State: AOJu0YwGaTWs2JD3Blhu2H7RvSCHVQpzu0IEIiDWoGabPGSZqkViSdnG TrLB+lt5KX4vodxiMlnj7AQPqHBvY9B10+5sYhol22TQxnmnE33oPZZBNLe389Y= X-Received: by 2002:adf:f405:0:b0:34a:cc3:806 with SMTP id g5-20020adff405000000b0034a0cc30806mr1133042wro.51.1713436438705; Thu, 18 Apr 2024 03:33:58 -0700 (PDT) Received: from pathway.suse.cz ([176.114.240.50]) by smtp.gmail.com with ESMTPSA id y18-20020a5d4ad2000000b0034a0d3c0715sm1329748wrs.50.2024.04.18.03.33.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 03:33:58 -0700 (PDT) Date: Thu, 18 Apr 2024 12:33:56 +0200 From: Petr Mladek To: John Ogness Cc: Sergey Senozhatsky , Steven Rostedt , Thomas Gleixner , linux-kernel@vger.kernel.org, Greg Kroah-Hartman Subject: Re: [PATCH printk v4 06/27] printk: nbcon: Add callbacks to synchronize with driver Message-ID: References: <20240402221129.2613843-1-john.ogness@linutronix.de> <20240402221129.2613843-7-john.ogness@linutronix.de> <87y19djqr0.fsf@jogness.linutronix.de> <87bk68niod.fsf@jogness.linutronix.de> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87bk68niod.fsf@jogness.linutronix.de> On Wed 2024-04-17 17:00:42, John Ogness wrote: > On 2024-04-17, Petr Mladek wrote: > >> We want to avoid using nbcon console ownership contention whenever > >> possible. In fact, there should _never_ be nbcon console owership > >> contention except for in emergency or panic situations. > >> > >> In the normal case, printk will use the driver-specific locking for > >> synchronization. Previously this was achieved by implementing the > >> lock/unlock within the write() callback. But with nbcon consoles that > >> is not possible because the nbcon ownership must be taken outside of > >> the write callback: > >> > >> con->device_lock() > >> nbcon_acquire() > >> con->write_atomic() or con->write_thread() > >> nbcon_release() > >> con->device_unlock() > > > > This sounds like a strong requirement. So there should be a strong > > reason > > There is: PREEMPT_RT This explains it! I think that a lot of misunderstanding here is caused because your brain is trained primary in "RT mode" ;-) While I am not that familiar with the RT tricks and my brain is thinking in classic preemption mode :-) I am not sure how it is done in other parts of kernel code where RT needed to introduce some tricks. But I think that we should really start mentioning RT behavior in the commit messages and and comments where the RT mode makes huge changes. > > when nbcon_acquire() is safe enough in emergency context > > then it should be safe enough in the normal context either. > > Otherwise, we would have a problem. > > Of course. That is not the issue. > > > My understanding is that we want to take con->device_lock() > > in the normal context from two reasons: > > > > 1. This is historical, king of speculation, and probably > > not the real reason. > > Correct. Not a reason. > > > 2. The con->device() defines the context in which nbcon_acquire() > > will be taken and con->write_atomic() called to make it > > safe against other operations with the device driver. > > > > For example, con->device() from uart serial consoles would > > disable interrupts to prevent deadlocks with the serial > > port IRQ handlers. > > > > Some other drivers might just need to disable preemption. > > And some (future) drivers might even allow to keep > > the preemption enabled. > > (Side note: In PREEMPT_RT, all drivers keep preemption enabled.) This explains everything. It is a huge game changer. Sigh, I remember that you told me this on Plumbers. But my non-RT-trained brain forgot this "detail". Well, I hope that I am not the only one and we should mention this in the comments. > > I still have to shake my head around this. But I would first like > > to know whether: > > > > + You agree that nbcon_try_acquire() always have to be called with > > preemption disabled. > > No, it must not. PREEMPT_RT requires preemption enabled. That has always > been the core of this whole rework. Got it! I have completely forgot that spin_lock() is a mutex in RT. > > + What do you think about explicitly disabling preemption > > in nbcon_try_acquire(). > > We cannot do it. > > > + If it is acceptable for the big picture. It should be fine for > > serial consoles. But I think that graphics consoles wanted to > > be preemptive when called in the printk kthread. > > In PREEMPT_RT, all are preemptive. > > > I am sure that it will be possible to make nbcon_try_acquire() > > preemption-safe but it will need some more magic. > > I am still investigating why you think it is not safe (as an inner lock > for the normal case). Note that for emergency and panic situations, > preemption _is_ disabled. The race scenario has been mentioned in https://lore.kernel.org/r/Zhj5uQ-JJnlIGUXK@localhost.localdomain CPU0 CPU1 [ task A ] nbcon_context_try_acquire() # success with NORMAL prio # .unsafe == false; // safe for takeover [ schedule: task A -> B ] WARN_ON() nbcon_atomic_flush_pending() nbcon_context_try_acquire() # success with EMERGENCY prio # .unsafe == false; // safe for takeover # flushing nbcon_context_release() # HERE: con->nbcon_state is free # to take by anyone !!! nbcon_context_try_acquire() # success with NORMAL prio [ task B ] # .unsafe == false; // safe for takeover [ schedule: task B -> A ] nbcon_enter_unsafe() nbcon_context_can_proceed() BUG: nbcon_context_can_proceed() returns "true" because the console is owned by a context on CPU0 with NBCON_PRIO_NORMAL. But it should return "false". The console is owned by a context from task B and we do the check in a context from task A. OK, let's look at it with the new RT perspective. Here, the con->device_lock() plays important role. The race could NOT happen in: + NBCON_PRIO_PANIC context because it does not schedule + NBCON_PRIO_EMERGENCY context because we explicitly disable preemption there + NBCON_NORMAL_PRIO context when we ALWAYS do nbcon_try_acquire() under con->device() lock. Here the con->device_lock() serializes nbcon_try_acquire() calls even between running tasks. Everything makes sense now. And we are probable safe. I have to double check that we really ALWAYS call nbcon_try_acquire() under con->device() lock. And I have to think how to describe this in the commit messages and comments. Best Regards, Petr