public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
To: Florian Weimer <fweimer@redhat.com>
Cc: Szabolcs Nagy <szabolcs.nagy@arm.com>,
	 Christian Brauner <christian.brauner@ubuntu.com>,
	 libc-alpha <libc-alpha@sourceware.org>,
	 Joseph Myers <joseph@codesourcery.com>
Subject: Re: [RFC PATCH glibc] Linux: Use fixed rseq_len value for rseq registration
Date: Tue, 14 Jul 2020 13:12:00 -0400 (EDT)	[thread overview]
Message-ID: <636217176.12080.1594746720754.JavaMail.zimbra@efficios.com> (raw)
In-Reply-To: <87eepe6ncm.fsf@oldenburg2.str.redhat.com>

----- On Jul 14, 2020, at 1:03 PM, Florian Weimer fweimer@redhat.com wrote:

> * Mathieu Desnoyers:
> 
>> ----- On Jul 14, 2020, at 12:01 PM, Szabolcs Nagy szabolcs.nagy@arm.com wrote:
>>
>>> The 07/14/2020 11:30, Mathieu Desnoyers via Libc-alpha wrote:
>>>> > I think we are looking at this from the wrong perspective.  It's not
>>>> > userspace that is setting the size here, it's the kernel based on the
>>>> > features it supports.  So the kernel should put the size into the
>>>> > auxiliary vector, and the registration should use that size.  But that
>>>> > doesn't align well with the use of an ELF TLS symbol.
>>> 
>>> this is why it is better to use a function that returns
>>> a pointer than a tls symbol as public abi.
>>> 
>>>> We have a few possible ways to do things here:
>>>> 
>>>> 1) Kernel exports supported size, incompatible with ELF TLS symbol,
>>>> 
>>>> 2) Userspace dictates supported size, compatible with ELF TLS symbol,
>>>>    triggers failure if the kernel supports a smaller size,
>>>> 
>>>> 3) Userspace lets kernel know how much space is available for struct rseq
>>>>    (through user_size field), and the kernel lets user-space know how much
>>>>    of that structure is being filled (through kernel_size field). This
>>>>    would also be compatible with ELF TLS symbol AFAIU, and would allow
>>>>    extending struct rseq.
>>>> 
>>>> Option (3) would allow us to have the speed gains that come with using a
>>>> TLS from the fast-path, while allowing extension of struct rseq.
>>>> 
>>>> Or is there anything in that scheme that breaks ELF rules or C language
>>>> requirements ?
>>> 
>>> how would users access those extension fields?
>>
>> if (__rseq_abi.flags & RSEQ_TLS_FLAG_SIZE) {
>>   /* Allowed to access user_size and kernel_size. */
>>   if (__rseq_abi.kernel_size >= offsetof(struct rseq, myfield) + sizeof(((struct
>>   rseq *)NULL)->myfield)) {
>>     /* Allowed to access __rseq_abi.myfield. User code should remember this, e.g. in
>>     a static variable. */
>>   }
>> }
> 
> Technically, this needs a compiler extension, so that the allowed
> accesses to the __rseq_abi.myfield field are not moved before the flags
> and size checks.

If those accesses are performed as volatile loads, or with atomic relaxed
semantic, the compiler should not be allowed to change the order. Likewise
if we use asm volatile (::: "memory") clobber between the loads.

Thanks,

Mathieu

-- 
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com

      reply	other threads:[~2020-07-14 17:12 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-13 19:34 Mathieu Desnoyers
2020-07-14  8:51 ` Florian Weimer
2020-07-14 12:31   ` Mathieu Desnoyers
2020-07-14 13:28     ` Florian Weimer
2020-07-14 13:33       ` Christian Brauner
2020-07-14 13:54         ` Florian Weimer
2020-07-14 14:04           ` Mathieu Desnoyers
2020-07-14 15:07             ` Florian Weimer
2020-07-14 15:30               ` Mathieu Desnoyers
2020-07-14 16:01                 ` Szabolcs Nagy
2020-07-14 16:12                   ` Mathieu Desnoyers
2020-07-14 17:03                     ` Florian Weimer
2020-07-14 17:12                       ` Mathieu Desnoyers [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=636217176.12080.1594746720754.JavaMail.zimbra@efficios.com \
    --to=mathieu.desnoyers@efficios.com \
    --cc=christian.brauner@ubuntu.com \
    --cc=fweimer@redhat.com \
    --cc=joseph@codesourcery.com \
    --cc=libc-alpha@sourceware.org \
    --cc=szabolcs.nagy@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).