Re: [PATCH v3 3/4] rust: block: convert `block::mq` to use `Refcount`
From: Andreas Hindborg
Date: Thu Feb 20 2025 - 14:19:08 EST
Tamir Duberstein <tamird@xxxxxxxxx> writes:
> On Wed, Feb 19, 2025 at 5:26 PM Tamir Duberstein <tamird@xxxxxxxxx> wrote:
>>
>> On Wed, Feb 19, 2025 at 3:17 PM Gary Guo <gary@xxxxxxxxxxx> wrote:
>> >
>> > Currently there's a custom reference counting in `block::mq`, which uses
>> > `AtomicU64` Rust atomics, and this type doesn't exist on some 32-bit
>> > architectures. We cannot just change it to use 32-bit atomics, because
>> > doing so will make it vulnerable to refcount overflow. So switch it to
>> > use the kernel refcount `kernel::sync::Refcount` instead.
>> >
>> > There is an operation needed by `block::mq`, atomically decreasing
>> > refcount from 2 to 0, which is not available through refcount.h, so
>> > I exposed `Refcount::as_atomic` which allows accessing the refcount
>> > directly.
>> >
>> > Acked-by: Andreas Hindborg <a.hindborg@xxxxxxxxxx>
>> > Signed-off-by: Gary Guo <gary@xxxxxxxxxxx>
>> > ---
>> > rust/kernel/block/mq/operations.rs | 7 +--
>> > rust/kernel/block/mq/request.rs | 70 ++++++++++--------------------
>> > rust/kernel/sync/refcount.rs | 14 ++++++
>> > 3 files changed, 40 insertions(+), 51 deletions(-)
>> >
>> > diff --git a/rust/kernel/block/mq/operations.rs b/rust/kernel/block/mq/operations.rs
>> > index 864ff379dc91..c399dcaa6740 100644
>> > --- a/rust/kernel/block/mq/operations.rs
>> > +++ b/rust/kernel/block/mq/operations.rs
>> > @@ -10,9 +10,10 @@
>> > block::mq::Request,
>> > error::{from_result, Result},
>> > prelude::*,
>> > + sync::Refcount,
>> > types::ARef,
>> > };
>> > -use core::{marker::PhantomData, sync::atomic::AtomicU64, sync::atomic::Ordering};
>> > +use core::marker::PhantomData;
>> >
>> > /// Implement this trait to interface blk-mq as block devices.
>> > ///
>> > @@ -78,7 +79,7 @@ impl<T: Operations> OperationsVTable<T> {
>> > let request = unsafe { &*(*bd).rq.cast::<Request<T>>() };
>> >
>> > // One refcount for the ARef, one for being in flight
>> > - request.wrapper_ref().refcount().store(2, Ordering::Relaxed);
>> > + request.wrapper_ref().refcount().set(2);
>> >
>> > // SAFETY:
>> > // - We own a refcount that we took above. We pass that to `ARef`.
>> > @@ -187,7 +188,7 @@ impl<T: Operations> OperationsVTable<T> {
>> >
>> > // SAFETY: The refcount field is allocated but not initialized, so
>> > // it is valid for writes.
>> > - unsafe { RequestDataWrapper::refcount_ptr(pdu.as_ptr()).write(AtomicU64::new(0)) };
>> > + unsafe { RequestDataWrapper::refcount_ptr(pdu.as_ptr()).write(Refcount::new(0)) };
>>
>> Could we just make the field pub and remove refcount_ptr? I believe a
>> few callers of `wrapper_ptr` could be replaced with `wrapper_ref`.
>
> I took a stab at this to check it was possible:
> https://gist.github.com/tamird/c9de7fa6e54529996f433950268f3f87
The access method uses a raw pointer because it is not always safe to
reference the field.
I think line 25 in your patch is UB as the field is not initialized.
At any rate, such a change is orthogonal. You could submit a separate
patch with that refactor.
Best regards,
Andreas Hindborg