On Mon, Aug 26, 2024 at 10:01:17AM +0200, Christophe Leroy wrote:
Le 26/08/2024 à 09:50, Jason A. Donenfeld a écrit :
On Thu, Aug 22, 2024 at 09:13:14AM +0200, Christophe Leroy wrote:
Performing SMP atomic operations on u64 fails on powerpc32.
Random driver generation is handled as unsigned long not u64, see for instance base_cnrg or struct crng.
Use the same type for vDSO's getrandom as it gets copied from the above. This is also in line with the local current_generation which is already an unsigned long.
This isn't going to work when 32-bit userspace tries to access a 64-bit kernel.
I had "fixed" this with a vdso_kernel_ulong type way back in an earlier version: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kerne...
But tglx pointed out in that thread that this actually isn't necessary:
| All of this is pointless because if a 32-bit application runs on a | 64-bit kernel it has to use the 64-bit 'generation'. So why on earth do | we need magic here for a 32-bit kernel? | | Just use u64 for both and spare all this voodoo. We're seriously not | "optimizing" for 32-bit kernels. | | All what happens on a 32-bit kernel is that the RNG will store the | unsigned long (32bit) generation into a 64bit variable: | | smp_store_release(&_vdso_rng_data.generation, next_gen + 1); | | As the upper 32bit are always zero, there is no issue vs. load store | tearing at all. So there is zero benefit for this aside of slightly | "better" user space code when running on a 32-bit kernel. Who cares?
So I just got rid of it and used a u64 as he suggested.
However, there's also an additional reason why it's not worth churning further over this - because VM_DROPPABLE is 64-bit only (due to flags in vma bits), likely so is vDSO getrandom() for the time being. So I think it makes more sense to retool this series to be ppc64, and then if you really really want 32-bit and can convince folks it matters, then all of these parts (for example, here, the fact that the smp helper doesn't want to tear) can be fixed up in a separate series.
So yes I really really want it on ppc32 because this is the only type of boards I have and this is really were we need getrandom() to be optimised, indeed ppc64 was sherry-on-the-cake in my series, I just added it because it was easy to do after doing ppc32.
I saw that you did in fact find a bit on ppc32 for VM_DROPPABLE. So it looks at least possible. Because of this generation counter business, I still think it might make sense to do in two steps, though, first doing 64-bit, and then doing 32-bit after.
As for the generation counter error you're seeing, I guess what we want is smp_store_release memory ordering semantics, but letting tearing happen (since the upper 32-bits will be zero anyway). I'm not sure the best way to do this, whether it's a new helper, or doing a WRITE_ONCE together with an smp barrier, or what. But I imagine it's something like that.
Jason