Re: [PATCH 5/5] iommu/iova: Avoid double-negatives in magazine helpers

[John Garry]

On 04/10/2021 12:38, Will Deacon wrote:

Hi Will,

> > To avoid this, stop using double-negatives, like !iova_magazine_full() and
> > !iova_magazine_empty(), and use positive tests, like
> > iova_magazine_has_space() and iova_magazine_has_pfns(), respectively; these
> > can safely deal with cpu_rcache->{loaded, prev} = NULL.
> I don't understand why you're saying that things like !iova_magazine_empty()
> are double-negatives. What about e.g. !list_empty() elsewhre in the kernel?

IMO, a check for an empty magazine is a negative check, as opposed to a 
check for availability.

But I'm not saying that patterns like !list_empty() are a bad practice. 
I'm just saying that they are not NULL safe, and that matters in this 
case as we can potentially pass a NULL pointer.

> The crux of the fix seems to be:
>
> > @@ -783,8 +787,9 @@ static bool __iova_rcache_insert(struct iova_caching_domain *rcached,
> >   		if (new_mag) {
> >   			spin_lock(&rcache->lock);
> >   			if (rcache->depot_size < MAX_GLOBAL_MAGS) {
> > -				rcache->depot[rcache->depot_size++] =
> > -						cpu_rcache->loaded;
> > +				if (cpu_rcache->loaded)
> > +					rcache->depot[rcache->depot_size++] =
> > +							cpu_rcache->loaded;
> Which could be independent of the renaming?

If cpu_rcache->loaded was NULL, then we crash before we reach this code.

Anyway, since I earlier reworked init_iova_rcaches() to properly handle 
failed mem allocations for rcache->cpu_rcaches, I can rework further to 
fail the init for failed mem allocations for cpu_rcaches->loaded, so we 
don't need this change.

Thanks,
John