From: Nicholas Piggin <npiggin@gmail.com>
To: Andy Lutomirski <luto@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Arnd Bergmann <arnd@arndb.de>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Jann Horn <jannh@google.com>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
"Russell King, ARM Linux" <linux@armlinux.org.uk>,
linux-kernel <linux-kernel@vger.kernel.org>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
Michael Ellerman <mpe@ellerman.id.au>,
paulmck <paulmck@kernel.org>, Paul Mackerras <paulus@samba.org>,
Peter Zijlstra <peterz@infradead.org>,
stable <stable@vger.kernel.org>, Will Deacon <will@kernel.org>,
x86 <x86@kernel.org>
Subject: Re: [RFC please help] membarrier: Rewrite sync_core_before_usermode()
Date: Tue, 29 Dec 2020 10:36:16 +1000 [thread overview]
Message-ID: <1609200902.me5niwm2t6.astroid@bobo.none> (raw)
In-Reply-To: <CALCETrXx3Xe+4Y6WM-mp0cTUU=r3bW6PV2b25yA8bm1Gvak6wQ@mail.gmail.com>
Excerpts from Andy Lutomirski's message of December 29, 2020 7:06 am:
> On Mon, Dec 28, 2020 at 12:32 PM Mathieu Desnoyers
> <mathieu.desnoyers@efficios.com> wrote:
>>
>> ----- On Dec 28, 2020, at 2:44 PM, Andy Lutomirski luto@kernel.org wrote:
>>
>> > On Mon, Dec 28, 2020 at 11:09 AM Russell King - ARM Linux admin
>> > <linux@armlinux.org.uk> wrote:
>> >>
>> >> On Mon, Dec 28, 2020 at 07:29:34PM +0100, Jann Horn wrote:
>> >> > After chatting with rmk about this (but without claiming that any of
>> >> > this is his opinion), based on the manpage, I think membarrier()
>> >> > currently doesn't really claim to be synchronizing caches? It just
>> >> > serializes cores. So arguably if userspace wants to use membarrier()
>> >> > to synchronize code changes, userspace should first do the code
>> >> > change, then flush icache as appropriate for the architecture, and
>> >> > then do the membarrier() to ensure that the old code is unused?
>>
>> ^ exactly, yes.
>>
>> >> >
>> >> > For 32-bit arm, rmk pointed out that that would be the cacheflush()
>> >> > syscall. That might cause you to end up with two IPIs instead of one
>> >> > in total, but we probably don't care _that_ much about extra IPIs on
>> >> > 32-bit arm?
>>
>> This was the original thinking, yes. The cacheflush IPI will flush specific
>> regions of code, and the membarrier IPI issues context synchronizing
>> instructions.
APIs should be written in terms of the service they provide to
userspace, and in highest level terms as possible, rather than directing
hardware to do some low level operation. Unfortunately we're stuck with
this for now. We could deprecate it and replace it though.
If userspace wants to modify code and ensure that after the system call
returns then no other thread will be executing the previous code, then
there should be an API for that. It could actually combine the two IPIs
into one for architectures that require both too.
>>
>> Architectures with coherent i/d caches don't need the cacheflush step.
>
> There are different levels of coherency -- VIVT architectures may have
> differing requirements compared to PIPT, etc.
>
> In any case, I feel like the approach taken by the documentation is
> fundamentally confusing. Architectures don't all speak the same
> language How about something like:
>
> The SYNC_CORE operation causes all threads in the caller's address
> space (including the caller) to execute an architecture-defined
> barrier operation. membarrier() will ensure that this barrier is
> executed at a time such that all data writes done by the calling
> thread before membarrier() are made visible by the barrier.
> Additional architecture-dependent cache management operations may be
> required to use this for JIT code.
As said this isn't what SYNC_CORE does, and it's not what powerpc
context synchronizing instructions do either, it will very much
re-order visibility of stores around such an instruction.
A thread completes store instructions into a store queue, which is
as far as a context synchronizing event goes. Visibility comes at
some indeterminite time later.
Also note that the regular membarrier syscall which does order
memory also does not make writes visible, it just ensures an
ordering.
>
> x86: SYNC_CORE executes a barrier that will cause subsequent
> instruction fetches to observe prior writes. Currently this will be a
I would be surprised if x86's serializing instructions were different
than powerpc. rdtsc ordering or flushing stores to cache would be
surprising.
Thanks,
Nick
> "serializing" instruction, but, if future improved CPU documentation
> becomes available and relaxes this requirement, the barrier may
> change. The kernel guarantees that writing new or modified
> instructions to normal memory (and issuing SFENCE if the writes were
> non-temporal) then doing a membarrier SYNC_CORE operation is
> sufficient to cause all threads in the caller's address space to
> execute the new or modified instructions. This is true regardless of
> whether or not those instructions are written at the same virtual
> address from which they are subsequently executed. No additional
> cache management is required on x86.
>
> arm: Something about the cache management syscalls.
>
> arm64: Ditto
>
> powerpc: I have no idea.
>
WARNING: multiple messages have this Message-ID (diff)
From: Nicholas Piggin <npiggin@gmail.com>
To: Andy Lutomirski <luto@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: paulmck <paulmck@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Jann Horn <jannh@google.com>,
Peter Zijlstra <peterz@infradead.org>, x86 <x86@kernel.org>,
"Russell King, ARM Linux" <linux@armlinux.org.uk>,
stable <stable@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Will Deacon <will@kernel.org>, Paul Mackerras <paulus@samba.org>,
Catalin Marinas <catalin.marinas@arm.com>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>
Subject: Re: [RFC please help] membarrier: Rewrite sync_core_before_usermode()
Date: Tue, 29 Dec 2020 10:36:16 +1000 [thread overview]
Message-ID: <1609200902.me5niwm2t6.astroid@bobo.none> (raw)
In-Reply-To: <CALCETrXx3Xe+4Y6WM-mp0cTUU=r3bW6PV2b25yA8bm1Gvak6wQ@mail.gmail.com>
Excerpts from Andy Lutomirski's message of December 29, 2020 7:06 am:
> On Mon, Dec 28, 2020 at 12:32 PM Mathieu Desnoyers
> <mathieu.desnoyers@efficios.com> wrote:
>>
>> ----- On Dec 28, 2020, at 2:44 PM, Andy Lutomirski luto@kernel.org wrote:
>>
>> > On Mon, Dec 28, 2020 at 11:09 AM Russell King - ARM Linux admin
>> > <linux@armlinux.org.uk> wrote:
>> >>
>> >> On Mon, Dec 28, 2020 at 07:29:34PM +0100, Jann Horn wrote:
>> >> > After chatting with rmk about this (but without claiming that any of
>> >> > this is his opinion), based on the manpage, I think membarrier()
>> >> > currently doesn't really claim to be synchronizing caches? It just
>> >> > serializes cores. So arguably if userspace wants to use membarrier()
>> >> > to synchronize code changes, userspace should first do the code
>> >> > change, then flush icache as appropriate for the architecture, and
>> >> > then do the membarrier() to ensure that the old code is unused?
>>
>> ^ exactly, yes.
>>
>> >> >
>> >> > For 32-bit arm, rmk pointed out that that would be the cacheflush()
>> >> > syscall. That might cause you to end up with two IPIs instead of one
>> >> > in total, but we probably don't care _that_ much about extra IPIs on
>> >> > 32-bit arm?
>>
>> This was the original thinking, yes. The cacheflush IPI will flush specific
>> regions of code, and the membarrier IPI issues context synchronizing
>> instructions.
APIs should be written in terms of the service they provide to
userspace, and in highest level terms as possible, rather than directing
hardware to do some low level operation. Unfortunately we're stuck with
this for now. We could deprecate it and replace it though.
If userspace wants to modify code and ensure that after the system call
returns then no other thread will be executing the previous code, then
there should be an API for that. It could actually combine the two IPIs
into one for architectures that require both too.
>>
>> Architectures with coherent i/d caches don't need the cacheflush step.
>
> There are different levels of coherency -- VIVT architectures may have
> differing requirements compared to PIPT, etc.
>
> In any case, I feel like the approach taken by the documentation is
> fundamentally confusing. Architectures don't all speak the same
> language How about something like:
>
> The SYNC_CORE operation causes all threads in the caller's address
> space (including the caller) to execute an architecture-defined
> barrier operation. membarrier() will ensure that this barrier is
> executed at a time such that all data writes done by the calling
> thread before membarrier() are made visible by the barrier.
> Additional architecture-dependent cache management operations may be
> required to use this for JIT code.
As said this isn't what SYNC_CORE does, and it's not what powerpc
context synchronizing instructions do either, it will very much
re-order visibility of stores around such an instruction.
A thread completes store instructions into a store queue, which is
as far as a context synchronizing event goes. Visibility comes at
some indeterminite time later.
Also note that the regular membarrier syscall which does order
memory also does not make writes visible, it just ensures an
ordering.
>
> x86: SYNC_CORE executes a barrier that will cause subsequent
> instruction fetches to observe prior writes. Currently this will be a
I would be surprised if x86's serializing instructions were different
than powerpc. rdtsc ordering or flushing stores to cache would be
surprising.
Thanks,
Nick
> "serializing" instruction, but, if future improved CPU documentation
> becomes available and relaxes this requirement, the barrier may
> change. The kernel guarantees that writing new or modified
> instructions to normal memory (and issuing SFENCE if the writes were
> non-temporal) then doing a membarrier SYNC_CORE operation is
> sufficient to cause all threads in the caller's address space to
> execute the new or modified instructions. This is true regardless of
> whether or not those instructions are written at the same virtual
> address from which they are subsequently executed. No additional
> cache management is required on x86.
>
> arm: Something about the cache management syscalls.
>
> arm64: Ditto
>
> powerpc: I have no idea.
>
WARNING: multiple messages have this Message-ID (diff)
From: Nicholas Piggin <npiggin@gmail.com>
To: Andy Lutomirski <luto@kernel.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: paulmck <paulmck@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Jann Horn <jannh@google.com>,
Peter Zijlstra <peterz@infradead.org>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
x86 <x86@kernel.org>,
"Russell King, ARM Linux" <linux@armlinux.org.uk>,
stable <stable@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Will Deacon <will@kernel.org>, Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Catalin Marinas <catalin.marinas@arm.com>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>
Subject: Re: [RFC please help] membarrier: Rewrite sync_core_before_usermode()
Date: Tue, 29 Dec 2020 10:36:16 +1000 [thread overview]
Message-ID: <1609200902.me5niwm2t6.astroid@bobo.none> (raw)
In-Reply-To: <CALCETrXx3Xe+4Y6WM-mp0cTUU=r3bW6PV2b25yA8bm1Gvak6wQ@mail.gmail.com>
Excerpts from Andy Lutomirski's message of December 29, 2020 7:06 am:
> On Mon, Dec 28, 2020 at 12:32 PM Mathieu Desnoyers
> <mathieu.desnoyers@efficios.com> wrote:
>>
>> ----- On Dec 28, 2020, at 2:44 PM, Andy Lutomirski luto@kernel.org wrote:
>>
>> > On Mon, Dec 28, 2020 at 11:09 AM Russell King - ARM Linux admin
>> > <linux@armlinux.org.uk> wrote:
>> >>
>> >> On Mon, Dec 28, 2020 at 07:29:34PM +0100, Jann Horn wrote:
>> >> > After chatting with rmk about this (but without claiming that any of
>> >> > this is his opinion), based on the manpage, I think membarrier()
>> >> > currently doesn't really claim to be synchronizing caches? It just
>> >> > serializes cores. So arguably if userspace wants to use membarrier()
>> >> > to synchronize code changes, userspace should first do the code
>> >> > change, then flush icache as appropriate for the architecture, and
>> >> > then do the membarrier() to ensure that the old code is unused?
>>
>> ^ exactly, yes.
>>
>> >> >
>> >> > For 32-bit arm, rmk pointed out that that would be the cacheflush()
>> >> > syscall. That might cause you to end up with two IPIs instead of one
>> >> > in total, but we probably don't care _that_ much about extra IPIs on
>> >> > 32-bit arm?
>>
>> This was the original thinking, yes. The cacheflush IPI will flush specific
>> regions of code, and the membarrier IPI issues context synchronizing
>> instructions.
APIs should be written in terms of the service they provide to
userspace, and in highest level terms as possible, rather than directing
hardware to do some low level operation. Unfortunately we're stuck with
this for now. We could deprecate it and replace it though.
If userspace wants to modify code and ensure that after the system call
returns then no other thread will be executing the previous code, then
there should be an API for that. It could actually combine the two IPIs
into one for architectures that require both too.
>>
>> Architectures with coherent i/d caches don't need the cacheflush step.
>
> There are different levels of coherency -- VIVT architectures may have
> differing requirements compared to PIPT, etc.
>
> In any case, I feel like the approach taken by the documentation is
> fundamentally confusing. Architectures don't all speak the same
> language How about something like:
>
> The SYNC_CORE operation causes all threads in the caller's address
> space (including the caller) to execute an architecture-defined
> barrier operation. membarrier() will ensure that this barrier is
> executed at a time such that all data writes done by the calling
> thread before membarrier() are made visible by the barrier.
> Additional architecture-dependent cache management operations may be
> required to use this for JIT code.
As said this isn't what SYNC_CORE does, and it's not what powerpc
context synchronizing instructions do either, it will very much
re-order visibility of stores around such an instruction.
A thread completes store instructions into a store queue, which is
as far as a context synchronizing event goes. Visibility comes at
some indeterminite time later.
Also note that the regular membarrier syscall which does order
memory also does not make writes visible, it just ensures an
ordering.
>
> x86: SYNC_CORE executes a barrier that will cause subsequent
> instruction fetches to observe prior writes. Currently this will be a
I would be surprised if x86's serializing instructions were different
than powerpc. rdtsc ordering or flushing stores to cache would be
surprising.
Thanks,
Nick
> "serializing" instruction, but, if future improved CPU documentation
> becomes available and relaxes this requirement, the barrier may
> change. The kernel guarantees that writing new or modified
> instructions to normal memory (and issuing SFENCE if the writes were
> non-temporal) then doing a membarrier SYNC_CORE operation is
> sufficient to cause all threads in the caller's address space to
> execute the new or modified instructions. This is true regardless of
> whether or not those instructions are written at the same virtual
> address from which they are subsequently executed. No additional
> cache management is required on x86.
>
> arm: Something about the cache management syscalls.
>
> arm64: Ditto
>
> powerpc: I have no idea.
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-12-29 0:37 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-27 18:28 [RFC please help] membarrier: Rewrite sync_core_before_usermode() Andy Lutomirski
2020-12-27 18:28 ` Andy Lutomirski
2020-12-27 18:28 ` Andy Lutomirski
2020-12-27 20:18 ` Mathieu Desnoyers
2020-12-27 20:18 ` Mathieu Desnoyers
2020-12-27 21:36 ` Andy Lutomirski
2020-12-27 21:36 ` Andy Lutomirski
2020-12-27 21:36 ` Andy Lutomirski
2020-12-28 10:25 ` Russell King - ARM Linux admin
2020-12-28 10:25 ` Russell King - ARM Linux admin
2020-12-28 10:25 ` Russell King - ARM Linux admin
2020-12-28 17:14 ` Andy Lutomirski
2020-12-28 17:14 ` Andy Lutomirski
2020-12-28 17:14 ` Andy Lutomirski
2020-12-28 17:23 ` Russell King - ARM Linux admin
2020-12-28 17:23 ` Russell King - ARM Linux admin
2020-12-28 17:23 ` Russell King - ARM Linux admin
2020-12-28 18:10 ` Andy Lutomirski
2020-12-28 18:10 ` Andy Lutomirski
2020-12-28 18:10 ` Andy Lutomirski
2020-12-28 18:29 ` Jann Horn
2020-12-28 18:29 ` Jann Horn
2020-12-28 18:29 ` Jann Horn
2020-12-28 18:50 ` Andy Lutomirski
2020-12-28 18:50 ` Andy Lutomirski
2020-12-28 18:50 ` Andy Lutomirski
2020-12-28 19:08 ` Russell King - ARM Linux admin
2020-12-28 19:08 ` Russell King - ARM Linux admin
2020-12-28 19:08 ` Russell King - ARM Linux admin
2020-12-28 19:44 ` Andy Lutomirski
2020-12-28 19:44 ` Andy Lutomirski
2020-12-28 19:44 ` Andy Lutomirski
2020-12-28 20:24 ` Russell King - ARM Linux admin
2020-12-28 20:24 ` Russell King - ARM Linux admin
2020-12-28 20:24 ` Russell King - ARM Linux admin
2020-12-28 20:40 ` Mathieu Desnoyers
2020-12-28 20:40 ` Mathieu Desnoyers
2020-12-28 20:32 ` Mathieu Desnoyers
2020-12-28 20:32 ` Mathieu Desnoyers
2020-12-28 21:06 ` Andy Lutomirski
2020-12-28 21:06 ` Andy Lutomirski
2020-12-28 21:06 ` Andy Lutomirski
2020-12-28 21:26 ` Mathieu Desnoyers
2020-12-28 21:26 ` Mathieu Desnoyers
2020-12-29 0:36 ` Nicholas Piggin [this message]
2020-12-29 0:36 ` Nicholas Piggin
2020-12-29 0:36 ` Nicholas Piggin
2020-12-29 0:56 ` Andy Lutomirski
2020-12-29 0:56 ` Andy Lutomirski
2020-12-29 0:56 ` Andy Lutomirski
2020-12-29 3:09 ` Nicholas Piggin
2020-12-29 3:09 ` Nicholas Piggin
2020-12-29 3:09 ` Nicholas Piggin
2020-12-29 10:44 ` Russell King - ARM Linux admin
2020-12-29 10:44 ` Russell King - ARM Linux admin
2020-12-29 10:44 ` Russell King - ARM Linux admin
2020-12-30 2:33 ` Nicholas Piggin
2020-12-30 2:33 ` Nicholas Piggin
2020-12-30 2:33 ` Nicholas Piggin
2020-12-30 10:00 ` Russell King - ARM Linux admin
2020-12-30 10:00 ` Russell King - ARM Linux admin
2020-12-30 10:00 ` Russell King - ARM Linux admin
2020-12-30 10:58 ` Russell King - ARM Linux admin
2020-12-30 10:58 ` Russell King - ARM Linux admin
2020-12-30 10:58 ` Russell King - ARM Linux admin
2020-12-30 11:57 ` Nicholas Piggin
2020-12-30 11:57 ` Nicholas Piggin
2020-12-30 11:57 ` Nicholas Piggin
2020-12-28 21:09 ` Mathieu Desnoyers
2020-12-28 21:09 ` Mathieu Desnoyers
2020-12-29 0:30 ` Andy Lutomirski
2020-12-29 0:30 ` Andy Lutomirski
2020-12-29 0:30 ` Andy Lutomirski
2020-12-29 0:11 ` Nicholas Piggin
2020-12-29 0:11 ` Nicholas Piggin
2020-12-29 0:11 ` Nicholas Piggin
2020-12-29 0:36 ` Andy Lutomirski
2020-12-29 0:36 ` Andy Lutomirski
2020-12-29 0:36 ` Andy Lutomirski
2020-12-29 3:31 ` Nicholas Piggin
2020-12-29 3:31 ` Nicholas Piggin
2020-12-29 3:31 ` Nicholas Piggin
2021-01-01 18:33 ` David Laight
2021-01-01 18:33 ` David Laight
2021-01-01 18:33 ` David Laight
2021-01-05 13:26 ` Will Deacon
2021-01-05 13:26 ` Will Deacon
2021-01-05 13:26 ` Will Deacon
2021-01-05 16:20 ` Andy Lutomirski
2021-01-05 16:20 ` Andy Lutomirski
2021-01-05 16:20 ` Andy Lutomirski
2021-01-05 16:37 ` Peter Zijlstra
2021-01-05 16:37 ` Peter Zijlstra
2021-01-05 16:37 ` Peter Zijlstra
2021-01-05 22:41 ` Will Deacon
2021-01-05 22:41 ` Will Deacon
2021-01-05 22:41 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1609200902.me5niwm2t6.astroid@bobo.none \
--to=npiggin@gmail.com \
--cc=arnd@arndb.de \
--cc=benh@kernel.crashing.org \
--cc=catalin.marinas@arm.com \
--cc=jannh@google.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mpe@ellerman.id.au \
--cc=paulmck@kernel.org \
--cc=paulus@samba.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.