| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Aug 2007 14:34:25 +1000 From: Paul Mackerras <paulus@...ba.org> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: Christoph Lameter <clameter@....com>, Satyam Sharma <satyam@...radead.org>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>, Stefan Richter <stefanr@...6.in-berlin.de>, Chris Snook <csnook@...hat.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-arch@...r.kernel.org, Linus Torvalds <torvalds@...ux-foundation.org>, netdev@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, ak@...e.de, heiko.carstens@...ibm.com, davem@...emloft.net, schwidefsky@...ibm.com, wensong@...ux-vs.org, horms@...ge.net.au, wjiang@...ilience.com, cfriesen@...tel.com, zlynx@....org, rpjday@...dspring.com, jesper.juhl@...il.com, segher@...nel.crashing.org Subject: Re: [PATCH 0/24] make atomic_read() behave consistently across all architectures Herbert Xu writes: > > You mean it's intended that *sk->sk_prot->memory_pressure can end up > > as 1 when sk->sk_prot->memory_allocated is small (less than > > ->sysctl_mem[0]), or as 0 when ->memory_allocated is large (greater > > than ->sysctl_mem[2])? Because that's the effect of the current code. > > If so I wonder why you bother computing it. > > You need to remember that there are three different limits: > minimum, pressure, and maximum. By default we should never > be in a situation where what you say can occur. > > If you set all three limits to the same thing, then yes it > won't work as intended but it's still well-behaved. I'm not talking about setting all three limits to the same thing. I'm talking about this situation: CPU 0 comes into __sk_stream_mem_reclaim, reads memory_allocated, but then before it can do the store to *memory_pressure, CPUs 1-1023 all go through sk_stream_mem_schedule, collectively increase memory_allocated to more than sysctl_mem[2] and set *memory_pressure. Finally CPU 0 gets to do its store and it sets *memory_pressure back to 0, but by this stage memory_allocated is way larger than sysctl_mem[2]. Yes, it's unlikely, but that is the nature of race conditions - they are unlikely, and only show up at inconvenient times, never when someone who could fix the bug is watching. :) Similarly it would be possible for other CPUs to decrease memory_allocated from greater than sysctl_mem[2] to less than sysctl_mem[0] in the interval between when we read memory_allocated and set *memory_pressure to 1. And it's quite possible for their setting of *memory_pressure to 0 to happen before our setting of it to 1, so that it ends up at 1 when it should be 0. Now, maybe it's the case that it doesn't really matter whether *->memory_pressure is 0 or 1. But if so, why bother computing it at all? People seem to think that using atomic_t means they don't need to use a spinlock. That's fine if there is only one variable involved, but as soon as there's more than one, there's the possibility of a race, whether or not you use atomic_t, and whether or not atomic_read has "volatile" behaviour. Paul. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists