Re: [PATCH v6 02/13] user_events: Add minimal support for trace_event into ftrace

[Beau Belgrave <beaub@linux.microsoft.com>]

On Thu, Dec 09, 2021 at 12:47:35PM -0500, Steven Rostedt wrote:
> On Thu, 9 Dec 2021 09:40:50 -0800
> Beau Belgrave <beaub@linux.microsoft.com> wrote:
> 
> > No, this is not a fast path, and I don't have a problem moving to a
> > mutex if you feel that is better. I've likely become too close to this
> > code to know when things are confusing for others.
> 
> Yeah. I really dislike the "protection by algorithms" then protection by
> locking unless it is a fast path.
> 
> If this was a fast path then I'd be more concerned. I dislike global locks
> as well, but unless contention becomes a concern, I don't think we should
> worry about it.

Sure thing.

> 
> Also, for this comment:
> 
> +static int user_events_release(struct inode *node, struct file *file)
> +{
> +	struct user_event_refs *refs;
> +	struct user_event *user;
> +	int i;
> +
> +	/*
> +	 * refs is protected by RCU and could in theory change immediately
> +	 * before this call on another core. To ensure we read the latest
> +	 * version of refs we acquire the RCU read lock again.
> +	 */
> +	rcu_read_lock_sched();
> +	refs = rcu_dereference_sched(file->private_data);
> +	rcu_read_unlock_sched();
> 
> How do you see refs changing on another core if this can only be called
> when nothing has a reference to it?
> 
> I think this comment and grabbing the rcu locks is what is causing me
> concern.
> 
> -- Steve

User program task:
CPU0: ioctl(fd, REG)
CPU1: close(fd)

IE: Some program registers and then immediately calls close on the file.
If the CPU migrates right between the 2 and the close swaps, it is
possible this could occur.

This could be attempted in tight loops maliciously as well.

I assume with a mutex there that some barrier is imposed to ensure
correct reads in this condition? (By virtue of the mutex acquire/check)

Thanks,
-Beau