Restore docs "rcu: Restore barrier() to rcu_read_lock() and rcu_read_unlock()"

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This restores docs back in ReST format.

Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
[ paulmck: Added Joel's SoB per Stephen Rothwell feedback. ]
[ paulmck: Joel approved via private email. ]
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>

authored by

Joel Fernandes (Google) and committed by

Paul E. McKenney 6 years ago 71cb46ae d7424e28

+54

1 changed file

expand all

Documentation

RCU

Design

Requirements

Requirements.rst

+54

Documentation/RCU/Design/Requirements/Requirements.rst

··· 1691 1691 #. `Hotplug CPU`_ 1692 1692 #. `Scheduler and RCU`_ 1693 1693 #. `Tracing and RCU`_ 1694 + #. `Accesses to User Memory and RCU`_ 1694 1695 #. `Energy Efficiency`_ 1695 1696 #. `Scheduling-Clock Interrupts and RCU`_ 1696 1697 #. `Memory Efficiency`_ ··· 2004 2003 where RCU readers execute in environments in which tracing cannot be 2005 2004 used. The tracing folks both located the requirement and provided the 2006 2005 needed fix, so this surprise requirement was relatively painless. 2006 + 2007 + Accesses to User Memory and RCU 2008 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2009 + 2010 + The kernel needs to access user-space memory, for example, to access data 2011 + referenced by system-call parameters. The ``get_user()`` macro does this job. 2012 + 2013 + However, user-space memory might well be paged out, which means that 2014 + ``get_user()`` might well page-fault and thus block while waiting for the 2015 + resulting I/O to complete. It would be a very bad thing for the compiler to 2016 + reorder a ``get_user()`` invocation into an RCU read-side critical section. 2017 + 2018 + For example, suppose that the source code looked like this: 2019 + 2020 + :: 2021 + 2022 + 1 rcu_read_lock(); 2023 + 2 p = rcu_dereference(gp); 2024 + 3 v = p->value; 2025 + 4 rcu_read_unlock(); 2026 + 5 get_user(user_v, user_p); 2027 + 6 do_something_with(v, user_v); 2028 + 2029 + The compiler must not be permitted to transform this source code into 2030 + the following: 2031 + 2032 + :: 2033 + 2034 + 1 rcu_read_lock(); 2035 + 2 p = rcu_dereference(gp); 2036 + 3 get_user(user_v, user_p); // BUG: POSSIBLE PAGE FAULT!!! 2037 + 4 v = p->value; 2038 + 5 rcu_read_unlock(); 2039 + 6 do_something_with(v, user_v); 2040 + 2041 + If the compiler did make this transformation in a ``CONFIG_PREEMPT=n`` kernel 2042 + build, and if ``get_user()`` did page fault, the result would be a quiescent 2043 + state in the middle of an RCU read-side critical section. This misplaced 2044 + quiescent state could result in line 4 being a use-after-free access, 2045 + which could be bad for your kernel's actuarial statistics. Similar examples 2046 + can be constructed with the call to ``get_user()`` preceding the 2047 + ``rcu_read_lock()``. 2048 + 2049 + Unfortunately, ``get_user()`` doesn't have any particular ordering properties, 2050 + and in some architectures the underlying ``asm`` isn't even marked 2051 + ``volatile``. And even if it was marked ``volatile``, the above access to 2052 + ``p->value`` is not volatile, so the compiler would not have any reason to keep 2053 + those two accesses in order. 2054 + 2055 + Therefore, the Linux-kernel definitions of ``rcu_read_lock()`` and 2056 + ``rcu_read_unlock()`` must act as compiler barriers, at least for outermost 2057 + instances of ``rcu_read_lock()`` and ``rcu_read_unlock()`` within a nested set 2058 + of RCU read-side critical sections. 2007 2059 2008 2060 Energy Efficiency 2009 2061 ~~~~~~~~~~~~~~~~~