On Tue, Jul 03, 2018 at 11:01:02AM +0100, Mark Rutland wrote:
> In many cases, it would be useful to be able to use the full
> sanity-checked refcount helpers regardless of CONFIG_REFCOUNT_FULL, as
> this would help to avoid duplicate warnings where callers try to
> sanity-check refcount manipulation.
>
> This patch refactors things such that the full refcount helpers were
> always built, as refcount_${op}_checked(), such that they can be used
> regardless of CONFIG_REFCOUNT_FULL. This will allow code which *always*
> wants a checked refcount to opt-in, avoiding the need to duplicate the
> logic for warnings.
>
> There should be no functional change as a result of this patch.
>
> Signed-off-by: Mark Rutland <mark.rutl...@arm.com>
> Cc: Boqun Feng <boqun.f...@gmail.com>
> Cc: David Sterba <dste...@suse.com>
> Cc: Ingo Molnar <mi...@kernel.org>
> Cc: Kees Cook <keesc...@chromium.org>
> Cc: Peter Zijlstra <pet...@infradead.org>
> Cc: Peter Zijlstra <pet...@infradead.org>
> Cc: Will Deacon <will.dea...@arm.com>
I dare to give it my
Reviewed-by: David Sterba <dste...@suse.com>
as my POC implementations were crap and Mark's version is much better.
> ---
> include/linux/refcount.h | 27 +++++++++++++++++-------
> lib/refcount.c | 53
> +++++++++++++++++++++++-------------------------
> 2 files changed, 45 insertions(+), 35 deletions(-)
>
> Dave pointed out that it would be useful to be able to opt-in to full checks
> regardless of CONFIG_REFCOUNT_FULL, so that we can simplify callsites where we
> always want checks. I've spotted a few of these in code which is still
> awaiting
> conversion.
The motivation was code like
WARN_ON(refcount_read(&ref));
if (refcount_dec_and_test(&ref)) { ... }
so the warning is redundant for REFCOUNT_FULL, but I'm going to use the
_checked versions everywhere the performance of refcounts is not
critical.
