| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jul 2007 14:19:23 +1000 From: Nick Piggin <nickpiggin@...oo.com.au> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: Satyam Sharma <ssatyam@....iitk.ac.in>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, David Howells <dhowells@...hat.com>, Andi Kleen <ak@...e.de>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH 4/8] i386: bitops: Kill volatile-casting of memory addresses Linus Torvalds wrote: > > On Mon, 23 Jul 2007, Satyam Sharma wrote: > > >>[4/8] i386: bitops: Kill volatile-casting of memory addresses > > > This is wrong. > > The "const volatile" is so that you can pass an arbitrary pointer. The > only kind of abritraty pointer is "const volatile". > > In other words, the "volatile" has nothing at all to do with whether the > memory is volatile or not (the same way "const" has nothing to do with it: > it's purely a C type *safety* issue, exactly the same way "const" is a > type safety issue. > > A "const" on a pointer doesn't mean that the thing it points to cannot > change. When you pass a source pointer to "strlen()", it doesn't have to > be constant. But "strlen()" takes a "const" pointer, because it work son > constant pointers *too*. > > Same deal here. > > Admittedly this may be mostly historic, but regardless - the "volatiles" > are right. > > Using volatile on *data* is generally considered incorrect and bad taste, > but using it in situations like this potentially makes sense. > > Of course, if we remove all "volatiles" in data in the kernel (with the > possible exception of "jiffies"), we can then remove them from function > declarations too, but it should be done in that order. Well, regardless, it still forces the function to treat the pointer target as volatile, won't it? It definitely prevents valid optimisations that would be useful for me in mm/page_alloc.c where page flags are being set up or torn down or checked with non-atomic bitops. OK, not the i386 functions as much because they are all in asm anwyay, but in general (btw. why does i386 or any architecture define their own non-atomic bitops? If the version in asm-generic/bitops/non-atomic.h is not good enough then surely it is a bug in gcc or that file?) Anyway by type safety, do you mean it will stop the compiler from warning if a pointer to a volatile is passed to the bitop? If so, then why don't we just kill all the volatiles out of here and fix any warnings that comeup? I doubt there would be many, and of those, some might show up real synchronisation problems. -- SUSE Labs, Novell Inc. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists