Google Git
Sign in
gbmc/linux/refs/heads/master/./kernel/rseq.c
blob: 38d3ef540760f4379977def7e74327a369c91e54 [file] [log] [blame] [edit]
// SPDX-License-Identifier: GPL-2.0+
/*
* Restartable sequences system call
*
* Copyright (C) 2015, Google, Inc.,
* Paul Turner <pjt@google.com> and Andrew Hunter <ahh@google.com>
* Copyright (C) 2015-2018, EfficiOS Inc.,
* Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
*/
/*
* Restartable sequences are a lightweight interface that allows
* user-level code to be executed atomically relative to scheduler
* preemption and signal delivery. Typically used for implementing
* per-cpu operations.
*
* It allows user-space to perform update operations on per-cpu data
* without requiring heavy-weight atomic operations.
*
* Detailed algorithm of rseq user-space assembly sequences:
*
* init(rseq_cs)
* cpu = TLS->rseq::cpu_id_start
* [1] TLS->rseq::rseq_cs = rseq_cs
* [start_ip] ----------------------------
* [2] if (cpu != TLS->rseq::cpu_id)
* goto abort_ip;
* [3] <last_instruction_in_cs>
* [post_commit_ip] ----------------------------
*
* The address of jump target abort_ip must be outside the critical
* region, i.e.:
*
* [abort_ip] < [start_ip] || [abort_ip] >= [post_commit_ip]
*
* Steps [2]-[3] (inclusive) need to be a sequence of instructions in
* userspace that can handle being interrupted between any of those
* instructions, and then resumed to the abort_ip.
*
* 1. Userspace stores the address of the struct rseq_cs assembly
* block descriptor into the rseq_cs field of the registered
* struct rseq TLS area. This update is performed through a single
* store within the inline assembly instruction sequence.
* [start_ip]
*
* 2. Userspace tests to check whether the current cpu_id field match
* the cpu number loaded before start_ip, branching to abort_ip
* in case of a mismatch.
*
* If the sequence is preempted or interrupted by a signal
* at or after start_ip and before post_commit_ip, then the kernel
* clears TLS->__rseq_abi::rseq_cs, and sets the user-space return
* ip to abort_ip before returning to user-space, so the preempted
* execution resumes at abort_ip.
*
* 3. Userspace critical section final instruction before
* post_commit_ip is the commit. The critical section is
* self-terminating.
* [post_commit_ip]
*
* 4. <success>
*
* On failure at [2], or if interrupted by preempt or signal delivery
* between [1] and [3]:
*
* [abort_ip]
* F1. <failure>
*/
/* Required to select the proper per_cpu ops for rseq_stats_inc() */
#define RSEQ_BUILD_SLOW_PATH
#include <linux/debugfs.h>
#include <linux/hrtimer.h>
#include <linux/percpu.h>
#include <linux/prctl.h>
#include <linux/ratelimit.h>
#include <linux/rseq_entry.h>
#include <linux/sched.h>
#include <linux/syscalls.h>
#include <linux/uaccess.h>
#include <linux/types.h>
#include <linux/rseq.h>
#include <asm/ptrace.h>
#define CREATE_TRACE_POINTS
#include <trace/events/rseq.h>
DEFINE_STATIC_KEY_MAYBE(CONFIG_RSEQ_DEBUG_DEFAULT_ENABLE, rseq_debug_enabled);
static inline void rseq_control_debug(bool on)
{
if (on)
static_branch_enable(&rseq_debug_enabled);
else
static_branch_disable(&rseq_debug_enabled);
}
static int __init rseq_setup_debug(char *str)
{
bool on;
if (kstrtobool(str, &on))
return -EINVAL;
rseq_control_debug(on);
return 1;
}
__setup("rseq_debug=", rseq_setup_debug);
#ifdef CONFIG_TRACEPOINTS
/*
* Out of line, so the actual update functions can be in a header to be
* inlined into the exit to user code.
*/
void __rseq_trace_update(struct task_struct *t)
{
trace_rseq_update(t);
}
void __rseq_trace_ip_fixup(unsigned long ip, unsigned long start_ip,
unsigned long offset, unsigned long abort_ip)
{
trace_rseq_ip_fixup(ip, start_ip, offset, abort_ip);
}
#endif /* CONFIG_TRACEPOINTS */
#ifdef CONFIG_RSEQ_STATS
DEFINE_PER_CPU(struct rseq_stats, rseq_stats);
static int rseq_stats_show(struct seq_file *m, void *p)
{
struct rseq_stats stats = { };
unsigned int cpu;
for_each_possible_cpu(cpu) {
stats.exit += data_race(per_cpu(rseq_stats.exit, cpu));
stats.signal += data_race(per_cpu(rseq_stats.signal, cpu));
stats.slowpath += data_race(per_cpu(rseq_stats.slowpath, cpu));
stats.fastpath += data_race(per_cpu(rseq_stats.fastpath, cpu));
stats.ids += data_race(per_cpu(rseq_stats.ids, cpu));
stats.cs += data_race(per_cpu(rseq_stats.cs, cpu));
stats.clear += data_race(per_cpu(rseq_stats.clear, cpu));
stats.fixup += data_race(per_cpu(rseq_stats.fixup, cpu));
if (IS_ENABLED(CONFIG_RSEQ_SLICE_EXTENSION)) {
stats.s_granted += data_race(per_cpu(rseq_stats.s_granted, cpu));
stats.s_expired += data_race(per_cpu(rseq_stats.s_expired, cpu));
stats.s_revoked += data_race(per_cpu(rseq_stats.s_revoked, cpu));
stats.s_yielded += data_race(per_cpu(rseq_stats.s_yielded, cpu));
stats.s_aborted += data_race(per_cpu(rseq_stats.s_aborted, cpu));
}
}
seq_printf(m, "exit: %16lu\n", stats.exit);
seq_printf(m, "signal: %16lu\n", stats.signal);
seq_printf(m, "slowp: %16lu\n", stats.slowpath);
seq_printf(m, "fastp: %16lu\n", stats.fastpath);
seq_printf(m, "ids: %16lu\n", stats.ids);
seq_printf(m, "cs: %16lu\n", stats.cs);
seq_printf(m, "clear: %16lu\n", stats.clear);
seq_printf(m, "fixup: %16lu\n", stats.fixup);
if (IS_ENABLED(CONFIG_RSEQ_SLICE_EXTENSION)) {
seq_printf(m, "sgrant: %16lu\n", stats.s_granted);
seq_printf(m, "sexpir: %16lu\n", stats.s_expired);
seq_printf(m, "srevok: %16lu\n", stats.s_revoked);
seq_printf(m, "syield: %16lu\n", stats.s_yielded);
seq_printf(m, "sabort: %16lu\n", stats.s_aborted);
}
return 0;
}
static int rseq_stats_open(struct inode *inode, struct file *file)
{
return single_open(file, rseq_stats_show, inode->i_private);
}
static const struct file_operations stat_ops = {
.open = rseq_stats_open,
.read = seq_read,
.llseek = seq_lseek,
.release = single_release,
};
static int __init rseq_stats_init(struct dentry *root_dir)
{
debugfs_create_file("stats", 0444, root_dir, NULL, &stat_ops);
return 0;
}
#else
static inline void rseq_stats_init(struct dentry *root_dir) { }
#endif /* CONFIG_RSEQ_STATS */
static int rseq_debug_show(struct seq_file *m, void *p)
{
bool on = static_branch_unlikely(&rseq_debug_enabled);
seq_printf(m, "%d\n", on);
return 0;
}
static ssize_t rseq_debug_write(struct file *file, const char __user *ubuf,
size_t count, loff_t *ppos)
{
bool on;
if (kstrtobool_from_user(ubuf, count, &on))
return -EINVAL;
rseq_control_debug(on);
return count;
}
static int rseq_debug_open(struct inode *inode, struct file *file)
{
return single_open(file, rseq_debug_show, inode->i_private);
}
static const struct file_operations debug_ops = {
.open = rseq_debug_open,
.read = seq_read,
.write = rseq_debug_write,
.llseek = seq_lseek,
.release = single_release,
};
static void rseq_slice_ext_init(struct dentry *root_dir);
static int __init rseq_debugfs_init(void)
{
struct dentry *root_dir = debugfs_create_dir("rseq", NULL);
debugfs_create_file("debug", 0644, root_dir, NULL, &debug_ops);
rseq_stats_init(root_dir);
if (IS_ENABLED(CONFIG_RSEQ_SLICE_EXTENSION))
rseq_slice_ext_init(root_dir);
return 0;
}
__initcall(rseq_debugfs_init);
static bool rseq_set_ids(struct task_struct *t, struct rseq_ids *ids, u32 node_id)
{
return rseq_set_ids_get_csaddr(t, ids, node_id, NULL);
}
static bool rseq_handle_cs(struct task_struct *t, struct pt_regs *regs)
{
struct rseq __user *urseq = t->rseq.usrptr;
u64 csaddr;
scoped_user_read_access(urseq, efault)
unsafe_get_user(csaddr, &urseq->rseq_cs, efault);
if (likely(!csaddr))
return true;
return rseq_update_user_cs(t, regs, csaddr);
efault:
return false;
}
static void rseq_slowpath_update_usr(struct pt_regs *regs)
{
/*
* Preserve rseq state and user_irq state. The generic entry code
* clears user_irq on the way out, the non-generic entry
* architectures are not having user_irq.
*/
const struct rseq_event evt_mask = { .has_rseq = true, .user_irq = true, };
struct task_struct *t = current;
struct rseq_ids ids;
u32 node_id;
bool event;
if (unlikely(t->flags & PF_EXITING))
return;
rseq_stat_inc(rseq_stats.slowpath);
/*
* Read and clear the event pending bit first. If the task
* was not preempted or migrated or a signal is on the way,
* there is no point in doing any of the heavy lifting here
* on production kernels. In that case TIF_NOTIFY_RESUME
* was raised by some other functionality.
*
* This is correct because the read/clear operation is
* guarded against scheduler preemption, which makes it CPU
* local atomic. If the task is preempted right after
* re-enabling preemption then TIF_NOTIFY_RESUME is set
* again and this function is invoked another time _before_
* the task is able to return to user mode.
*
* On a debug kernel, invoke the fixup code unconditionally
* with the result handed in to allow the detection of
* inconsistencies.
*/
scoped_guard(irq) {
event = t->rseq.event.sched_switch;
t->rseq.event.all &= evt_mask.all;
ids.cpu_id = task_cpu(t);
ids.mm_cid = task_mm_cid(t);
}
if (!event)
return;
node_id = cpu_to_node(ids.cpu_id);
if (unlikely(!rseq_update_usr(t, regs, &ids, node_id))) {
/*
* Clear the errors just in case this might survive magically, but
* leave the rest intact.
*/
t->rseq.event.error = 0;
force_sig(SIGSEGV);
}
}
void __rseq_handle_slowpath(struct pt_regs *regs)
{
/*
* If invoked from hypervisors before entering the guest via
* resume_user_mode_work(), then @regs is a NULL pointer.
*
* resume_user_mode_work() clears TIF_NOTIFY_RESUME and re-raises
* it before returning from the ioctl() to user space when
* rseq_event.sched_switch is set.
*
* So it's safe to ignore here instead of pointlessly updating it
* in the vcpu_run() loop.
*/
if (!regs)
return;
rseq_slowpath_update_usr(regs);
}
void __rseq_signal_deliver(int sig, struct pt_regs *regs)
{
rseq_stat_inc(rseq_stats.signal);
/*
* Don't update IDs, they are handled on exit to user if
* necessary. The important thing is to abort a critical section of
* the interrupted context as after this point the instruction
* pointer in @regs points to the signal handler.
*/
if (unlikely(!rseq_handle_cs(current, regs))) {
/*
* Clear the errors just in case this might survive
* magically, but leave the rest intact.
*/
current->rseq.event.error = 0;
force_sigsegv(sig);
}
}
/*
* Terminate the process if a syscall is issued within a restartable
* sequence.
*/
void __rseq_debug_syscall_return(struct pt_regs *regs)
{
struct task_struct *t = current;
u64 csaddr;
if (!t->rseq.event.has_rseq)
return;
if (get_user(csaddr, &t->rseq.usrptr->rseq_cs))
goto fail;
if (likely(!csaddr))
return;
if (unlikely(csaddr >= TASK_SIZE))
goto fail;
if (rseq_debug_update_user_cs(t, regs, csaddr))
return;
fail:
force_sig(SIGSEGV);
}
#ifdef CONFIG_DEBUG_RSEQ
/* Kept around to keep GENERIC_ENTRY=n architectures supported. */
void rseq_syscall(struct pt_regs *regs)
{
__rseq_debug_syscall_return(regs);
}
#endif
static bool rseq_reset_ids(void)
{
struct rseq_ids ids = {
.cpu_id = RSEQ_CPU_ID_UNINITIALIZED,
.mm_cid = 0,
};
/*
* If this fails, terminate it because this leaves the kernel in
* stupid state as exit to user space will try to fixup the ids
* again.
*/
if (rseq_set_ids(current, &ids, 0))
return true;
force_sig(SIGSEGV);
return false;
}
/* The original rseq structure size (including padding) is 32 bytes. */
#define ORIG_RSEQ_SIZE 32
/*
* sys_rseq - setup restartable sequences for caller thread.
*/
SYSCALL_DEFINE4(rseq, struct rseq __user *, rseq, u32, rseq_len, int, flags, u32, sig)
{
u32 rseqfl = 0;
if (flags & RSEQ_FLAG_UNREGISTER) {
if (flags & ~RSEQ_FLAG_UNREGISTER)
return -EINVAL;
/* Unregister rseq for current thread. */
if (current->rseq.usrptr != rseq || !current->rseq.usrptr)
return -EINVAL;
if (rseq_len != current->rseq.len)
return -EINVAL;
if (current->rseq.sig != sig)
return -EPERM;
if (!rseq_reset_ids())
return -EFAULT;
rseq_reset(current);
return 0;
}
if (unlikely(flags & ~(RSEQ_FLAG_SLICE_EXT_DEFAULT_ON)))
return -EINVAL;
if (current->rseq.usrptr) {
/*
* If rseq is already registered, check whether
* the provided address differs from the prior
* one.
*/
if (current->rseq.usrptr != rseq || rseq_len != current->rseq.len)
return -EINVAL;
if (current->rseq.sig != sig)
return -EPERM;
/* Already registered. */
return -EBUSY;
}
/*
* If there was no rseq previously registered, ensure the provided rseq
* is properly aligned, as communcated to user-space through the ELF
* auxiliary vector AT_RSEQ_ALIGN. If rseq_len is the original rseq
* size, the required alignment is the original struct rseq alignment.
*
* The rseq_len is required to be greater or equal to the original rseq
* size. In order to be valid, rseq_len is either the original rseq size,
* or large enough to contain all supported fields, as communicated to
* user-space through the ELF auxiliary vector AT_RSEQ_FEATURE_SIZE.
*/
if (rseq_len < ORIG_RSEQ_SIZE ||
(rseq_len == ORIG_RSEQ_SIZE && !IS_ALIGNED((unsigned long)rseq, ORIG_RSEQ_SIZE)) ||
(rseq_len != ORIG_RSEQ_SIZE && (!IS_ALIGNED((unsigned long)rseq, rseq_alloc_align()) ||
rseq_len < offsetof(struct rseq, end))))
return -EINVAL;
if (!access_ok(rseq, rseq_len))
return -EFAULT;
if (IS_ENABLED(CONFIG_RSEQ_SLICE_EXTENSION)) {
rseqfl |= RSEQ_CS_FLAG_SLICE_EXT_AVAILABLE;
if (rseq_slice_extension_enabled() &&
(flags & RSEQ_FLAG_SLICE_EXT_DEFAULT_ON))
rseqfl |= RSEQ_CS_FLAG_SLICE_EXT_ENABLED;
}
scoped_user_write_access(rseq, efault) {
/*
* If the rseq_cs pointer is non-NULL on registration, clear it to
* avoid a potential segfault on return to user-space. The proper thing
* to do would have been to fail the registration but this would break
* older libcs that reuse the rseq area for new threads without
* clearing the fields. Don't bother reading it, just reset it.
*/
unsafe_put_user(0UL, &rseq->rseq_cs, efault);
unsafe_put_user(rseqfl, &rseq->flags, efault);
/* Initialize IDs in user space */
unsafe_put_user(RSEQ_CPU_ID_UNINITIALIZED, &rseq->cpu_id_start, efault);
unsafe_put_user(RSEQ_CPU_ID_UNINITIALIZED, &rseq->cpu_id, efault);
unsafe_put_user(0U, &rseq->node_id, efault);
unsafe_put_user(0U, &rseq->mm_cid, efault);
unsafe_put_user(0U, &rseq->slice_ctrl.all, efault);
}
/*
* Activate the registration by setting the rseq area address, length
* and signature in the task struct.
*/
current->rseq.usrptr = rseq;
current->rseq.len = rseq_len;
current->rseq.sig = sig;
#ifdef CONFIG_RSEQ_SLICE_EXTENSION
current->rseq.slice.state.enabled = !!(rseqfl & RSEQ_CS_FLAG_SLICE_EXT_ENABLED);
#endif
/*
* If rseq was previously inactive, and has just been
* registered, ensure the cpu_id_start and cpu_id fields
* are updated before returning to user-space.
*/
current->rseq.event.has_rseq = true;
rseq_force_update();
return 0;
efault:
return -EFAULT;
}
#ifdef CONFIG_RSEQ_SLICE_EXTENSION
struct slice_timer {
struct hrtimer timer;
void *cookie;
};
static const unsigned int rseq_slice_ext_nsecs_min = 5 * NSEC_PER_USEC;
static const unsigned int rseq_slice_ext_nsecs_max = 50 * NSEC_PER_USEC;
unsigned int rseq_slice_ext_nsecs __read_mostly = rseq_slice_ext_nsecs_min;
static DEFINE_PER_CPU(struct slice_timer, slice_timer);
DEFINE_STATIC_KEY_TRUE(rseq_slice_extension_key);
/*
* When the timer expires and the task is still in user space, the return
* from interrupt will revoke the grant and schedule. If the task already
* entered the kernel via a syscall and the timer fires before the syscall
* work was able to cancel it, then depending on the preemption model this
* will either reschedule on return from interrupt or in the syscall work
* below.
*/
static enum hrtimer_restart rseq_slice_expired(struct hrtimer *tmr)
{
struct slice_timer *st = container_of(tmr, struct slice_timer, timer);
/*
* Validate that the task which armed the timer is still on the
* CPU. It could have been scheduled out without canceling the
* timer.
*/
if (st->cookie == current && current->rseq.slice.state.granted) {
rseq_stat_inc(rseq_stats.s_expired);
set_need_resched_current();
}
return HRTIMER_NORESTART;
}
bool __rseq_arm_slice_extension_timer(void)
{
struct slice_timer *st = this_cpu_ptr(&slice_timer);
struct task_struct *curr = current;
lockdep_assert_irqs_disabled();
/*
* This check prevents a task, which got a time slice extension
* granted, from exceeding the maximum scheduling latency when the
* grant expired before going out to user space. Don't bother to
* clear the grant here, it will be cleaned up automatically before
* going out to user space after being scheduled back in.
*/
if ((unlikely(curr->rseq.slice.expires < ktime_get_mono_fast_ns()))) {
set_need_resched_current();
return true;
}
/*
* Store the task pointer as a cookie for comparison in the timer
* function. This is safe as the timer is CPU local and cannot be
* in the expiry function at this point.
*/
st->cookie = curr;
hrtimer_start(&st->timer, curr->rseq.slice.expires, HRTIMER_MODE_ABS_PINNED_HARD);
/* Arm the syscall entry work */
set_task_syscall_work(curr, SYSCALL_RSEQ_SLICE);
return false;
}
static void rseq_cancel_slice_extension_timer(void)
{
struct slice_timer *st = this_cpu_ptr(&slice_timer);
/*
* st->cookie can be safely read as preemption is disabled and the
* timer is CPU local.
*
* As this is most probably the first expiring timer, the cancel is
* expensive as it has to reprogram the hardware, but that's less
* expensive than going through a full hrtimer_interrupt() cycle
* for nothing.
*
* hrtimer_try_to_cancel() is sufficient here as the timer is CPU
* local and once the hrtimer code disabled interrupts the timer
* callback cannot be running.
*/
if (st->cookie == current)
hrtimer_try_to_cancel(&st->timer);
}
static inline void rseq_slice_set_need_resched(struct task_struct *curr)
{
/*
* The interrupt guard is required to prevent inconsistent state in
* this case:
*
* set_tsk_need_resched()
* --> Interrupt
* wakeup()
* set_tsk_need_resched()
* set_preempt_need_resched()
* schedule_on_return()
* clear_tsk_need_resched()
* clear_preempt_need_resched()
* set_preempt_need_resched() <- Inconsistent state
*
* This is safe vs. a remote set of TIF_NEED_RESCHED because that
* only sets the already set bit and does not create inconsistent
* state.
*/
scoped_guard(irq)
set_need_resched_current();
}
static void rseq_slice_validate_ctrl(u32 expected)
{
u32 __user *sctrl = &current->rseq.usrptr->slice_ctrl.all;
u32 uval;
if (get_user(uval, sctrl) || uval != expected)
force_sig(SIGSEGV);
}
/*
* Invoked from syscall entry if a time slice extension was granted and the
* kernel did not clear it before user space left the critical section.
*
* While the recommended way to relinquish the CPU side effect free is
* rseq_slice_yield(2), any syscall within a granted slice terminates the
* grant and immediately reschedules if required. This supports onion layer
* applications, where the code requesting the grant cannot control the
* code within the critical section.
*/
void rseq_syscall_enter_work(long syscall)
{
struct task_struct *curr = current;
struct rseq_slice_ctrl ctrl = { .granted = curr->rseq.slice.state.granted };
clear_task_syscall_work(curr, SYSCALL_RSEQ_SLICE);
if (static_branch_unlikely(&rseq_debug_enabled))
rseq_slice_validate_ctrl(ctrl.all);
/*
* The kernel might have raced, revoked the grant and updated
* userspace, but kept the SLICE work set.
*/
if (!ctrl.granted)
return;
/*
* Required to stabilize the per CPU timer pointer and to make
* set_tsk_need_resched() correct on PREEMPT[RT] kernels.
*
* Leaving the scope will reschedule on preemption models FULL,
* LAZY and RT if necessary.
*/
scoped_guard(preempt) {
rseq_cancel_slice_extension_timer();
/*
* Now that preemption is disabled, quickly check whether
* the task was already rescheduled before arriving here.
*/
if (!curr->rseq.event.sched_switch) {
rseq_slice_set_need_resched(curr);
if (syscall == __NR_rseq_slice_yield) {
rseq_stat_inc(rseq_stats.s_yielded);
/* Update the yielded state for syscall return */
curr->rseq.slice.yielded = 1;
} else {
rseq_stat_inc(rseq_stats.s_aborted);
}
}
}
/* Reschedule on NONE/VOLUNTARY preemption models */
cond_resched();
/* Clear the grant in kernel state and user space */
curr->rseq.slice.state.granted = false;
if (put_user(0U, &curr->rseq.usrptr->slice_ctrl.all))
force_sig(SIGSEGV);
}
int rseq_slice_extension_prctl(unsigned long arg2, unsigned long arg3)
{
switch (arg2) {
case PR_RSEQ_SLICE_EXTENSION_GET:
if (arg3)
return -EINVAL;
return current->rseq.slice.state.enabled ? PR_RSEQ_SLICE_EXT_ENABLE : 0;
case PR_RSEQ_SLICE_EXTENSION_SET: {
u32 rflags, valid = RSEQ_CS_FLAG_SLICE_EXT_AVAILABLE;
bool enable = !!(arg3 & PR_RSEQ_SLICE_EXT_ENABLE);
if (arg3 & ~PR_RSEQ_SLICE_EXT_ENABLE)
return -EINVAL;
if (!rseq_slice_extension_enabled())
return -ENOTSUPP;
if (!current->rseq.usrptr)
return -ENXIO;
/* No change? */
if (enable == !!current->rseq.slice.state.enabled)
return 0;
if (get_user(rflags, &current->rseq.usrptr->flags))
goto die;
if (current->rseq.slice.state.enabled)
valid |= RSEQ_CS_FLAG_SLICE_EXT_ENABLED;
if ((rflags & valid) != valid)
goto die;
rflags &= ~RSEQ_CS_FLAG_SLICE_EXT_ENABLED;
rflags |= RSEQ_CS_FLAG_SLICE_EXT_AVAILABLE;
if (enable)
rflags |= RSEQ_CS_FLAG_SLICE_EXT_ENABLED;
if (put_user(rflags, &current->rseq.usrptr->flags))
goto die;
current->rseq.slice.state.enabled = enable;
return 0;
}
default:
return -EINVAL;
}
die:
force_sig(SIGSEGV);
return -EFAULT;
}
/**
* sys_rseq_slice_yield - yield the current processor side effect free if a
* task granted with a time slice extension is done with
* the critical work before being forced out.
*
* Return: 1 if the task successfully yielded the CPU within the granted slice.
* 0 if the slice extension was either never granted or was revoked by
* going over the granted extension, using a syscall other than this one
* or being scheduled out earlier due to a subsequent interrupt.
*
* The syscall does not schedule because the syscall entry work immediately
* relinquishes the CPU and schedules if required.
*/
SYSCALL_DEFINE0(rseq_slice_yield)
{
int yielded = !!current->rseq.slice.yielded;
current->rseq.slice.yielded = 0;
return yielded;
}
static int rseq_slice_ext_show(struct seq_file *m, void *p)
{
seq_printf(m, "%d\n", rseq_slice_ext_nsecs);
return 0;
}
static ssize_t rseq_slice_ext_write(struct file *file, const char __user *ubuf,
size_t count, loff_t *ppos)
{
unsigned int nsecs;
if (kstrtouint_from_user(ubuf, count, 10, &nsecs))
return -EINVAL;
if (nsecs < rseq_slice_ext_nsecs_min)
return -ERANGE;
if (nsecs > rseq_slice_ext_nsecs_max)
return -ERANGE;
rseq_slice_ext_nsecs = nsecs;
return count;
}
static int rseq_slice_ext_open(struct inode *inode, struct file *file)
{
return single_open(file, rseq_slice_ext_show, inode->i_private);
}
static const struct file_operations slice_ext_ops = {
.open = rseq_slice_ext_open,
.read = seq_read,
.write = rseq_slice_ext_write,
.llseek = seq_lseek,
.release = single_release,
};
static void rseq_slice_ext_init(struct dentry *root_dir)
{
debugfs_create_file("slice_ext_nsec", 0644, root_dir, NULL, &slice_ext_ops);
}
static int __init rseq_slice_cmdline(char *str)
{
bool on;
if (kstrtobool(str, &on))
return 0;
if (!on)
static_branch_disable(&rseq_slice_extension_key);
return 1;
}
__setup("rseq_slice_ext=", rseq_slice_cmdline);
static int __init rseq_slice_init(void)
{
unsigned int cpu;
for_each_possible_cpu(cpu) {
hrtimer_setup(per_cpu_ptr(&slice_timer.timer, cpu), rseq_slice_expired,
CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED_HARD);
}
return 0;
}
device_initcall(rseq_slice_init);
#else
static void rseq_slice_ext_init(struct dentry *root_dir) { }
#endif /* CONFIG_RSEQ_SLICE_EXTENSION */