On 8/25/20 5:20 PM, Ondrej Mosnacek wrote: > Instead of holding the RCU read lock the whole time while accessing the > policy, add a simple refcount mechanism to track its lifetime. After > this, the RCU read lock is held only for a brief time when fetching the > policy pointer and incrementing the refcount. The policy struct is then > guaranteed to stay alive until the refcount is decremented. > > Freeing of the policy remains the responsibility of the task that does > the policy reload. In case the refcount drops to zero in a different > task, the policy load task is notified via a completion. > > The advantage of this change is that the operations that access the > policy can now do sleeping allocations, since they don't need to hold > the RCU read lock anymore. This patch so far only leverages this in > security_read_policy() for the vmalloc_user() allocation (although this > function is always called under fsi->mutex and could just access the > policy pointer directly). The conversion of affected GFP_ATOMIC > allocations to GFP_KERNEL is left for a later patch, since auditing > which code paths may still need GFP_ATOMIC is not very easy. > > Signed-off-by: Ondrej Mosnacek <omosn...@redhat.com> > Very clever. But is it the right prioritization? We get a lot more cpu synchronization need with two RCU in-out and refcounts inc/dec instead of only one RCU in-out. What is the problem with the atomic allocations? And this if for each syscall, all caches are on the inside?
