| Message ID | 20230828020021.2489641-2-yukuai1@huaweicloud.com (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | Song Liu |
| Headers | show |
| Series | md: synchronize io with array reconfiguration | expand |
On Mon, Aug 28, 2023 at 10:04 AM Yu Kuai <yukuai1@huaweicloud.com> wrote: > > From: Yu Kuai <yukuai3@huawei.com> > > Because reading 'suspend_lo' and 'suspend_hi' from md_handle_request() > is not protected, use READ_ONCE/WRITE_ONCE to prevent reading abnormal > value. Hi Kuai If we don't use READ_ONCE/WRITE_ONCE, What's the risk here? Could you explain in detail or give an example? Regards Xiao > > Signed-off-by: Yu Kuai <yukuai3@huawei.com> > --- > drivers/md/md.c | 16 +++++++++------- > 1 file changed, 9 insertions(+), 7 deletions(-) > > diff --git a/drivers/md/md.c b/drivers/md/md.c > index 46badd13a687..9d8dff9d923c 100644 > --- a/drivers/md/md.c > +++ b/drivers/md/md.c > @@ -359,11 +359,11 @@ static bool is_suspended(struct mddev *mddev, struct bio *bio) > return true; > if (bio_data_dir(bio) != WRITE) > return false; > - if (mddev->suspend_lo >= mddev->suspend_hi) > + if (READ_ONCE(mddev->suspend_lo) >= READ_ONCE(mddev->suspend_hi)) > return false; > - if (bio->bi_iter.bi_sector >= mddev->suspend_hi) > + if (bio->bi_iter.bi_sector >= READ_ONCE(mddev->suspend_hi)) > return false; > - if (bio_end_sector(bio) < mddev->suspend_lo) > + if (bio_end_sector(bio) < READ_ONCE(mddev->suspend_lo)) > return false; > return true; > } > @@ -5171,7 +5171,8 @@ __ATTR(sync_max, S_IRUGO|S_IWUSR, max_sync_show, max_sync_store); > static ssize_t > suspend_lo_show(struct mddev *mddev, char *page) > { > - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_lo); > + return sprintf(page, "%llu\n", > + (unsigned long long)READ_ONCE(mddev->suspend_lo)); > } > > static ssize_t > @@ -5191,7 +5192,7 @@ suspend_lo_store(struct mddev *mddev, const char *buf, size_t len) > return err; > > mddev_suspend(mddev); > - mddev->suspend_lo = new; > + WRITE_ONCE(mddev->suspend_lo, new); > mddev_resume(mddev); > > mddev_unlock(mddev); > @@ -5203,7 +5204,8 @@ __ATTR(suspend_lo, S_IRUGO|S_IWUSR, suspend_lo_show, suspend_lo_store); > static ssize_t > suspend_hi_show(struct mddev *mddev, char *page) > { > - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_hi); > + return sprintf(page, "%llu\n", > + (unsigned long long)READ_ONCE(mddev->suspend_hi)); > } > > static ssize_t > @@ -5223,7 +5225,7 @@ suspend_hi_store(struct mddev *mddev, const char *buf, size_t len) > return err; > > mddev_suspend(mddev); > - mddev->suspend_hi = new; > + WRITE_ONCE(mddev->suspend_hi, new); > mddev_resume(mddev); > > mddev_unlock(mddev); > -- > 2.39.2 >
Hi, 在 2023/09/14 10:53, Xiao Ni 写道: > On Mon, Aug 28, 2023 at 10:04 AM Yu Kuai <yukuai1@huaweicloud.com> wrote: >> >> From: Yu Kuai <yukuai3@huawei.com> >> >> Because reading 'suspend_lo' and 'suspend_hi' from md_handle_request() >> is not protected, use READ_ONCE/WRITE_ONCE to prevent reading abnormal >> value. > > Hi Kuai > > If we don't use READ_ONCE/WRITE_ONCE, What's the risk here? Could you > explain in detail or give an example? Sorry for the late reply. That depends on the architecture, a load/store may not be atomice, for example: // assume a is 10 t1 write 01 // write half first a = 11 t2 read //read a = 11 -> read abnormal value. // write other half a = 01 READ_ONCE/WRITE_ONCE can guarantee that either old value or new value is read. Thanks, Kuai > > Regards > Xiao >> >> Signed-off-by: Yu Kuai <yukuai3@huawei.com> >> --- >> drivers/md/md.c | 16 +++++++++------- >> 1 file changed, 9 insertions(+), 7 deletions(-) >> >> diff --git a/drivers/md/md.c b/drivers/md/md.c >> index 46badd13a687..9d8dff9d923c 100644 >> --- a/drivers/md/md.c >> +++ b/drivers/md/md.c >> @@ -359,11 +359,11 @@ static bool is_suspended(struct mddev *mddev, struct bio *bio) >> return true; >> if (bio_data_dir(bio) != WRITE) >> return false; >> - if (mddev->suspend_lo >= mddev->suspend_hi) >> + if (READ_ONCE(mddev->suspend_lo) >= READ_ONCE(mddev->suspend_hi)) >> return false; >> - if (bio->bi_iter.bi_sector >= mddev->suspend_hi) >> + if (bio->bi_iter.bi_sector >= READ_ONCE(mddev->suspend_hi)) >> return false; >> - if (bio_end_sector(bio) < mddev->suspend_lo) >> + if (bio_end_sector(bio) < READ_ONCE(mddev->suspend_lo)) >> return false; >> return true; >> } >> @@ -5171,7 +5171,8 @@ __ATTR(sync_max, S_IRUGO|S_IWUSR, max_sync_show, max_sync_store); >> static ssize_t >> suspend_lo_show(struct mddev *mddev, char *page) >> { >> - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_lo); >> + return sprintf(page, "%llu\n", >> + (unsigned long long)READ_ONCE(mddev->suspend_lo)); >> } >> >> static ssize_t >> @@ -5191,7 +5192,7 @@ suspend_lo_store(struct mddev *mddev, const char *buf, size_t len) >> return err; >> >> mddev_suspend(mddev); >> - mddev->suspend_lo = new; >> + WRITE_ONCE(mddev->suspend_lo, new); >> mddev_resume(mddev); >> >> mddev_unlock(mddev); >> @@ -5203,7 +5204,8 @@ __ATTR(suspend_lo, S_IRUGO|S_IWUSR, suspend_lo_show, suspend_lo_store); >> static ssize_t >> suspend_hi_show(struct mddev *mddev, char *page) >> { >> - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_hi); >> + return sprintf(page, "%llu\n", >> + (unsigned long long)READ_ONCE(mddev->suspend_hi)); >> } >> >> static ssize_t >> @@ -5223,7 +5225,7 @@ suspend_hi_store(struct mddev *mddev, const char *buf, size_t len) >> return err; >> >> mddev_suspend(mddev); >> - mddev->suspend_hi = new; >> + WRITE_ONCE(mddev->suspend_hi, new); >> mddev_resume(mddev); >> >> mddev_unlock(mddev); >> -- >> 2.39.2 >> > > . >
diff --git a/drivers/md/md.c b/drivers/md/md.c index 46badd13a687..9d8dff9d923c 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -359,11 +359,11 @@ static bool is_suspended(struct mddev *mddev, struct bio *bio) return true; if (bio_data_dir(bio) != WRITE) return false; - if (mddev->suspend_lo >= mddev->suspend_hi) + if (READ_ONCE(mddev->suspend_lo) >= READ_ONCE(mddev->suspend_hi)) return false; - if (bio->bi_iter.bi_sector >= mddev->suspend_hi) + if (bio->bi_iter.bi_sector >= READ_ONCE(mddev->suspend_hi)) return false; - if (bio_end_sector(bio) < mddev->suspend_lo) + if (bio_end_sector(bio) < READ_ONCE(mddev->suspend_lo)) return false; return true; } @@ -5171,7 +5171,8 @@ __ATTR(sync_max, S_IRUGO|S_IWUSR, max_sync_show, max_sync_store); static ssize_t suspend_lo_show(struct mddev *mddev, char *page) { - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_lo); + return sprintf(page, "%llu\n", + (unsigned long long)READ_ONCE(mddev->suspend_lo)); } static ssize_t @@ -5191,7 +5192,7 @@ suspend_lo_store(struct mddev *mddev, const char *buf, size_t len) return err; mddev_suspend(mddev); - mddev->suspend_lo = new; + WRITE_ONCE(mddev->suspend_lo, new); mddev_resume(mddev); mddev_unlock(mddev); @@ -5203,7 +5204,8 @@ __ATTR(suspend_lo, S_IRUGO|S_IWUSR, suspend_lo_show, suspend_lo_store); static ssize_t suspend_hi_show(struct mddev *mddev, char *page) { - return sprintf(page, "%llu\n", (unsigned long long)mddev->suspend_hi); + return sprintf(page, "%llu\n", + (unsigned long long)READ_ONCE(mddev->suspend_hi)); } static ssize_t @@ -5223,7 +5225,7 @@ suspend_hi_store(struct mddev *mddev, const char *buf, size_t len) return err; mddev_suspend(mddev); - mddev->suspend_hi = new; + WRITE_ONCE(mddev->suspend_hi, new); mddev_resume(mddev); mddev_unlock(mddev);