powerpc/tm: Abort syscalls in active transactions
authorSam bobroff <sam.bobroff@au1.ibm.com>
Fri, 12 Jun 2015 01:06:32 +0000 (11:06 +1000)
committerMichael Ellerman <mpe@ellerman.id.au>
Fri, 19 Jun 2015 07:10:28 +0000 (17:10 +1000)
This patch changes the syscall handler to doom (tabort) active
transactions when a syscall is made and return very early without
performing the syscall and keeping side effects to a minimum (no CPU
accounting or system call tracing is performed). Also included is a
new HWCAP2 bit, PPC_FEATURE2_HTM_NOSC, to indicate this
behaviour to userspace.

Currently, the system call instruction automatically suspends an
active transaction which causes side effects to persist when an active
transaction fails.

This does change the kernel's behaviour, but in a way that was
documented as unsupported.  It doesn't reduce functionality as
syscalls will still be performed after tsuspend; it just requires that
the transaction be explicitly suspended.  It also provides a
consistent interface and makes the behaviour of user code
substantially the same across powerpc and platforms that do not
support suspended transactions (e.g. x86 and s390).

Performance measurements using
http://ozlabs.org/~anton/junkcode/null_syscall.c indicate the cost of
a normal (non-aborted) system call increases by about 0.25%.

Signed-off-by: Sam Bobroff <sam.bobroff@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Documentation/powerpc/transactional_memory.txt
arch/powerpc/include/asm/cputable.h
arch/powerpc/include/uapi/asm/cputable.h
arch/powerpc/include/uapi/asm/tm.h
arch/powerpc/kernel/cputable.c
arch/powerpc/kernel/entry_64.S
tools/testing/selftests/powerpc/tm/Makefile
tools/testing/selftests/powerpc/tm/tm-syscall.c

index ded69794a5c09da762db7c4c61cc3d23e619d0fa..ba0a2a4a54ba1ffcb484786381b91f5113a62ad6 100644 (file)
@@ -74,22 +74,23 @@ Causes of transaction aborts
 Syscalls
 ========
 
-Performing syscalls from within transaction is not recommended, and can lead
-to unpredictable results.
+Syscalls made from within an active transaction will not be performed and the
+transaction will be doomed by the kernel with the failure code TM_CAUSE_SYSCALL
+| TM_CAUSE_PERSISTENT.
 
-Syscalls do not by design abort transactions, but beware: The kernel code will
-not be running in transactional state.  The effect of syscalls will always
-remain visible, but depending on the call they may abort your transaction as a
-side-effect, read soon-to-be-aborted transactional data that should not remain
-invisible, etc.  If you constantly retry a transaction that constantly aborts
-itself by calling a syscall, you'll have a livelock & make no progress.
+Syscalls made from within a suspended transaction are performed as normal and
+the transaction is not explicitly doomed by the kernel.  However, what the
+kernel does to perform the syscall may result in the transaction being doomed
+by the hardware.  The syscall is performed in suspended mode so any side
+effects will be persistent, independent of transaction success or failure.  No
+guarantees are provided by the kernel about which syscalls will affect
+transaction success.
 
-Simple syscalls (e.g. sigprocmask()) "could" be OK.  Even things like write()
-from, say, printf() should be OK as long as the kernel does not access any
-memory that was accessed transactionally.
-
-Consider any syscalls that happen to work as debug-only -- not recommended for
-production use.  Best to queue them up till after the transaction is over.
+Care must be taken when relying on syscalls to abort during active transactions
+if the calls are made via a library.  Libraries may cache values (which may
+give the appearance of success) or perform operations that cause transaction
+failure before entering the kernel (which may produce different failure codes).
+Examples are glibc's getpid() and lazy symbol resolution.
 
 
 Signals
@@ -176,8 +177,7 @@ kernel aborted a transaction:
  TM_CAUSE_RESCHED       Thread was rescheduled.
  TM_CAUSE_TLBI          Software TLB invalid.
  TM_CAUSE_FAC_UNAV      FP/VEC/VSX unavailable trap.
- TM_CAUSE_SYSCALL       Currently unused; future syscalls that must abort
-                        transactions for consistency will use this.
+ TM_CAUSE_SYSCALL       Syscall from active transaction.
  TM_CAUSE_SIGNAL        Signal delivered.
  TM_CAUSE_MISC          Currently unused.
  TM_CAUSE_ALIGNMENT     Alignment fault.
index 6367b8347dad9b0bceb3507573450b2e7c672400..4994648b9265d8184cb05d735cc7e3d089c489b0 100644 (file)
@@ -242,11 +242,13 @@ enum {
 
 /* We only set the TM feature if the kernel was compiled with TM supprt */
 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
-#define CPU_FTR_TM_COMP                CPU_FTR_TM
-#define PPC_FEATURE2_HTM_COMP  PPC_FEATURE2_HTM
+#define CPU_FTR_TM_COMP                        CPU_FTR_TM
+#define PPC_FEATURE2_HTM_COMP          PPC_FEATURE2_HTM
+#define PPC_FEATURE2_HTM_NOSC_COMP     PPC_FEATURE2_HTM_NOSC
 #else
-#define CPU_FTR_TM_COMP                0
-#define PPC_FEATURE2_HTM_COMP  0
+#define CPU_FTR_TM_COMP                        0
+#define PPC_FEATURE2_HTM_COMP          0
+#define PPC_FEATURE2_HTM_NOSC_COMP     0
 #endif
 
 /* We need to mark all pages as being coherent if we're SMP or we have a
index de2c0e4ee1aab1c13d0ac60d0d2300849665c48c..43686043e29734b47b183882417e309e617d1039 100644 (file)
@@ -42,5 +42,6 @@
 #define PPC_FEATURE2_ISEL              0x08000000
 #define PPC_FEATURE2_TAR               0x04000000
 #define PPC_FEATURE2_VEC_CRYPTO                0x02000000
+#define PPC_FEATURE2_HTM_NOSC          0x01000000
 
 #endif /* _UAPI__ASM_POWERPC_CPUTABLE_H */
index 5d836b7c1176242ae2c943c0bcc81cf6bcb031cf..5047659815a54ffd69037b245eebd9f6c64a679d 100644 (file)
@@ -11,7 +11,7 @@
 #define TM_CAUSE_RESCHED       0xde
 #define TM_CAUSE_TLBI          0xdc
 #define TM_CAUSE_FAC_UNAV      0xda
-#define TM_CAUSE_SYSCALL       0xd8  /* future use */
+#define TM_CAUSE_SYSCALL       0xd8
 #define TM_CAUSE_MISC          0xd6  /* future use */
 #define TM_CAUSE_SIGNAL                0xd4
 #define TM_CAUSE_ALIGNMENT     0xd2
index 60262fdf35babd4909508b9a4d9a214f215ac03a..7d80bfdfb15eef4fb4abf8390d0724b688e8f6f8 100644 (file)
@@ -108,7 +108,9 @@ extern void __restore_cpu_e6500(void);
                                 PPC_FEATURE_TRUE_LE | \
                                 PPC_FEATURE_PSERIES_PERFMON_COMPAT)
 #define COMMON_USER2_POWER8    (PPC_FEATURE2_ARCH_2_07 | \
-                                PPC_FEATURE2_HTM_COMP | PPC_FEATURE2_DSCR | \
+                                PPC_FEATURE2_HTM_COMP | \
+                                PPC_FEATURE2_HTM_NOSC_COMP | \
+                                PPC_FEATURE2_DSCR | \
                                 PPC_FEATURE2_ISEL | PPC_FEATURE2_TAR | \
                                 PPC_FEATURE2_VEC_CRYPTO)
 #define COMMON_USER_PA6T       (COMMON_USER_PPC64 | PPC_FEATURE_PA6T |\
index 278888e89acc9b8e6adcdc78e17ab35af591b8c2..579e0f9a2d5700dd0cbbc3034f1dce09b2e49e70 100644 (file)
@@ -34,6 +34,7 @@
 #include <asm/ftrace.h>
 #include <asm/hw_irq.h>
 #include <asm/context_tracking.h>
+#include <asm/tm.h>
 
 /*
  * System calls.
@@ -51,6 +52,12 @@ exception_marker:
 
        .globl system_call_common
 system_call_common:
+#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
+BEGIN_FTR_SECTION
+       extrdi. r10, r12, 1, (63-MSR_TS_T_LG) /* transaction active? */
+       bne     tabort_syscall
+END_FTR_SECTION_IFSET(CPU_FTR_TM)
+#endif
        andi.   r10,r12,MSR_PR
        mr      r10,r1
        addi    r1,r1,-INT_FRAME_SIZE
@@ -311,6 +318,34 @@ syscall_exit_work:
        bl      do_syscall_trace_leave
        b       ret_from_except
 
+#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
+tabort_syscall:
+       /* Firstly we need to enable TM in the kernel */
+       mfmsr   r10
+       li      r13, 1
+       rldimi  r10, r13, MSR_TM_LG, 63-MSR_TM_LG
+       mtmsrd  r10, 0
+
+       /* tabort, this dooms the transaction, nothing else */
+       li      r13, (TM_CAUSE_SYSCALL|TM_CAUSE_PERSISTENT)
+       TABORT(R13)
+
+       /*
+        * Return directly to userspace. We have corrupted user register state,
+        * but userspace will never see that register state. Execution will
+        * resume after the tbegin of the aborted transaction with the
+        * checkpointed register state.
+        */
+       li      r13, MSR_RI
+       andc    r10, r10, r13
+       mtmsrd  r10, 1
+       mtspr   SPRN_SRR0, r11
+       mtspr   SPRN_SRR1, r12
+
+       rfid
+       b       .       /* prevent speculative execution */
+#endif
+
 /* Save non-volatile GPRs, if not already saved. */
 _GLOBAL(save_nvgprs)
        ld      r11,_TRAP(r1)
index 6bff955e1d55ac6cccb526f5a00355ac4e904973..4bea62a319dcaf96ee85f58aaa3cf6160d0428d5 100644 (file)
@@ -1,11 +1,11 @@
-TEST_PROGS := tm-resched-dscr
+TEST_PROGS := tm-resched-dscr tm-syscall
 
 all: $(TEST_PROGS)
 
 $(TEST_PROGS): ../harness.c
 
 tm-syscall: tm-syscall-asm.S
-tm-syscall: CFLAGS += -mhtm
+tm-syscall: CFLAGS += -mhtm -I../../../../../usr/include
 
 include ../../lib.mk
 
index 3ed8d4b252fac440b6dd2db56a84a7fcf330fe0c..1276e23da63bbdf91d328472f581e32e8979a0fa 100644 (file)
@@ -82,7 +82,8 @@ int tm_syscall(void)
        unsigned count = 0;
        struct timeval end, now;
 
-       SKIP_IF(!((long)get_auxv_entry(AT_HWCAP2) & PPC_FEATURE2_HTM));
+       SKIP_IF(!((long)get_auxv_entry(AT_HWCAP2)
+                 & PPC_FEATURE2_HTM_NOSC));
        setbuf(stdout, NULL);
 
        printf("Testing transactional syscalls for %d seconds...\n", TEST_DURATION);