// SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (C) 2010-2017 Mathieu Desnoyers <[email protected]> * * membarrier system call */ /* * For documentation purposes, here are some membarrier ordering * scenarios to keep in mind: * * A) Userspace thread execution after IPI vs membarrier's memory * barrier before sending the IPI * * Userspace variables: * * int x = 0, y = 0; * * The memory barrier at the start of membarrier() on CPU0 is necessary in * order to enforce the guarantee that any writes occurring on CPU0 before * the membarrier() is executed will be visible to any code executing on * CPU1 after the IPI-induced memory barrier: * * CPU0 CPU1 * * x = 1 * membarrier(): * a: smp_mb() * b: send IPI IPI-induced mb * c: smp_mb() * r2 = y * y = 1 * barrier() * r1 = x * * BUG_ON(r1 == 0 && r2 == 0) * * The write to y and load from x by CPU1 are unordered by the hardware, * so it's possible to have "r1 = x" reordered before "y = 1" at any * point after (b). If the memory barrier at (a) is omitted, then "x = 1" * can be reordered after (a) (although not after (c)), so we get r1 == 0 * and r2 == 0. This violates the guarantee that membarrier() is * supposed by provide. * * The timing of the memory barrier at (a) has to ensure that it executes * before the IPI-induced memory barrier on CPU1. * * B) Userspace thread execution before IPI vs membarrier's memory * barrier after completing the IPI * * Userspace variables: * * int x = 0, y = 0; * * The memory barrier at the end of membarrier() on CPU0 is necessary in * order to enforce the guarantee that any writes occurring on CPU1 before * the membarrier() is executed will be visible to any code executing on * CPU0 after the membarrier(): * * CPU0 CPU1 * * x = 1 * barrier() * y = 1 * r2 = y * membarrier(): * a: smp_mb() * b: send IPI IPI-induced mb * c: smp_mb() * r1 = x * BUG_ON(r1 == 0 && r2 == 1) * * The writes to x and y are unordered by the hardware, so it's possible to * have "r2 = 1" even though the write to x doesn't execute until (b). If * the memory barrier at (c) is omitted then "r1 = x" can be reordered * before (b) (although not before (a)), so we get "r1 = 0". This violates * the guarantee that membarrier() is supposed to provide. * * The timing of the memory barrier at (c) has to ensure that it executes * after the IPI-induced memory barrier on CPU1. * * C) Scheduling userspace thread -> kthread -> userspace thread vs membarrier * * CPU0 CPU1 * * membarrier(): * a: smp_mb() * d: switch to kthread (includes mb) * b: read rq->curr->mm == NULL * e: switch to user (includes mb) * c: smp_mb() * * Using the scenario from (A), we can show that (a) needs to be paired * with (e). Using the scenario from (B), we can show that (c) needs to * be paired with (d). * * D) exit_mm vs membarrier * * Two thread groups are created, A and B. Thread group B is created by * issuing clone from group A with flag CLONE_VM set, but not CLONE_THREAD. * Let's assume we have a single thread within each thread group (Thread A * and Thread B). Thread A runs on CPU0, Thread B runs on CPU1. * * CPU0 CPU1 * * membarrier(): * a: smp_mb() * exit_mm(): * d: smp_mb() * e: current->mm = NULL * b: read rq->curr->mm == NULL * c: smp_mb() * * Using scenario (B), we can show that (c) needs to be paired with (d). * * E) kthread_{use,unuse}_mm vs membarrier * * CPU0 CPU1 * * membarrier(): * a: smp_mb() * kthread_unuse_mm() * d: smp_mb() * e: current->mm = NULL * b: read rq->curr->mm == NULL * kthread_use_mm() * f: current->mm = mm * g: smp_mb() * c: smp_mb() * * Using the scenario from (A), we can show that (a) needs to be paired * with (g). Using the scenario from (B), we can show that (c) needs to * be paired with (d). */ /* * Bitmask made from a "or" of all commands within enum membarrier_cmd, * except MEMBARRIER_CMD_QUERY. */ #ifdef CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE #define MEMBARRIER_PRIVATE_EXPEDITED_SYNC_CORE_BITMASK … #else #define MEMBARRIER_PRIVATE_EXPEDITED_SYNC_CORE_BITMASK … #endif #ifdef CONFIG_RSEQ #define MEMBARRIER_PRIVATE_EXPEDITED_RSEQ_BITMASK … #else #define MEMBARRIER_PRIVATE_EXPEDITED_RSEQ_BITMASK … #endif #define MEMBARRIER_CMD_BITMASK … static DEFINE_MUTEX(membarrier_ipi_mutex); #define SERIALIZE_IPI() … static void ipi_mb(void *info) { … } static void ipi_sync_core(void *info) { … } static void ipi_rseq(void *info) { … } static void ipi_sync_rq_state(void *info) { … } void membarrier_exec_mmap(struct mm_struct *mm) { … } void membarrier_update_current_mm(struct mm_struct *next_mm) { … } static int membarrier_global_expedited(void) { … } static int membarrier_private_expedited(int flags, int cpu_id) { … } static int sync_runqueues_membarrier_state(struct mm_struct *mm) { … } static int membarrier_register_global_expedited(void) { … } static int membarrier_register_private_expedited(int flags) { … } static int membarrier_get_registrations(void) { … } /** * sys_membarrier - issue memory barriers on a set of threads * @cmd: Takes command values defined in enum membarrier_cmd. * @flags: Currently needs to be 0 for all commands other than * MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ: in the latter * case it can be MEMBARRIER_CMD_FLAG_CPU, indicating that @cpu_id * contains the CPU on which to interrupt (= restart) * the RSEQ critical section. * @cpu_id: if @flags == MEMBARRIER_CMD_FLAG_CPU, indicates the cpu on which * RSEQ CS should be interrupted (@cmd must be * MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ). * * If this system call is not implemented, -ENOSYS is returned. If the * command specified does not exist, not available on the running * kernel, or if the command argument is invalid, this system call * returns -EINVAL. For a given command, with flags argument set to 0, * if this system call returns -ENOSYS or -EINVAL, it is guaranteed to * always return the same value until reboot. In addition, it can return * -ENOMEM if there is not enough memory available to perform the system * call. * * All memory accesses performed in program order from each targeted thread * is guaranteed to be ordered with respect to sys_membarrier(). If we use * the semantic "barrier()" to represent a compiler barrier forcing memory * accesses to be performed in program order across the barrier, and * smp_mb() to represent explicit memory barriers forcing full memory * ordering across the barrier, we have the following ordering table for * each pair of barrier(), sys_membarrier() and smp_mb(): * * The pair ordering is detailed as (O: ordered, X: not ordered): * * barrier() smp_mb() sys_membarrier() * barrier() X X O * smp_mb() X O O * sys_membarrier() O O O */ SYSCALL_DEFINE3(membarrier, int, cmd, unsigned int, flags, int, cpu_id) { … }
Codebase Browser
linux