| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 Jan 2009 03:25:12 +1100 From: Nick Piggin <nickpiggin@...oo.com.au> To: paulmck@...ux.vnet.ibm.com Cc: Alan Cox <alan@...rguk.ukuu.org.uk>, Pavel Machek <pavel@...e.cz>, kernel list <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...l.org>, mtk.manpages@...il.com, rdunlap@...otime.net, linux-doc@...r.kernel.org, segher@...nel.crashing.org, rth@....gnu.org Subject: Re: atomics: document that linux expects certain atomic behaviour from unsigned long On Tuesday 06 January 2009 03:05:01 Paul E. McKenney wrote: > On Mon, Jan 05, 2009 at 11:00:24PM +1100, Nick Piggin wrote: > > On Monday 05 January 2009 22:23:50 Alan Cox wrote: > > > > Pretty much everywhere that uses RCU for example does so using atomic > > > > pointer loads and stores. The nastiest issue IMO actually is > > > > reloading the value through the pointer even if it isn't explicitly > > > > dereferenced. RCU gets this right with ACCESS_ONCE. Probably a lot of > > > > code using basic types does not. x86 atomic_read maybe should be > > > > using ACCESS_ONCE too... > > > > > > I'm pretty sure it should. gcc makes no guarantees about not being > > > clever with accesses. > > > > Arguably it should. I don't know what the concurrent C standard looks > > like, but prohibiting reloads of potentially concurrently modified memory > > when there is no explicit pointer dereference is the natural complement > > to prohibiting stores to potentially concurrently read memory when there > > is no explicit store (which I think is begrudgingly agreed to be a > > problem). > > > > http://lkml.org/lkml/2007/10/24/673 > > > > I think I would like to see multiple reloads to local variables > > prohibited, to avoid potential really subtle problems... But if > > ACCESS_ONCE is here to stay, then I do think that atomic_read etc should > > use it. > > The concurrency stuff in c++0x still permits the compiler to have its > way with loads and stores to normal variables, but provides an "atomic" > type that must be loaded and stored as specified in the program. So: if (trylock()) locked = 1; ... if (locked) *var = blah; ... if (locked) unlock(); So the second part can still be transformed into a predicated calculation of blah, then an unconditional store to *var? > The issue with ACCESS_ONCE() is that gcc doesn't do any optimizations on > volatile accesses, even the obvious ones. Speaking of which, the gcc > guys kicked out my bug 33102, which was complaining about this > situation. :-/ Hmm. It's still quite annoying even to have to switch everything to the atomic type. I guarantee there will be bugs in Linux caused by the compiler reloading pointers/longs/ints to access local variables... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists