1/* SPDX-License-Identifier: GPL-2.0+ */
2/*
3 * Read-Copy Update mechanism for mutual exclusion
4 *
5 * Copyright IBM Corporation, 2001
6 *
7 * Author: Dipankar Sarma <dipankar@in.ibm.com>
8 *
9 * Based on the original work by Paul McKenney <paulmck@vnet.ibm.com>
10 * and inputs from Rusty Russell, Andrea Arcangeli and Andi Kleen.
11 * Papers:
12 * http://www.rdrop.com/users/paulmck/paper/rclockpdcsproof.pdf
13 * http://lse.sourceforge.net/locking/rclock_OLS.2001.05.01c.sc.pdf (OLS2001)
14 *
15 * For detailed explanation of Read-Copy Update mechanism see -
16 *		http://lse.sourceforge.net/locking/rcupdate.html
17 *
18 */
19
20#ifndef __LINUX_RCUPDATE_H
21#define __LINUX_RCUPDATE_H
22
23#include <linux/types.h>
24#include <linux/compiler.h>
25#include <linux/atomic.h>
26#include <linux/irqflags.h>
27#include <linux/preempt.h>
28#include <linux/bottom_half.h>
29#include <linux/lockdep.h>
30#include <linux/cleanup.h>
31#include <asm/processor.h>
32#include <linux/cpumask.h>
33#include <linux/context_tracking_irq.h>
34
35#define ULONG_CMP_GE(a, b)	(ULONG_MAX / 2 >= (a) - (b))
36#define ULONG_CMP_LT(a, b)	(ULONG_MAX / 2 < (a) - (b))
37
38/* Exported common interfaces */
39void call_rcu(struct rcu_head *head, rcu_callback_t func);
40void rcu_barrier_tasks(void);
41void rcu_barrier_tasks_rude(void);
42void synchronize_rcu(void);
43
44struct rcu_gp_oldstate;
45unsigned long get_completed_synchronize_rcu(void);
46void get_completed_synchronize_rcu_full(struct rcu_gp_oldstate *rgosp);
47
48// Maximum number of unsigned long values corresponding to
49// not-yet-completed RCU grace periods.
50#define NUM_ACTIVE_RCU_POLL_OLDSTATE 2
51
52/**
53 * same_state_synchronize_rcu - Are two old-state values identical?
54 * @oldstate1: First old-state value.
55 * @oldstate2: Second old-state value.
56 *
57 * The two old-state values must have been obtained from either
58 * get_state_synchronize_rcu(), start_poll_synchronize_rcu(), or
59 * get_completed_synchronize_rcu().  Returns @true if the two values are
60 * identical and @false otherwise.  This allows structures whose lifetimes
61 * are tracked by old-state values to push these values to a list header,
62 * allowing those structures to be slightly smaller.
63 */
64static inline bool same_state_synchronize_rcu(unsigned long oldstate1, unsigned long oldstate2)
65{
66	return oldstate1 == oldstate2;
67}
68
69#ifdef CONFIG_PREEMPT_RCU
70
71void __rcu_read_lock(void);
72void __rcu_read_unlock(void);
73
74/*
75 * Defined as a macro as it is a very low level header included from
76 * areas that don't even know about current.  This gives the rcu_read_lock()
77 * nesting depth, but makes sense only if CONFIG_PREEMPT_RCU -- in other
78 * types of kernel builds, the rcu_read_lock() nesting depth is unknowable.
79 */
80#define rcu_preempt_depth() READ_ONCE(current->rcu_read_lock_nesting)
81
82#else /* #ifdef CONFIG_PREEMPT_RCU */
83
84#ifdef CONFIG_TINY_RCU
85#define rcu_read_unlock_strict() do { } while (0)
86#else
87void rcu_read_unlock_strict(void);
88#endif
89
90static inline void __rcu_read_lock(void)
91{
92	preempt_disable();
93}
94
95static inline void __rcu_read_unlock(void)
96{
97	preempt_enable();
98	if (IS_ENABLED(CONFIG_RCU_STRICT_GRACE_PERIOD))
99		rcu_read_unlock_strict();
100}
101
102static inline int rcu_preempt_depth(void)
103{
104	return 0;
105}
106
107#endif /* #else #ifdef CONFIG_PREEMPT_RCU */
108
109#ifdef CONFIG_RCU_LAZY
110void call_rcu_hurry(struct rcu_head *head, rcu_callback_t func);
111#else
112static inline void call_rcu_hurry(struct rcu_head *head, rcu_callback_t func)
113{
114	call_rcu(head, func);
115}
116#endif
117
118/* Internal to kernel */
119void rcu_init(void);
120extern int rcu_scheduler_active;
121void rcu_sched_clock_irq(int user);
122
123#ifdef CONFIG_TASKS_RCU_GENERIC
124void rcu_init_tasks_generic(void);
125#else
126static inline void rcu_init_tasks_generic(void) { }
127#endif
128
129#ifdef CONFIG_RCU_STALL_COMMON
130void rcu_sysrq_start(void);
131void rcu_sysrq_end(void);
132#else /* #ifdef CONFIG_RCU_STALL_COMMON */
133static inline void rcu_sysrq_start(void) { }
134static inline void rcu_sysrq_end(void) { }
135#endif /* #else #ifdef CONFIG_RCU_STALL_COMMON */
136
137#if defined(CONFIG_NO_HZ_FULL) && (!defined(CONFIG_GENERIC_ENTRY) || !defined(CONFIG_KVM_XFER_TO_GUEST_WORK))
138void rcu_irq_work_resched(void);
139#else
140static inline void rcu_irq_work_resched(void) { }
141#endif
142
143#ifdef CONFIG_RCU_NOCB_CPU
144void rcu_init_nohz(void);
145int rcu_nocb_cpu_offload(int cpu);
146int rcu_nocb_cpu_deoffload(int cpu);
147void rcu_nocb_flush_deferred_wakeup(void);
148#else /* #ifdef CONFIG_RCU_NOCB_CPU */
149static inline void rcu_init_nohz(void) { }
150static inline int rcu_nocb_cpu_offload(int cpu) { return -EINVAL; }
151static inline int rcu_nocb_cpu_deoffload(int cpu) { return 0; }
152static inline void rcu_nocb_flush_deferred_wakeup(void) { }
153#endif /* #else #ifdef CONFIG_RCU_NOCB_CPU */
154
155/*
156 * Note a quasi-voluntary context switch for RCU-tasks's benefit.
157 * This is a macro rather than an inline function to avoid #include hell.
158 */
159#ifdef CONFIG_TASKS_RCU_GENERIC
160
161# ifdef CONFIG_TASKS_RCU
162# define rcu_tasks_classic_qs(t, preempt)				\
163	do {								\
164		if (!(preempt) && READ_ONCE((t)->rcu_tasks_holdout))	\
165			WRITE_ONCE((t)->rcu_tasks_holdout, false);	\
166	} while (0)
167void call_rcu_tasks(struct rcu_head *head, rcu_callback_t func);
168void synchronize_rcu_tasks(void);
169# else
170# define rcu_tasks_classic_qs(t, preempt) do { } while (0)
171# define call_rcu_tasks call_rcu
172# define synchronize_rcu_tasks synchronize_rcu
173# endif
174
175# ifdef CONFIG_TASKS_TRACE_RCU
176// Bits for ->trc_reader_special.b.need_qs field.
177#define TRC_NEED_QS		0x1  // Task needs a quiescent state.
178#define TRC_NEED_QS_CHECKED	0x2  // Task has been checked for needing quiescent state.
179
180u8 rcu_trc_cmpxchg_need_qs(struct task_struct *t, u8 old, u8 new);
181void rcu_tasks_trace_qs_blkd(struct task_struct *t);
182
183# define rcu_tasks_trace_qs(t)							\
184	do {									\
185		int ___rttq_nesting = READ_ONCE((t)->trc_reader_nesting);	\
186										\
187		if (unlikely(READ_ONCE((t)->trc_reader_special.b.need_qs) == TRC_NEED_QS) &&	\
188		    likely(!___rttq_nesting)) {					\
189			rcu_trc_cmpxchg_need_qs((t), TRC_NEED_QS, TRC_NEED_QS_CHECKED);	\
190		} else if (___rttq_nesting && ___rttq_nesting != INT_MIN &&	\
191			   !READ_ONCE((t)->trc_reader_special.b.blocked)) {	\
192			rcu_tasks_trace_qs_blkd(t);				\
193		}								\
194	} while (0)
195# else
196# define rcu_tasks_trace_qs(t) do { } while (0)
197# endif
198
199#define rcu_tasks_qs(t, preempt)					\
200do {									\
201	rcu_tasks_classic_qs((t), (preempt));				\
202	rcu_tasks_trace_qs(t);						\
203} while (0)
204
205# ifdef CONFIG_TASKS_RUDE_RCU
206void call_rcu_tasks_rude(struct rcu_head *head, rcu_callback_t func);
207void synchronize_rcu_tasks_rude(void);
208# endif
209
210#define rcu_note_voluntary_context_switch(t) rcu_tasks_qs(t, false)
211void exit_tasks_rcu_start(void);
212void exit_tasks_rcu_stop(void);
213void exit_tasks_rcu_finish(void);
214#else /* #ifdef CONFIG_TASKS_RCU_GENERIC */
215#define rcu_tasks_classic_qs(t, preempt) do { } while (0)
216#define rcu_tasks_qs(t, preempt) do { } while (0)
217#define rcu_note_voluntary_context_switch(t) do { } while (0)
218#define call_rcu_tasks call_rcu
219#define synchronize_rcu_tasks synchronize_rcu
220static inline void exit_tasks_rcu_start(void) { }
221static inline void exit_tasks_rcu_stop(void) { }
222static inline void exit_tasks_rcu_finish(void) { }
223#endif /* #else #ifdef CONFIG_TASKS_RCU_GENERIC */
224
225/**
226 * rcu_trace_implies_rcu_gp - does an RCU Tasks Trace grace period imply an RCU grace period?
227 *
228 * As an accident of implementation, an RCU Tasks Trace grace period also
229 * acts as an RCU grace period.  However, this could change at any time.
230 * Code relying on this accident must call this function to verify that
231 * this accident is still happening.
232 *
233 * You have been warned!
234 */
235static inline bool rcu_trace_implies_rcu_gp(void) { return true; }
236
237/**
238 * cond_resched_tasks_rcu_qs - Report potential quiescent states to RCU
239 *
240 * This macro resembles cond_resched(), except that it is defined to
241 * report potential quiescent states to RCU-tasks even if the cond_resched()
242 * machinery were to be shut off, as some advocate for PREEMPTION kernels.
243 */
244#define cond_resched_tasks_rcu_qs() \
245do { \
246	rcu_tasks_qs(current, false); \
247	cond_resched(); \
248} while (0)
249
250/**
251 * rcu_softirq_qs_periodic - Report RCU and RCU-Tasks quiescent states
252 * @old_ts: jiffies at start of processing.
253 *
254 * This helper is for long-running softirq handlers, such as NAPI threads in
255 * networking. The caller should initialize the variable passed in as @old_ts
256 * at the beginning of the softirq handler. When invoked frequently, this macro
257 * will invoke rcu_softirq_qs() every 100 milliseconds thereafter, which will
258 * provide both RCU and RCU-Tasks quiescent states. Note that this macro
259 * modifies its old_ts argument.
260 *
261 * Because regions of code that have disabled softirq act as RCU read-side
262 * critical sections, this macro should be invoked with softirq (and
263 * preemption) enabled.
264 *
265 * The macro is not needed when CONFIG_PREEMPT_RT is defined. RT kernels would
266 * have more chance to invoke schedule() calls and provide necessary quiescent
267 * states. As a contrast, calling cond_resched() only won't achieve the same
268 * effect because cond_resched() does not provide RCU-Tasks quiescent states.
269 */
270#define rcu_softirq_qs_periodic(old_ts) \
271do { \
272	if (!IS_ENABLED(CONFIG_PREEMPT_RT) && \
273	    time_after(jiffies, (old_ts) + HZ / 10)) { \
274		preempt_disable(); \
275		rcu_softirq_qs(); \
276		preempt_enable(); \
277		(old_ts) = jiffies; \
278	} \
279} while (0)
280
281/*
282 * Infrastructure to implement the synchronize_() primitives in
283 * TREE_RCU and rcu_barrier_() primitives in TINY_RCU.
284 */
285
286#if defined(CONFIG_TREE_RCU)
287#include <linux/rcutree.h>
288#elif defined(CONFIG_TINY_RCU)
289#include <linux/rcutiny.h>
290#else
291#error "Unknown RCU implementation specified to kernel configuration"
292#endif
293
294/*
295 * The init_rcu_head_on_stack() and destroy_rcu_head_on_stack() calls
296 * are needed for dynamic initialization and destruction of rcu_head
297 * on the stack, and init_rcu_head()/destroy_rcu_head() are needed for
298 * dynamic initialization and destruction of statically allocated rcu_head
299 * structures.  However, rcu_head structures allocated dynamically in the
300 * heap don't need any initialization.
301 */
302#ifdef CONFIG_DEBUG_OBJECTS_RCU_HEAD
303void init_rcu_head(struct rcu_head *head);
304void destroy_rcu_head(struct rcu_head *head);
305void init_rcu_head_on_stack(struct rcu_head *head);
306void destroy_rcu_head_on_stack(struct rcu_head *head);
307#else /* !CONFIG_DEBUG_OBJECTS_RCU_HEAD */
308static inline void init_rcu_head(struct rcu_head *head) { }
309static inline void destroy_rcu_head(struct rcu_head *head) { }
310static inline void init_rcu_head_on_stack(struct rcu_head *head) { }
311static inline void destroy_rcu_head_on_stack(struct rcu_head *head) { }
312#endif	/* #else !CONFIG_DEBUG_OBJECTS_RCU_HEAD */
313
314#if defined(CONFIG_HOTPLUG_CPU) && defined(CONFIG_PROVE_RCU)
315bool rcu_lockdep_current_cpu_online(void);
316#else /* #if defined(CONFIG_HOTPLUG_CPU) && defined(CONFIG_PROVE_RCU) */
317static inline bool rcu_lockdep_current_cpu_online(void) { return true; }
318#endif /* #else #if defined(CONFIG_HOTPLUG_CPU) && defined(CONFIG_PROVE_RCU) */
319
320extern struct lockdep_map rcu_lock_map;
321extern struct lockdep_map rcu_bh_lock_map;
322extern struct lockdep_map rcu_sched_lock_map;
323extern struct lockdep_map rcu_callback_map;
324
325#ifdef CONFIG_DEBUG_LOCK_ALLOC
326
327static inline void rcu_lock_acquire(struct lockdep_map *map)
328{
329	lock_acquire(map, 0, 0, 2, 0, NULL, _THIS_IP_);
330}
331
332static inline void rcu_try_lock_acquire(struct lockdep_map *map)
333{
334	lock_acquire(map, 0, 1, 2, 0, NULL, _THIS_IP_);
335}
336
337static inline void rcu_lock_release(struct lockdep_map *map)
338{
339	lock_release(map, _THIS_IP_);
340}
341
342int debug_lockdep_rcu_enabled(void);
343int rcu_read_lock_held(void);
344int rcu_read_lock_bh_held(void);
345int rcu_read_lock_sched_held(void);
346int rcu_read_lock_any_held(void);
347
348#else /* #ifdef CONFIG_DEBUG_LOCK_ALLOC */
349
350# define rcu_lock_acquire(a)		do { } while (0)
351# define rcu_try_lock_acquire(a)	do { } while (0)
352# define rcu_lock_release(a)		do { } while (0)
353
354static inline int rcu_read_lock_held(void)
355{
356	return 1;
357}
358
359static inline int rcu_read_lock_bh_held(void)
360{
361	return 1;
362}
363
364static inline int rcu_read_lock_sched_held(void)
365{
366	return !preemptible();
367}
368
369static inline int rcu_read_lock_any_held(void)
370{
371	return !preemptible();
372}
373
374static inline int debug_lockdep_rcu_enabled(void)
375{
376	return 0;
377}
378
379#endif /* #else #ifdef CONFIG_DEBUG_LOCK_ALLOC */
380
381#ifdef CONFIG_PROVE_RCU
382
383/**
384 * RCU_LOCKDEP_WARN - emit lockdep splat if specified condition is met
385 * @c: condition to check
386 * @s: informative message
387 *
388 * This checks debug_lockdep_rcu_enabled() before checking (c) to
389 * prevent early boot splats due to lockdep not yet being initialized,
390 * and rechecks it after checking (c) to prevent false-positive splats
391 * due to races with lockdep being disabled.  See commit 3066820034b5dd
392 * ("rcu: Reject RCU_LOCKDEP_WARN() false positives") for more detail.
393 */
394#define RCU_LOCKDEP_WARN(c, s)						\
395	do {								\
396		static bool __section(".data.unlikely") __warned;	\
397		if (debug_lockdep_rcu_enabled() && (c) &&		\
398		    debug_lockdep_rcu_enabled() && !__warned) {		\
399			__warned = true;				\
400			lockdep_rcu_suspicious(__FILE__, __LINE__, s);	\
401		}							\
402	} while (0)
403
404#if defined(CONFIG_PROVE_RCU) && !defined(CONFIG_PREEMPT_RCU)
405static inline void rcu_preempt_sleep_check(void)
406{
407	RCU_LOCKDEP_WARN(lock_is_held(&rcu_lock_map),
408			 "Illegal context switch in RCU read-side critical section");
409}
410#else /* #ifdef CONFIG_PROVE_RCU */
411static inline void rcu_preempt_sleep_check(void) { }
412#endif /* #else #ifdef CONFIG_PROVE_RCU */
413
414#define rcu_sleep_check()						\
415	do {								\
416		rcu_preempt_sleep_check();				\
417		if (!IS_ENABLED(CONFIG_PREEMPT_RT))			\
418		    RCU_LOCKDEP_WARN(lock_is_held(&rcu_bh_lock_map),	\
419				 "Illegal context switch in RCU-bh read-side critical section"); \
420		RCU_LOCKDEP_WARN(lock_is_held(&rcu_sched_lock_map),	\
421				 "Illegal context switch in RCU-sched read-side critical section"); \
422	} while (0)
423
424#else /* #ifdef CONFIG_PROVE_RCU */
425
426#define RCU_LOCKDEP_WARN(c, s) do { } while (0 && (c))
427#define rcu_sleep_check() do { } while (0)
428
429#endif /* #else #ifdef CONFIG_PROVE_RCU */
430
431/*
432 * Helper functions for rcu_dereference_check(), rcu_dereference_protected()
433 * and rcu_assign_pointer().  Some of these could be folded into their
434 * callers, but they are left separate in order to ease introduction of
435 * multiple pointers markings to match different RCU implementations
436 * (e.g., __srcu), should this make sense in the future.
437 */
438
439#ifdef __CHECKER__
440#define rcu_check_sparse(p, space) \
441	((void)(((typeof(*p) space *)p) == p))
442#else /* #ifdef __CHECKER__ */
443#define rcu_check_sparse(p, space)
444#endif /* #else #ifdef __CHECKER__ */
445
446#define __unrcu_pointer(p, local)					\
447({									\
448	typeof(*p) *local = (typeof(*p) *__force)(p);			\
449	rcu_check_sparse(p, __rcu);					\
450	((typeof(*p) __force __kernel *)(local)); 			\
451})
452/**
453 * unrcu_pointer - mark a pointer as not being RCU protected
454 * @p: pointer needing to lose its __rcu property
455 *
456 * Converts @p from an __rcu pointer to a __kernel pointer.
457 * This allows an __rcu pointer to be used with xchg() and friends.
458 */
459#define unrcu_pointer(p) __unrcu_pointer(p, __UNIQUE_ID(rcu))
460
461#define __rcu_access_pointer(p, local, space) \
462({ \
463	typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \
464	rcu_check_sparse(p, space); \
465	((typeof(*p) __force __kernel *)(local)); \
466})
467#define __rcu_dereference_check(p, local, c, space) \
468({ \
469	/* Dependency order vs. p above. */ \
470	typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \
471	RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_check() usage"); \
472	rcu_check_sparse(p, space); \
473	((typeof(*p) __force __kernel *)(local)); \
474})
475#define __rcu_dereference_protected(p, local, c, space) \
476({ \
477	RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
478	rcu_check_sparse(p, space); \
479	((typeof(*p) __force __kernel *)(p)); \
480})
481#define __rcu_dereference_raw(p, local) \
482({ \
483	/* Dependency order vs. p above. */ \
484	typeof(p) local = READ_ONCE(p); \
485	((typeof(*p) __force __kernel *)(local)); \
486})
487#define rcu_dereference_raw(p) __rcu_dereference_raw(p, __UNIQUE_ID(rcu))
488
489/**
490 * RCU_INITIALIZER() - statically initialize an RCU-protected global variable
491 * @v: The value to statically initialize with.
492 */
493#define RCU_INITIALIZER(v) (typeof(*(v)) __force __rcu *)(v)
494
495/**
496 * rcu_assign_pointer() - assign to RCU-protected pointer
497 * @p: pointer to assign to
498 * @v: value to assign (publish)
499 *
500 * Assigns the specified value to the specified RCU-protected
501 * pointer, ensuring that any concurrent RCU readers will see
502 * any prior initialization.
503 *
504 * Inserts memory barriers on architectures that require them
505 * (which is most of them), and also prevents the compiler from
506 * reordering the code that initializes the structure after the pointer
507 * assignment.  More importantly, this call documents which pointers
508 * will be dereferenced by RCU read-side code.
509 *
510 * In some special cases, you may use RCU_INIT_POINTER() instead
511 * of rcu_assign_pointer().  RCU_INIT_POINTER() is a bit faster due
512 * to the fact that it does not constrain either the CPU or the compiler.
513 * That said, using RCU_INIT_POINTER() when you should have used
514 * rcu_assign_pointer() is a very bad thing that results in
515 * impossible-to-diagnose memory corruption.  So please be careful.
516 * See the RCU_INIT_POINTER() comment header for details.
517 *
518 * Note that rcu_assign_pointer() evaluates each of its arguments only
519 * once, appearances notwithstanding.  One of the "extra" evaluations
520 * is in typeof() and the other visible only to sparse (__CHECKER__),
521 * neither of which actually execute the argument.  As with most cpp
522 * macros, this execute-arguments-only-once property is important, so
523 * please be careful when making changes to rcu_assign_pointer() and the
524 * other macros that it invokes.
525 */
526#define rcu_assign_pointer(p, v)					      \
527do {									      \
528	uintptr_t _r_a_p__v = (uintptr_t)(v);				      \
529	rcu_check_sparse(p, __rcu);					      \
530									      \
531	if (__builtin_constant_p(v) && (_r_a_p__v) == (uintptr_t)NULL)	      \
532		WRITE_ONCE((p), (typeof(p))(_r_a_p__v));		      \
533	else								      \
534		smp_store_release(&p, RCU_INITIALIZER((typeof(p))_r_a_p__v)); \
535} while (0)
536
537/**
538 * rcu_replace_pointer() - replace an RCU pointer, returning its old value
539 * @rcu_ptr: RCU pointer, whose old value is returned
540 * @ptr: regular pointer
541 * @c: the lockdep conditions under which the dereference will take place
542 *
543 * Perform a replacement, where @rcu_ptr is an RCU-annotated
544 * pointer and @c is the lockdep argument that is passed to the
545 * rcu_dereference_protected() call used to read that pointer.  The old
546 * value of @rcu_ptr is returned, and @rcu_ptr is set to @ptr.
547 */
548#define rcu_replace_pointer(rcu_ptr, ptr, c)				\
549({									\
550	typeof(ptr) __tmp = rcu_dereference_protected((rcu_ptr), (c));	\
551	rcu_assign_pointer((rcu_ptr), (ptr));				\
552	__tmp;								\
553})
554
555/**
556 * rcu_access_pointer() - fetch RCU pointer with no dereferencing
557 * @p: The pointer to read
558 *
559 * Return the value of the specified RCU-protected pointer, but omit the
560 * lockdep checks for being in an RCU read-side critical section.  This is
561 * useful when the value of this pointer is accessed, but the pointer is
562 * not dereferenced, for example, when testing an RCU-protected pointer
563 * against NULL.  Although rcu_access_pointer() may also be used in cases
564 * where update-side locks prevent the value of the pointer from changing,
565 * you should instead use rcu_dereference_protected() for this use case.
566 * Within an RCU read-side critical section, there is little reason to
567 * use rcu_access_pointer().
568 *
569 * It is usually best to test the rcu_access_pointer() return value
570 * directly in order to avoid accidental dereferences being introduced
571 * by later inattentive changes.  In other words, assigning the
572 * rcu_access_pointer() return value to a local variable results in an
573 * accident waiting to happen.
574 *
575 * It is also permissible to use rcu_access_pointer() when read-side
576 * access to the pointer was removed at least one grace period ago, as is
577 * the case in the context of the RCU callback that is freeing up the data,
578 * or after a synchronize_rcu() returns.  This can be useful when tearing
579 * down multi-linked structures after a grace period has elapsed.  However,
580 * rcu_dereference_protected() is normally preferred for this use case.
581 */
582#define rcu_access_pointer(p) __rcu_access_pointer((p), __UNIQUE_ID(rcu), __rcu)
583
584/**
585 * rcu_dereference_check() - rcu_dereference with debug checking
586 * @p: The pointer to read, prior to dereferencing
587 * @c: The conditions under which the dereference will take place
588 *
589 * Do an rcu_dereference(), but check that the conditions under which the
590 * dereference will take place are correct.  Typically the conditions
591 * indicate the various locking conditions that should be held at that
592 * point.  The check should return true if the conditions are satisfied.
593 * An implicit check for being in an RCU read-side critical section
594 * (rcu_read_lock()) is included.
595 *
596 * For example:
597 *
598 *	bar = rcu_dereference_check(foo->bar, lockdep_is_held(&foo->lock));
599 *
600 * could be used to indicate to lockdep that foo->bar may only be dereferenced
601 * if either rcu_read_lock() is held, or that the lock required to replace
602 * the bar struct at foo->bar is held.
603 *
604 * Note that the list of conditions may also include indications of when a lock
605 * need not be held, for example during initialisation or destruction of the
606 * target struct:
607 *
608 *	bar = rcu_dereference_check(foo->bar, lockdep_is_held(&foo->lock) ||
609 *					      atomic_read(&foo->usage) == 0);
610 *
611 * Inserts memory barriers on architectures that require them
612 * (currently only the Alpha), prevents the compiler from refetching
613 * (and from merging fetches), and, more importantly, documents exactly
614 * which pointers are protected by RCU and checks that the pointer is
615 * annotated as __rcu.
616 */
617#define rcu_dereference_check(p, c) \
618	__rcu_dereference_check((p), __UNIQUE_ID(rcu), \
619				(c) || rcu_read_lock_held(), __rcu)
620
621/**
622 * rcu_dereference_bh_check() - rcu_dereference_bh with debug checking
623 * @p: The pointer to read, prior to dereferencing
624 * @c: The conditions under which the dereference will take place
625 *
626 * This is the RCU-bh counterpart to rcu_dereference_check().  However,
627 * please note that starting in v5.0 kernels, vanilla RCU grace periods
628 * wait for local_bh_disable() regions of code in addition to regions of
629 * code demarked by rcu_read_lock() and rcu_read_unlock().  This means
630 * that synchronize_rcu(), call_rcu, and friends all take not only
631 * rcu_read_lock() but also rcu_read_lock_bh() into account.
632 */
633#define rcu_dereference_bh_check(p, c) \
634	__rcu_dereference_check((p), __UNIQUE_ID(rcu), \
635				(c) || rcu_read_lock_bh_held(), __rcu)
636
637/**
638 * rcu_dereference_sched_check() - rcu_dereference_sched with debug checking
639 * @p: The pointer to read, prior to dereferencing
640 * @c: The conditions under which the dereference will take place
641 *
642 * This is the RCU-sched counterpart to rcu_dereference_check().
643 * However, please note that starting in v5.0 kernels, vanilla RCU grace
644 * periods wait for preempt_disable() regions of code in addition to
645 * regions of code demarked by rcu_read_lock() and rcu_read_unlock().
646 * This means that synchronize_rcu(), call_rcu, and friends all take not
647 * only rcu_read_lock() but also rcu_read_lock_sched() into account.
648 */
649#define rcu_dereference_sched_check(p, c) \
650	__rcu_dereference_check((p), __UNIQUE_ID(rcu), \
651				(c) || rcu_read_lock_sched_held(), \
652				__rcu)
653
654/*
655 * The tracing infrastructure traces RCU (we want that), but unfortunately
656 * some of the RCU checks causes tracing to lock up the system.
657 *
658 * The no-tracing version of rcu_dereference_raw() must not call
659 * rcu_read_lock_held().
660 */
661#define rcu_dereference_raw_check(p) \
662	__rcu_dereference_check((p), __UNIQUE_ID(rcu), 1, __rcu)
663
664/**
665 * rcu_dereference_protected() - fetch RCU pointer when updates prevented
666 * @p: The pointer to read, prior to dereferencing
667 * @c: The conditions under which the dereference will take place
668 *
669 * Return the value of the specified RCU-protected pointer, but omit
670 * the READ_ONCE().  This is useful in cases where update-side locks
671 * prevent the value of the pointer from changing.  Please note that this
672 * primitive does *not* prevent the compiler from repeating this reference
673 * or combining it with other references, so it should not be used without
674 * protection of appropriate locks.
675 *
676 * This function is only for update-side use.  Using this function
677 * when protected only by rcu_read_lock() will result in infrequent
678 * but very ugly failures.
679 */
680#define rcu_dereference_protected(p, c) \
681	__rcu_dereference_protected((p), __UNIQUE_ID(rcu), (c), __rcu)
682
683
684/**
685 * rcu_dereference() - fetch RCU-protected pointer for dereferencing
686 * @p: The pointer to read, prior to dereferencing
687 *
688 * This is a simple wrapper around rcu_dereference_check().
689 */
690#define rcu_dereference(p) rcu_dereference_check(p, 0)
691
692/**
693 * rcu_dereference_bh() - fetch an RCU-bh-protected pointer for dereferencing
694 * @p: The pointer to read, prior to dereferencing
695 *
696 * Makes rcu_dereference_check() do the dirty work.
697 */
698#define rcu_dereference_bh(p) rcu_dereference_bh_check(p, 0)
699
700/**
701 * rcu_dereference_sched() - fetch RCU-sched-protected pointer for dereferencing
702 * @p: The pointer to read, prior to dereferencing
703 *
704 * Makes rcu_dereference_check() do the dirty work.
705 */
706#define rcu_dereference_sched(p) rcu_dereference_sched_check(p, 0)
707
708/**
709 * rcu_pointer_handoff() - Hand off a pointer from RCU to other mechanism
710 * @p: The pointer to hand off
711 *
712 * This is simply an identity function, but it documents where a pointer
713 * is handed off from RCU to some other synchronization mechanism, for
714 * example, reference counting or locking.  In C11, it would map to
715 * kill_dependency().  It could be used as follows::
716 *
717 *	rcu_read_lock();
718 *	p = rcu_dereference(gp);
719 *	long_lived = is_long_lived(p);
720 *	if (long_lived) {
721 *		if (!atomic_inc_not_zero(p->refcnt))
722 *			long_lived = false;
723 *		else
724 *			p = rcu_pointer_handoff(p);
725 *	}
726 *	rcu_read_unlock();
727 */
728#define rcu_pointer_handoff(p) (p)
729
730/**
731 * rcu_read_lock() - mark the beginning of an RCU read-side critical section
732 *
733 * When synchronize_rcu() is invoked on one CPU while other CPUs
734 * are within RCU read-side critical sections, then the
735 * synchronize_rcu() is guaranteed to block until after all the other
736 * CPUs exit their critical sections.  Similarly, if call_rcu() is invoked
737 * on one CPU while other CPUs are within RCU read-side critical
738 * sections, invocation of the corresponding RCU callback is deferred
739 * until after the all the other CPUs exit their critical sections.
740 *
741 * In v5.0 and later kernels, synchronize_rcu() and call_rcu() also
742 * wait for regions of code with preemption disabled, including regions of
743 * code with interrupts or softirqs disabled.  In pre-v5.0 kernels, which
744 * define synchronize_sched(), only code enclosed within rcu_read_lock()
745 * and rcu_read_unlock() are guaranteed to be waited for.
746 *
747 * Note, however, that RCU callbacks are permitted to run concurrently
748 * with new RCU read-side critical sections.  One way that this can happen
749 * is via the following sequence of events: (1) CPU 0 enters an RCU
750 * read-side critical section, (2) CPU 1 invokes call_rcu() to register
751 * an RCU callback, (3) CPU 0 exits the RCU read-side critical section,
752 * (4) CPU 2 enters a RCU read-side critical section, (5) the RCU
753 * callback is invoked.  This is legal, because the RCU read-side critical
754 * section that was running concurrently with the call_rcu() (and which
755 * therefore might be referencing something that the corresponding RCU
756 * callback would free up) has completed before the corresponding
757 * RCU callback is invoked.
758 *
759 * RCU read-side critical sections may be nested.  Any deferred actions
760 * will be deferred until the outermost RCU read-side critical section
761 * completes.
762 *
763 * You can avoid reading and understanding the next paragraph by
764 * following this rule: don't put anything in an rcu_read_lock() RCU
765 * read-side critical section that would block in a !PREEMPTION kernel.
766 * But if you want the full story, read on!
767 *
768 * In non-preemptible RCU implementations (pure TREE_RCU and TINY_RCU),
769 * it is illegal to block while in an RCU read-side critical section.
770 * In preemptible RCU implementations (PREEMPT_RCU) in CONFIG_PREEMPTION
771 * kernel builds, RCU read-side critical sections may be preempted,
772 * but explicit blocking is illegal.  Finally, in preemptible RCU
773 * implementations in real-time (with -rt patchset) kernel builds, RCU
774 * read-side critical sections may be preempted and they may also block, but
775 * only when acquiring spinlocks that are subject to priority inheritance.
776 */
777static __always_inline void rcu_read_lock(void)
778{
779	__rcu_read_lock();
780	__acquire(RCU);
781	rcu_lock_acquire(&rcu_lock_map);
782	RCU_LOCKDEP_WARN(!rcu_is_watching(),
783			 "rcu_read_lock() used illegally while idle");
784}
785
786/*
787 * So where is rcu_write_lock()?  It does not exist, as there is no
788 * way for writers to lock out RCU readers.  This is a feature, not
789 * a bug -- this property is what provides RCU's performance benefits.
790 * Of course, writers must coordinate with each other.  The normal
791 * spinlock primitives work well for this, but any other technique may be
792 * used as well.  RCU does not care how the writers keep out of each
793 * others' way, as long as they do so.
794 */
795
796/**
797 * rcu_read_unlock() - marks the end of an RCU read-side critical section.
798 *
799 * In almost all situations, rcu_read_unlock() is immune from deadlock.
800 * In recent kernels that have consolidated synchronize_sched() and
801 * synchronize_rcu_bh() into synchronize_rcu(), this deadlock immunity
802 * also extends to the scheduler's runqueue and priority-inheritance
803 * spinlocks, courtesy of the quiescent-state deferral that is carried
804 * out when rcu_read_unlock() is invoked with interrupts disabled.
805 *
806 * See rcu_read_lock() for more information.
807 */
808static inline void rcu_read_unlock(void)
809{
810	RCU_LOCKDEP_WARN(!rcu_is_watching(),
811			 "rcu_read_unlock() used illegally while idle");
812	__release(RCU);
813	__rcu_read_unlock();
814	rcu_lock_release(&rcu_lock_map); /* Keep acq info for rls diags. */
815}
816
817/**
818 * rcu_read_lock_bh() - mark the beginning of an RCU-bh critical section
819 *
820 * This is equivalent to rcu_read_lock(), but also disables softirqs.
821 * Note that anything else that disables softirqs can also serve as an RCU
822 * read-side critical section.  However, please note that this equivalence
823 * applies only to v5.0 and later.  Before v5.0, rcu_read_lock() and
824 * rcu_read_lock_bh() were unrelated.
825 *
826 * Note that rcu_read_lock_bh() and the matching rcu_read_unlock_bh()
827 * must occur in the same context, for example, it is illegal to invoke
828 * rcu_read_unlock_bh() from one task if the matching rcu_read_lock_bh()
829 * was invoked from some other task.
830 */
831static inline void rcu_read_lock_bh(void)
832{
833	local_bh_disable();
834	__acquire(RCU_BH);
835	rcu_lock_acquire(&rcu_bh_lock_map);
836	RCU_LOCKDEP_WARN(!rcu_is_watching(),
837			 "rcu_read_lock_bh() used illegally while idle");
838}
839
840/**
841 * rcu_read_unlock_bh() - marks the end of a softirq-only RCU critical section
842 *
843 * See rcu_read_lock_bh() for more information.
844 */
845static inline void rcu_read_unlock_bh(void)
846{
847	RCU_LOCKDEP_WARN(!rcu_is_watching(),
848			 "rcu_read_unlock_bh() used illegally while idle");
849	rcu_lock_release(&rcu_bh_lock_map);
850	__release(RCU_BH);
851	local_bh_enable();
852}
853
854/**
855 * rcu_read_lock_sched() - mark the beginning of a RCU-sched critical section
856 *
857 * This is equivalent to rcu_read_lock(), but also disables preemption.
858 * Read-side critical sections can also be introduced by anything else that
859 * disables preemption, including local_irq_disable() and friends.  However,
860 * please note that the equivalence to rcu_read_lock() applies only to
861 * v5.0 and later.  Before v5.0, rcu_read_lock() and rcu_read_lock_sched()
862 * were unrelated.
863 *
864 * Note that rcu_read_lock_sched() and the matching rcu_read_unlock_sched()
865 * must occur in the same context, for example, it is illegal to invoke
866 * rcu_read_unlock_sched() from process context if the matching
867 * rcu_read_lock_sched() was invoked from an NMI handler.
868 */
869static inline void rcu_read_lock_sched(void)
870{
871	preempt_disable();
872	__acquire(RCU_SCHED);
873	rcu_lock_acquire(&rcu_sched_lock_map);
874	RCU_LOCKDEP_WARN(!rcu_is_watching(),
875			 "rcu_read_lock_sched() used illegally while idle");
876}
877
878/* Used by lockdep and tracing: cannot be traced, cannot call lockdep. */
879static inline notrace void rcu_read_lock_sched_notrace(void)
880{
881	preempt_disable_notrace();
882	__acquire(RCU_SCHED);
883}
884
885/**
886 * rcu_read_unlock_sched() - marks the end of a RCU-classic critical section
887 *
888 * See rcu_read_lock_sched() for more information.
889 */
890static inline void rcu_read_unlock_sched(void)
891{
892	RCU_LOCKDEP_WARN(!rcu_is_watching(),
893			 "rcu_read_unlock_sched() used illegally while idle");
894	rcu_lock_release(&rcu_sched_lock_map);
895	__release(RCU_SCHED);
896	preempt_enable();
897}
898
899/* Used by lockdep and tracing: cannot be traced, cannot call lockdep. */
900static inline notrace void rcu_read_unlock_sched_notrace(void)
901{
902	__release(RCU_SCHED);
903	preempt_enable_notrace();
904}
905
906/**
907 * RCU_INIT_POINTER() - initialize an RCU protected pointer
908 * @p: The pointer to be initialized.
909 * @v: The value to initialized the pointer to.
910 *
911 * Initialize an RCU-protected pointer in special cases where readers
912 * do not need ordering constraints on the CPU or the compiler.  These
913 * special cases are:
914 *
915 * 1.	This use of RCU_INIT_POINTER() is NULLing out the pointer *or*
916 * 2.	The caller has taken whatever steps are required to prevent
917 *	RCU readers from concurrently accessing this pointer *or*
918 * 3.	The referenced data structure has already been exposed to
919 *	readers either at compile time or via rcu_assign_pointer() *and*
920 *
921 *	a.	You have not made *any* reader-visible changes to
922 *		this structure since then *or*
923 *	b.	It is OK for readers accessing this structure from its
924 *		new location to see the old state of the structure.  (For
925 *		example, the changes were to statistical counters or to
926 *		other state where exact synchronization is not required.)
927 *
928 * Failure to follow these rules governing use of RCU_INIT_POINTER() will
929 * result in impossible-to-diagnose memory corruption.  As in the structures
930 * will look OK in crash dumps, but any concurrent RCU readers might
931 * see pre-initialized values of the referenced data structure.  So
932 * please be very careful how you use RCU_INIT_POINTER()!!!
933 *
934 * If you are creating an RCU-protected linked structure that is accessed
935 * by a single external-to-structure RCU-protected pointer, then you may
936 * use RCU_INIT_POINTER() to initialize the internal RCU-protected
937 * pointers, but you must use rcu_assign_pointer() to initialize the
938 * external-to-structure pointer *after* you have completely initialized
939 * the reader-accessible portions of the linked structure.
940 *
941 * Note that unlike rcu_assign_pointer(), RCU_INIT_POINTER() provides no
942 * ordering guarantees for either the CPU or the compiler.
943 */
944#define RCU_INIT_POINTER(p, v) \
945	do { \
946		rcu_check_sparse(p, __rcu); \
947		WRITE_ONCE(p, RCU_INITIALIZER(v)); \
948	} while (0)
949
950/**
951 * RCU_POINTER_INITIALIZER() - statically initialize an RCU protected pointer
952 * @p: The pointer to be initialized.
953 * @v: The value to initialized the pointer to.
954 *
955 * GCC-style initialization for an RCU-protected pointer in a structure field.
956 */
957#define RCU_POINTER_INITIALIZER(p, v) \
958		.p = RCU_INITIALIZER(v)
959
960/*
961 * Does the specified offset indicate that the corresponding rcu_head
962 * structure can be handled by kvfree_rcu()?
963 */
964#define __is_kvfree_rcu_offset(offset) ((offset) < 4096)
965
966/**
967 * kfree_rcu() - kfree an object after a grace period.
968 * @ptr: pointer to kfree for double-argument invocations.
969 * @rhf: the name of the struct rcu_head within the type of @ptr.
970 *
971 * Many rcu callbacks functions just call kfree() on the base structure.
972 * These functions are trivial, but their size adds up, and furthermore
973 * when they are used in a kernel module, that module must invoke the
974 * high-latency rcu_barrier() function at module-unload time.
975 *
976 * The kfree_rcu() function handles this issue.  Rather than encoding a
977 * function address in the embedded rcu_head structure, kfree_rcu() instead
978 * encodes the offset of the rcu_head structure within the base structure.
979 * Because the functions are not allowed in the low-order 4096 bytes of
980 * kernel virtual memory, offsets up to 4095 bytes can be accommodated.
981 * If the offset is larger than 4095 bytes, a compile-time error will
982 * be generated in kvfree_rcu_arg_2(). If this error is triggered, you can
983 * either fall back to use of call_rcu() or rearrange the structure to
984 * position the rcu_head structure into the first 4096 bytes.
985 *
986 * The object to be freed can be allocated either by kmalloc() or
987 * kmem_cache_alloc().
988 *
989 * Note that the allowable offset might decrease in the future.
990 *
991 * The BUILD_BUG_ON check must not involve any function calls, hence the
992 * checks are done in macros here.
993 */
994#define kfree_rcu(ptr, rhf) kvfree_rcu_arg_2(ptr, rhf)
995#define kvfree_rcu(ptr, rhf) kvfree_rcu_arg_2(ptr, rhf)
996
997/**
998 * kfree_rcu_mightsleep() - kfree an object after a grace period.
999 * @ptr: pointer to kfree for single-argument invocations.
1000 *
1001 * When it comes to head-less variant, only one argument
1002 * is passed and that is just a pointer which has to be
1003 * freed after a grace period. Therefore the semantic is
1004 *
1005 *     kfree_rcu_mightsleep(ptr);
1006 *
1007 * where @ptr is the pointer to be freed by kvfree().
1008 *
1009 * Please note, head-less way of freeing is permitted to
1010 * use from a context that has to follow might_sleep()
1011 * annotation. Otherwise, please switch and embed the
1012 * rcu_head structure within the type of @ptr.
1013 */
1014#define kfree_rcu_mightsleep(ptr) kvfree_rcu_arg_1(ptr)
1015#define kvfree_rcu_mightsleep(ptr) kvfree_rcu_arg_1(ptr)
1016
1017#define kvfree_rcu_arg_2(ptr, rhf)					\
1018do {									\
1019	typeof (ptr) ___p = (ptr);					\
1020									\
1021	if (___p) {									\
1022		BUILD_BUG_ON(!__is_kvfree_rcu_offset(offsetof(typeof(*(ptr)), rhf)));	\
1023		kvfree_call_rcu(&((___p)->rhf), (void *) (___p));			\
1024	}										\
1025} while (0)
1026
1027#define kvfree_rcu_arg_1(ptr)					\
1028do {								\
1029	typeof(ptr) ___p = (ptr);				\
1030								\
1031	if (___p)						\
1032		kvfree_call_rcu(NULL, (void *) (___p));		\
1033} while (0)
1034
1035/*
1036 * Place this after a lock-acquisition primitive to guarantee that
1037 * an UNLOCK+LOCK pair acts as a full barrier.  This guarantee applies
1038 * if the UNLOCK and LOCK are executed by the same CPU or if the
1039 * UNLOCK and LOCK operate on the same lock variable.
1040 */
1041#ifdef CONFIG_ARCH_WEAK_RELEASE_ACQUIRE
1042#define smp_mb__after_unlock_lock()	smp_mb()  /* Full ordering for lock. */
1043#else /* #ifdef CONFIG_ARCH_WEAK_RELEASE_ACQUIRE */
1044#define smp_mb__after_unlock_lock()	do { } while (0)
1045#endif /* #else #ifdef CONFIG_ARCH_WEAK_RELEASE_ACQUIRE */
1046
1047
1048/* Has the specified rcu_head structure been handed to call_rcu()? */
1049
1050/**
1051 * rcu_head_init - Initialize rcu_head for rcu_head_after_call_rcu()
1052 * @rhp: The rcu_head structure to initialize.
1053 *
1054 * If you intend to invoke rcu_head_after_call_rcu() to test whether a
1055 * given rcu_head structure has already been passed to call_rcu(), then
1056 * you must also invoke this rcu_head_init() function on it just after
1057 * allocating that structure.  Calls to this function must not race with
1058 * calls to call_rcu(), rcu_head_after_call_rcu(), or callback invocation.
1059 */
1060static inline void rcu_head_init(struct rcu_head *rhp)
1061{
1062	rhp->func = (rcu_callback_t)~0L;
1063}
1064
1065/**
1066 * rcu_head_after_call_rcu() - Has this rcu_head been passed to call_rcu()?
1067 * @rhp: The rcu_head structure to test.
1068 * @f: The function passed to call_rcu() along with @rhp.
1069 *
1070 * Returns @true if the @rhp has been passed to call_rcu() with @func,
1071 * and @false otherwise.  Emits a warning in any other case, including
1072 * the case where @rhp has already been invoked after a grace period.
1073 * Calls to this function must not race with callback invocation.  One way
1074 * to avoid such races is to enclose the call to rcu_head_after_call_rcu()
1075 * in an RCU read-side critical section that includes a read-side fetch
1076 * of the pointer to the structure containing @rhp.
1077 */
1078static inline bool
1079rcu_head_after_call_rcu(struct rcu_head *rhp, rcu_callback_t f)
1080{
1081	rcu_callback_t func = READ_ONCE(rhp->func);
1082
1083	if (func == f)
1084		return true;
1085	WARN_ON_ONCE(func != (rcu_callback_t)~0L);
1086	return false;
1087}
1088
1089/* kernel/ksysfs.c definitions */
1090extern int rcu_expedited;
1091extern int rcu_normal;
1092
1093DEFINE_LOCK_GUARD_0(rcu, rcu_read_lock(), rcu_read_unlock())
1094
1095#endif /* __LINUX_RCUPDATE_H */
1096