Re: start_kernel(): bug: interrupts were enabled early

From: Linus Torvalds
Date: Thu Apr 01 2010 - 12:19:52 EST

Next message: Andrea Arcangeli: "Re: [COUNTERPATCH] mm: avoid overflowing preempt_count() inmmu_take_all_locks()"
Previous message: Jan Kiszka: "[PATCH v2] proc: Report file name on detected read_proc overflow"
In reply to: Christoph Lameter: "Re: start_kernel(): bug: interrupts were enabled early"
Next in thread: Andrew Morton: "Re: start_kernel(): bug: interrupts were enabled early"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 31 Mar 2010, H. Peter Anvin wrote:
>
> The obvious way to fix this would be to use
> spin_lock_irqsave..spin_lock_irqrestore in __down_read as well as in the
> other locations; I don't have a good feel for what the cost of doing so
> would be, though. On x86 it's fairly expensive simply because the only
> way to save the state is to push it on the stack, which the compiler
> doesn't deal well with, but this code isn't used on x86.

I think that's what we should just do, with a good comment both in the
code and the changelog. I'm not entirely happy with it, because obviously
it's conceptually kind of dubious to take a lock with interrupts disabled
in the first place, but this is not a new issue per se.

The whole bootup code is special, and we already make similar guarantees
about memory allocators and friends - just because it's too dang painful
to have some special code that does GFP_ATOMIC for early bootup when the
same code is often shared and used at run-time too.

So we've accepted that people can do GFP_KERNEL allocations and we won't
care about them if we're in the boot phase (and suspend/resume), and we
have that whole 'gfp_allowed_mask' thing for that.

I think this probably falls under exactly the same heading of "not pretty,
but let's not blow up".

So making the slow-path do the spin_[un]lock_irq{save,restore}() versions
sounds like the right thing. It won't be a performance issue: it _is_ the
slow-path, and we're already doing the expensive part (the spinlock itself
and the irq thing).

So ACK on the idea. Who wants to write the trivial patch and test it?
Preferably somebody who sees the problem in the first place - x86 should
not be impacted, since the irq-disabling slow-path should never be hit
without contention anyway (and contention cannot/mustnot happen for this
case).

Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrea Arcangeli: "Re: [COUNTERPATCH] mm: avoid overflowing preempt_count() inmmu_take_all_locks()"
Previous message: Jan Kiszka: "[PATCH v2] proc: Report file name on detected read_proc overflow"
In reply to: Christoph Lameter: "Re: start_kernel(): bug: interrupts were enabled early"
Next in thread: Andrew Morton: "Re: start_kernel(): bug: interrupts were enabled early"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]