Re: [PATCH v5 06/29] x86,fs/resctrl: Improve domain type checking

From: Reinette Chatre
Date: Tue Jun 03 2025 - 23:31:22 EST

Next message: Reinette Chatre: "Re: [PATCH v5 07/29] x86,fs/resctrl: Rename some L3 specific functions"
Previous message: Daniel Latypov: "Re: [PATCH v5 1/5] bug/kunit: Core support for suppressing warning backtraces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Tony,

On 5/21/25 3:50 PM, Tony Luck wrote:
> The rdt_domain_hdr structure is used in both control and monitor
> domain structures to provide common methods for operations such as
> adding a CPU to a domain, removing a CPU from a domain, accessing
> the mask of all CPUs in a domain.
>
> The "type" field provides a simple check whether a domain is a
> control or monitor domain so that programming errors operating
> on domains will be quickly caught.
>
> To prepare for additional domain types that depend on the rdt_resource
> to which they are connected add the resource id into the header
> and check that in addition to the type.
>
> Signed-off-by: Tony Luck <tony.luck@xxxxxxxxx>
> ---
> include/linux/resctrl.h | 9 +++++++++
> arch/x86/kernel/cpu/resctrl/core.c | 10 ++++++----
> fs/resctrl/ctrlmondata.c | 2 +-
> 3 files changed, 16 insertions(+), 5 deletions(-)
>
> diff --git a/include/linux/resctrl.h b/include/linux/resctrl.h
> index 40f2d0d48d02..d6b09952ef92 100644
> --- a/include/linux/resctrl.h
> +++ b/include/linux/resctrl.h
> @@ -131,15 +131,24 @@ enum resctrl_domain_type {
> * @list: all instances of this resource
> * @id: unique id for this instance
> * @type: type of this instance
> + * @rid: index of resource for this domain
> * @cpu_mask: which CPUs share this resource
> */
> struct rdt_domain_hdr {
> struct list_head list;
> int id;
> enum resctrl_domain_type type;
> + enum resctrl_res_level rid;
> struct cpumask cpu_mask;
> };
>
> +static inline bool domain_header_is_valid(struct rdt_domain_hdr *hdr,
> + enum resctrl_domain_type type,
> + enum resctrl_res_level rid)
> +{
> + return !WARN_ON_ONCE(hdr->type != type || hdr->rid != rid);
> +}
> +
> /**
> * struct rdt_ctrl_domain - group of CPUs sharing a resctrl control resource
> * @hdr: common header for different domain types
> diff --git a/arch/x86/kernel/cpu/resctrl/core.c b/arch/x86/kernel/cpu/resctrl/core.c
> index 4403a820db12..4983f6f81218 100644
> --- a/arch/x86/kernel/cpu/resctrl/core.c
> +++ b/arch/x86/kernel/cpu/resctrl/core.c
> @@ -456,7 +456,7 @@ static void domain_add_cpu_ctrl(int cpu, struct rdt_resource *r)
>
> hdr = resctrl_find_domain(&r->ctrl_domains, id, &add_pos);
> if (hdr) {
> - if (WARN_ON_ONCE(hdr->type != RESCTRL_CTRL_DOMAIN))
> + if (!domain_header_is_valid(hdr, RESCTRL_CTRL_DOMAIN, r->rid))
> return;
> d = container_of(hdr, struct rdt_ctrl_domain, hdr);
>

This is quite subtle and not obvious until a few patches later that the
domain_header_is_valid() is done in preparation for using the
rdt_domain_hdr::rid to verify that the correct containing structure is
obtained in a subsequent container_of() call.

Patch #10 mentions it explicitly: "Add sanity checks where
container_of() is used to find the surrounding domain structure that
hdr has the expected type."

The change above, when combined with later changes, results in
code like:

if (!domain_header_is_valid(hdr, RESCTRL_MON_DOMAIN, r->rid))
/* handle failure */

d = container_of(hdr, struct rdt_l3_mon_domain, hdr);
...

Considering this all I do not think using a variable r->rid is appropriate
here. Specifically, if the code has it hardcoded that, for example,
the containing structure is "struct rdt_l3_mon_domain" then should the
test not similarly be hardcoded to ensure that rid is RDT_RESOURCE_L3?

Reinette

Next message: Reinette Chatre: "Re: [PATCH v5 07/29] x86,fs/resctrl: Rename some L3 specific functions"
Previous message: Daniel Latypov: "Re: [PATCH v5 1/5] bug/kunit: Core support for suppressing warning backtraces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]