| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jul 2007 17:16:38 +1000 From: Nick Piggin <nickpiggin@...oo.com.au> To: Satyam Sharma <ssatyam@....iitk.ac.in> CC: Linus Torvalds <torvalds@...ux-foundation.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, David Howells <dhowells@...hat.com>, Andi Kleen <ak@...e.de>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH 4/8] i386: bitops: Kill volatile-casting of memory addresses Satyam Sharma wrote: > On Tue, 24 Jul 2007, Nick Piggin wrote: > > >>Linus Torvalds wrote: >> >>>Of course, if we remove all "volatiles" in data in the kernel (with the >>>possible exception of "jiffies"), we can then remove them from function >>>declarations too, but it should be done in that order. >> >>Well, regardless, it still forces the function to treat the pointer >>target as volatile, won't it? It definitely prevents valid optimisations >>that would be useful for me in mm/page_alloc.c where page flags are >>being set up or torn down or checked with non-atomic bitops. > > > Yes, and yes. But I think what he meant there is that we'd need to > audit the kernel for all users of set_bit and friends and see if callers > actually pass in any _data_ that _is_ volatile. So we have to kill them > there first, and then in the function declarations here. I think I'll put > that on my long-term todo list, but see below. Yeah that is probably what he meant. >>Anyway by type safety, do you mean it will stop the compiler from >>warning if a pointer to a volatile is passed to the bitop? > > > The compiler would start warning for all those cases (passing in > a pointer to volatile data, when the bitops have lost the volatile > casting from their function declarations), actually. Something like > "passing argument discards qualifiers from pointer type" ... but > considering I didn't see *any* of those warnings after these patches, > I'm confused as to what exactly Linus meant here ... and what exactly > do we need to do "kill the volatiles". Because even with an allyesconfig, your compile isn't testing the entire kernel. So given the relatively minor benefit of removing the volatiles, I suppose we shouldn't risk slipping a bug in. If you can make gcc throw an error in that case it would be a different story. -- SUSE Labs, Novell Inc. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists