diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-11 17:18:38 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-11 17:18:38 -0500 |
| commit | 24af98c4cf5f5e69266e270c7f3fb34b82ff6656 (patch) | |
| tree | 70d71381c841c92b2d28397bf0c5d6a7d9bbbaac /kernel/futex.c | |
| parent | 9061cbe62adeccf8c986883bcd40f4aeee59ea75 (diff) | |
| parent | 337f13046ff03717a9e99675284a817527440a49 (diff) | |
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull locking updates from Ingo Molnar:
"So we have a laundry list of locking subsystem changes:
- continuing barrier API and code improvements
- futex enhancements
- atomics API improvements
- pvqspinlock enhancements: in particular lock stealing and adaptive
spinning
- qspinlock micro-enhancements"
* 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op
futex: Cleanup the goto confusion in requeue_pi()
futex: Remove pointless put_pi_state calls in requeue()
futex: Document pi_state refcounting in requeue code
futex: Rename free_pi_state() to put_pi_state()
futex: Drop refcount if requeue_pi() acquired the rtmutex
locking/barriers, arch: Remove ambiguous statement in the smp_store_mb() documentation
lcoking/barriers, arch: Use smp barriers in smp_store_release()
locking/cmpxchg, arch: Remove tas() definitions
locking/pvqspinlock: Queue node adaptive spinning
locking/pvqspinlock: Allow limited lock stealing
locking/pvqspinlock: Collect slowpath lock statistics
sched/core, locking: Document Program-Order guarantees
locking, sched: Introduce smp_cond_acquire() and use it
locking/pvqspinlock, x86: Optimize the PV unlock code path
locking/qspinlock: Avoid redundant read of next pointer
locking/qspinlock: Prefetch the next node cacheline
locking/qspinlock: Use _acquire/_release() versions of cmpxchg() & xchg()
atomics: Add test for atomic operations with _relaxed variants
Diffstat (limited to 'kernel/futex.c')
| -rw-r--r-- | kernel/futex.c | 83 |
1 files changed, 61 insertions, 22 deletions
diff --git a/kernel/futex.c b/kernel/futex.c index 684d7549825a..8a310e240cda 100644 --- a/kernel/futex.c +++ b/kernel/futex.c | |||
| @@ -725,9 +725,12 @@ static struct futex_pi_state * alloc_pi_state(void) | |||
| 725 | } | 725 | } |
| 726 | 726 | ||
| 727 | /* | 727 | /* |
| 728 | * Drops a reference to the pi_state object and frees or caches it | ||
| 729 | * when the last reference is gone. | ||
| 730 | * | ||
| 728 | * Must be called with the hb lock held. | 731 | * Must be called with the hb lock held. |
| 729 | */ | 732 | */ |
| 730 | static void free_pi_state(struct futex_pi_state *pi_state) | 733 | static void put_pi_state(struct futex_pi_state *pi_state) |
| 731 | { | 734 | { |
| 732 | if (!pi_state) | 735 | if (!pi_state) |
| 733 | return; | 736 | return; |
| @@ -1706,31 +1709,35 @@ retry_private: | |||
| 1706 | * exist yet, look it up one more time to ensure we have a | 1709 | * exist yet, look it up one more time to ensure we have a |
| 1707 | * reference to it. If the lock was taken, ret contains the | 1710 | * reference to it. If the lock was taken, ret contains the |
| 1708 | * vpid of the top waiter task. | 1711 | * vpid of the top waiter task. |
| 1712 | * If the lock was not taken, we have pi_state and an initial | ||
| 1713 | * refcount on it. In case of an error we have nothing. | ||
| 1709 | */ | 1714 | */ |
| 1710 | if (ret > 0) { | 1715 | if (ret > 0) { |
| 1711 | WARN_ON(pi_state); | 1716 | WARN_ON(pi_state); |
| 1712 | drop_count++; | 1717 | drop_count++; |
| 1713 | task_count++; | 1718 | task_count++; |
| 1714 | /* | 1719 | /* |
| 1715 | * If we acquired the lock, then the user | 1720 | * If we acquired the lock, then the user space value |
| 1716 | * space value of uaddr2 should be vpid. It | 1721 | * of uaddr2 should be vpid. It cannot be changed by |
| 1717 | * cannot be changed by the top waiter as it | 1722 | * the top waiter as it is blocked on hb2 lock if it |
| 1718 | * is blocked on hb2 lock if it tries to do | 1723 | * tries to do so. If something fiddled with it behind |
| 1719 | * so. If something fiddled with it behind our | 1724 | * our back the pi state lookup might unearth it. So |
| 1720 | * back the pi state lookup might unearth | 1725 | * we rather use the known value than rereading and |
| 1721 | * it. So we rather use the known value than | 1726 | * handing potential crap to lookup_pi_state. |
| 1722 | * rereading and handing potential crap to | 1727 | * |
| 1723 | * lookup_pi_state. | 1728 | * If that call succeeds then we have pi_state and an |
| 1729 | * initial refcount on it. | ||
| 1724 | */ | 1730 | */ |
| 1725 | ret = lookup_pi_state(ret, hb2, &key2, &pi_state); | 1731 | ret = lookup_pi_state(ret, hb2, &key2, &pi_state); |
| 1726 | } | 1732 | } |
| 1727 | 1733 | ||
| 1728 | switch (ret) { | 1734 | switch (ret) { |
| 1729 | case 0: | 1735 | case 0: |
| 1736 | /* We hold a reference on the pi state. */ | ||
| 1730 | break; | 1737 | break; |
| 1738 | |||
| 1739 | /* If the above failed, then pi_state is NULL */ | ||
| 1731 | case -EFAULT: | 1740 | case -EFAULT: |
| 1732 | free_pi_state(pi_state); | ||
| 1733 | pi_state = NULL; | ||
| 1734 | double_unlock_hb(hb1, hb2); | 1741 | double_unlock_hb(hb1, hb2); |
| 1735 | hb_waiters_dec(hb2); | 1742 | hb_waiters_dec(hb2); |
| 1736 | put_futex_key(&key2); | 1743 | put_futex_key(&key2); |
| @@ -1746,8 +1753,6 @@ retry_private: | |||
| 1746 | * exit to complete. | 1753 | * exit to complete. |
| 1747 | * - The user space value changed. | 1754 | * - The user space value changed. |
| 1748 | */ | 1755 | */ |
| 1749 | free_pi_state(pi_state); | ||
| 1750 | pi_state = NULL; | ||
| 1751 | double_unlock_hb(hb1, hb2); | 1756 | double_unlock_hb(hb1, hb2); |
| 1752 | hb_waiters_dec(hb2); | 1757 | hb_waiters_dec(hb2); |
| 1753 | put_futex_key(&key2); | 1758 | put_futex_key(&key2); |
| @@ -1801,30 +1806,58 @@ retry_private: | |||
| 1801 | * of requeue_pi if we couldn't acquire the lock atomically. | 1806 | * of requeue_pi if we couldn't acquire the lock atomically. |
| 1802 | */ | 1807 | */ |
| 1803 | if (requeue_pi) { | 1808 | if (requeue_pi) { |
| 1804 | /* Prepare the waiter to take the rt_mutex. */ | 1809 | /* |
| 1810 | * Prepare the waiter to take the rt_mutex. Take a | ||
| 1811 | * refcount on the pi_state and store the pointer in | ||
| 1812 | * the futex_q object of the waiter. | ||
| 1813 | */ | ||
| 1805 | atomic_inc(&pi_state->refcount); | 1814 | atomic_inc(&pi_state->refcount); |
| 1806 | this->pi_state = pi_state; | 1815 | this->pi_state = pi_state; |
| 1807 | ret = rt_mutex_start_proxy_lock(&pi_state->pi_mutex, | 1816 | ret = rt_mutex_start_proxy_lock(&pi_state->pi_mutex, |
| 1808 | this->rt_waiter, | 1817 | this->rt_waiter, |
| 1809 | this->task); | 1818 | this->task); |
| 1810 | if (ret == 1) { | 1819 | if (ret == 1) { |
| 1811 | /* We got the lock. */ | 1820 | /* |
| 1821 | * We got the lock. We do neither drop the | ||
| 1822 | * refcount on pi_state nor clear | ||
| 1823 | * this->pi_state because the waiter needs the | ||
| 1824 | * pi_state for cleaning up the user space | ||
| 1825 | * value. It will drop the refcount after | ||
| 1826 | * doing so. | ||
| 1827 | */ | ||
| 1812 | requeue_pi_wake_futex(this, &key2, hb2); | 1828 | requeue_pi_wake_futex(this, &key2, hb2); |
| 1813 | drop_count++; | 1829 | drop_count++; |
| 1814 | continue; | 1830 | continue; |
| 1815 | } else if (ret) { | 1831 | } else if (ret) { |
| 1816 | /* -EDEADLK */ | 1832 | /* |
| 1833 | * rt_mutex_start_proxy_lock() detected a | ||
| 1834 | * potential deadlock when we tried to queue | ||
| 1835 | * that waiter. Drop the pi_state reference | ||
| 1836 | * which we took above and remove the pointer | ||
| 1837 | * to the state from the waiters futex_q | ||
| 1838 | * object. | ||
| 1839 | */ | ||
| 1817 | this->pi_state = NULL; | 1840 | this->pi_state = NULL; |
| 1818 | free_pi_state(pi_state); | 1841 | put_pi_state(pi_state); |
| 1819 | goto out_unlock; | 1842 | /* |
| 1843 | * We stop queueing more waiters and let user | ||
| 1844 | * space deal with the mess. | ||
| 1845 | */ | ||
| 1846 | break; | ||
| 1820 | } | 1847 | } |
| 1821 | } | 1848 | } |
| 1822 | requeue_futex(this, hb1, hb2, &key2); | 1849 | requeue_futex(this, hb1, hb2, &key2); |
| 1823 | drop_count++; | 1850 | drop_count++; |
| 1824 | } | 1851 | } |
| 1825 | 1852 | ||
| 1853 | /* | ||
| 1854 | * We took an extra initial reference to the pi_state either | ||
| 1855 | * in futex_proxy_trylock_atomic() or in lookup_pi_state(). We | ||
| 1856 | * need to drop it here again. | ||
| 1857 | */ | ||
| 1858 | put_pi_state(pi_state); | ||
| 1859 | |||
| 1826 | out_unlock: | 1860 | out_unlock: |
| 1827 | free_pi_state(pi_state); | ||
| 1828 | double_unlock_hb(hb1, hb2); | 1861 | double_unlock_hb(hb1, hb2); |
| 1829 | wake_up_q(&wake_q); | 1862 | wake_up_q(&wake_q); |
| 1830 | hb_waiters_dec(hb2); | 1863 | hb_waiters_dec(hb2); |
| @@ -1973,7 +2006,7 @@ static void unqueue_me_pi(struct futex_q *q) | |||
| 1973 | __unqueue_futex(q); | 2006 | __unqueue_futex(q); |
| 1974 | 2007 | ||
| 1975 | BUG_ON(!q->pi_state); | 2008 | BUG_ON(!q->pi_state); |
| 1976 | free_pi_state(q->pi_state); | 2009 | put_pi_state(q->pi_state); |
| 1977 | q->pi_state = NULL; | 2010 | q->pi_state = NULL; |
| 1978 | 2011 | ||
| 1979 | spin_unlock(q->lock_ptr); | 2012 | spin_unlock(q->lock_ptr); |
| @@ -2755,6 +2788,11 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags, | |||
| 2755 | if (q.pi_state && (q.pi_state->owner != current)) { | 2788 | if (q.pi_state && (q.pi_state->owner != current)) { |
| 2756 | spin_lock(q.lock_ptr); | 2789 | spin_lock(q.lock_ptr); |
| 2757 | ret = fixup_pi_state_owner(uaddr2, &q, current); | 2790 | ret = fixup_pi_state_owner(uaddr2, &q, current); |
| 2791 | /* | ||
| 2792 | * Drop the reference to the pi state which | ||
| 2793 | * the requeue_pi() code acquired for us. | ||
| 2794 | */ | ||
| 2795 | put_pi_state(q.pi_state); | ||
| 2758 | spin_unlock(q.lock_ptr); | 2796 | spin_unlock(q.lock_ptr); |
| 2759 | } | 2797 | } |
| 2760 | } else { | 2798 | } else { |
| @@ -3046,7 +3084,8 @@ long do_futex(u32 __user *uaddr, int op, u32 val, ktime_t *timeout, | |||
| 3046 | 3084 | ||
| 3047 | if (op & FUTEX_CLOCK_REALTIME) { | 3085 | if (op & FUTEX_CLOCK_REALTIME) { |
| 3048 | flags |= FLAGS_CLOCKRT; | 3086 | flags |= FLAGS_CLOCKRT; |
| 3049 | if (cmd != FUTEX_WAIT_BITSET && cmd != FUTEX_WAIT_REQUEUE_PI) | 3087 | if (cmd != FUTEX_WAIT && cmd != FUTEX_WAIT_BITSET && \ |
| 3088 | cmd != FUTEX_WAIT_REQUEUE_PI) | ||
| 3050 | return -ENOSYS; | 3089 | return -ENOSYS; |
| 3051 | } | 3090 | } |
| 3052 | 3091 | ||