On Mon, Aug 17, 2020 at 7:43 PM Andy Shevchenko
[off-list ref] wrote:

On Mon, Aug 17, 2020 at 07:05:33PM +0200, Bartosz Golaszewski wrote:

quoted

From: Bartosz Golaszewski <redacted>

Implement the managed variant of krealloc(). This function works with
all memory allocated by devm_kmalloc() (or devres functions using it
implicitly like devm_kmemdup(), devm_kstrdup() etc.).

Managed realloc'ed chunks can be manually released with devm_kfree().

Thanks for an update! My comments / questions below.

...

quoted

+static struct devres *to_devres(void *data)
+{
+     return (struct devres *)((u8 *)data - ALIGN(sizeof(struct devres),
+                                                 ARCH_KMALLOC_MINALIGN));

Do you really need both explicit castings?

Yeah, we can probably drop the (struct devres *) here.

quoted

+}

...

quoted

+     total_old_size = ksize(to_devres(ptr));

But how you can guarantee this pointer:
 - belongs to devres,

We can only check if a chunk is dynamically allocated with ksize() -
it will return 0 if it isn't and I'll add a check for that in the next
iteration. We check whether it's a managed chunk later after taking
the lock.

 - hasn't gone while you run a ksize()?

At some point you need to draw a line. In the end: how do you
guarantee a devres buffer hasn't been freed when you're using it? In
my comment to the previous version of this patch I clarified that we
need to protect all modifications of the devres linked list - we must
not realloc a chunk that contains the links without taking the
spinlock but also we must not call alloc() funcs with GFP_KERNEL with
spinlock taken. The issue we could run into is: someone modifies the
linked list by adding/removing other managed resources, not modifying
this one.

The way this function works now guarantees it but other than that:
it's up to the users to not free memory they're actively using.

...

quoted

+     new_dr = alloc_dr(devm_kmalloc_release,
+                       total_new_size, gfp, dev_to_node(dev));

Can you move some parameters to the previous line?

Why though? It's fine this way.

quoted

+     if (!new_dr)
+             return NULL;

...

quoted

+     spin_lock_irqsave(&dev->devres_lock, flags);
+
+     old_dr = find_dr(dev, devm_kmalloc_release, devm_kmalloc_match, ptr);
+     if (!old_dr) {
+             spin_unlock_irqrestore(&dev->devres_lock, flags);
+             devres_free(new_dr);
+             WARN(1, "Memory chunk not managed or managed by a different device.");
+             return NULL;
+     }
+
+     replace_dr(dev, &old_dr->node, &new_dr->node);
+
+     spin_unlock_irqrestore(&dev->devres_lock, flags);
+
+     memcpy(new_dr->data, old_dr->data, devres_data_size(total_old_size));

But new_dr may concurrently gone at this point, no? It means memcpy() should be
under spin lock.

Just as I explained above: we're protecting the linked list, not the
resource itself.

Bartosz

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel