From: "Paul E. McKenney" <paulmck@kernel.org>
To: Madhuparna Bhowmik <madhuparnabhowmik10@gmail.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>,
jmorris@namei.org, serge@hallyn.com,
linux-integrity@vger.kernel.org,
Matthew Garrett <mjg59@google.com>
Subject: Re: Fwd: a8d5875ce5 ("Default enable RCU list lockdep debugging with .."): WARNING: suspicious RCU usage
Date: Wed, 29 Apr 2020 15:40:58 -0700 [thread overview]
Message-ID: <20200429224058.GA21975@paulmck-ThinkPad-P72> (raw)
In-Reply-To: <20200429100432.GB3465@madhuparna-HP-Notebook>
On Wed, Apr 29, 2020 at 03:34:33PM +0530, Madhuparna Bhowmik wrote:
> On Tue, Apr 28, 2020 at 08:59:01AM -0400, Mimi Zohar wrote:
> > On Tue, 2020-04-28 at 16:53 +0530, Madhuparna Bhowmik wrote:
> > > On Mon, Apr 27, 2020 at 08:58:26PM -0400, Mimi Zohar wrote:
> > > > [Cc'ing Matthew Garrett)
> > > >
> > > > Hi Madhuparna,
> > > >
> > > > On Sat, 2020-04-25 at 16:33 +0530, Madhuparna Bhowmik wrote:
> > > > > Hi,
> > > > >
> > > > > This is regarding the warning reported by kernel test bot regarding
> > > > > suspicious RCU usage.
> > > > > Using a simple git grep, I can only see the following usage of RCU:
> > > > >
> > > > > evm_crypto.c: list_for_each_entry_rcu(xattr, &evm_config_xattrnames,
> > > > > list) {
> > > > > evm_main.c: list_for_each_entry_rcu(xattr, &evm_config_xattrnames,
> > > > > list) {
> > > > > evm_main.c: list_for_each_entry_rcu(xattr, &evm_config_xattrnames,
> > > > > list) {
> > > > > evm_secfs.c: list_add_tail_rcu(&xattr->list, &evm_config_xattrnames);
> > > > >
> > > > > So, the evm_config_xattrnames list is traversed using
> > > > > list_for_each_entry_rcu() but without the protection of rcu_read_lock()?
> > > > > If these are not really RCU read-side CS, and other locks are held then
> > > > > there is no need to use list_for_each_entry_rcu().
> > > > > And maybe we can completely remove the usage of rcu primitives here.
> > > > > Or if there is a bug and rcu_read_lock() should be held, please let me know
> > > > > and I can try fixing this.
> > > >
> > > > Thank you for forwarding this report. The list of EVM xattrs is
> > > > protected by the xattr_list_mutex, which is used when reading or
> > > > appending to the EVM list itself. Entries in the list can not be
> > > > removed.
> > > >
> > > Hi Mimi,
> > >
> > > Thank you for your reply.
> > > So, if the list is protected by xattr_list mutex and it is used during
> > > both reading and writing to the list, can we remove the usage of RCU
> > > here?
> >
> > I should have said the mutex is used when cat'ing the securityfs file
> > (security/integrity/evm/evm_xattrs) and when adding to the list, but
> > not in the above cases when walking the list.
> >
> > > Since the read side critical section is already protected by the
> > > xattr_list mutex, we do not need list_for_each_entry_rcu() to read the
> > > list. Also, we can just simply add to the list using list_add_tail(),
> > > RCU primitives are not really required here.
> > >
> > > Please let me know is this is fine, and I can send a patch removing the
> > > usage of RCU here.
> >
> > Matthew, please correct me if I'm wrong, the reason it is safe, is not
> > because there is a mutex, but because entries are never removed from
> > the list.
> >
> Alright, I understood the case here. So entries are only added to the
> tail of the list and never deleted. And that's why it is safe for
> readers and writers to execute concurrently even without the mutex.
>
> However, RCU would still complain if no lock or rcu_read_lock is not
> held.
>
> Should I cc Paul McKenney about this case, he is the RCU Maintainer and
> usually replies pretty fast.
> He would be able to correctly suggest how to fix the RCU usage here.
>
> Let me know if this is okay.
Apparently, it is not necessary to CC me. ;-)
You do of course need the code to use the RCU variants of list_add*().
And also list_for_each_entry_rcu(), as in the current code.
There are several options, none of them perfect:
1. Add (not otherwise needed) calls to rcu_read_lock() and
rcu_read_unlock() and leave list_for_each_entry_rcu() unchanged.
2. Add "true" for the optional fourth argument to
list_for_each_entry_rcu(). This will suppress the complaints,
but would (incorrectly) continue to do so should this code change
so as to be able to delete form this list.
3. Switch from list_for_each_entry_rcu() to its lockless counterpart,
list_for_each_entry_lockless(). This is simiar to #2 above, but
at least the name lets people know that something unusual is up.
If it was my code, I would take door #3. ;-)
Thanx, Paul
next prev parent reply other threads:[~2020-04-29 22:41 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5ea3a0e3.ruR9Zw9VIGN+NGIb%lkp@intel.com>
[not found] ` <CAD=jOEYd-pAQMo3hukx6AhXN7CbH8yGLVLHe2=92wCq-HWS++Q@mail.gmail.com>
2020-04-28 0:58 ` Fwd: a8d5875ce5 ("Default enable RCU list lockdep debugging with .."): WARNING: suspicious RCU usage Mimi Zohar
2020-04-28 11:23 ` Madhuparna Bhowmik
2020-04-28 12:59 ` Mimi Zohar
2020-04-29 10:04 ` Madhuparna Bhowmik
2020-04-29 22:40 ` Paul E. McKenney [this message]
2020-04-30 13:07 ` Madhuparna Bhowmik
2020-04-30 13:32 ` Mimi Zohar
2020-04-30 15:08 ` Madhuparna Bhowmik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200429224058.GA21975@paulmck-ThinkPad-P72 \
--to=paulmck@kernel.org \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=madhuparnabhowmik10@gmail.com \
--cc=mjg59@google.com \
--cc=serge@hallyn.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).