lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 29 Jan 2009 09:21:50 -0800 (PST)
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Steven Rostedt <rostedt@...dmis.org>
cc:	Peter Zijlstra <peterz@...radead.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Rusty Russell <rusty@...tcorp.com.au>, npiggin@...e.de,
	Ingo Molnar <mingo@...e.hu>,
	Thomas Gleixner <tglx@...utronix.de>,
	Arjan van de Ven <arjan@...radead.org>,
	jens.axboe@...cle.com
Subject: Re: [PATCH -v2] use per cpu data for single cpu ipi calls



On Thu, 29 Jan 2009, Steven Rostedt wrote:
> 
> The caller must wait till the LOCK bit is cleared before setting
> it. When it is cleared, there is no IPI function using it.
> A spinlock is used to synchronize the setting of the bit between
> callers. Since only one callee can be called at a time, and it
> is the only thing to clear it, the IPI does not need to use
> any locking.

That spinlock cannot be right. It is provably wrong for so many reasons..

Think about it. We're talking about a per-CPU lock, which already makes no 
sense: we're only locking against our own CPU, and we've already disabled 
preemption for totally unrelated reasons.

And the only way locking can make sense against our own CPU is if we lock 
against interrupts - but the lock isn't actually irq-safe, so if you are 
trying to lock against interrupts, you are (a) doing it wrong (you should 
disable interrupts, not use a spinlock) and (b) causing a deadlock if it 
ever happens.

In other words: no way in hell does that make any sense what-so-ever.

Just remove it. As it is, it can only hurt. There's no possible point to 
it.

Now, if people actually do send IPI's from interrupts (and it does happen 
- cross-cpu wakeups etc), then that implies that you do want to then make 
the whole thing irq-safe. But the *spinlock* is pointless.

But to be irq-safe, you now need to protect the _whole_ region against 
interrupts, because otherwise an incoming interrupt will hit while the 
CSD_FLAG_LOCK bit is set, perhaps _before_ the actual IPI has been sent, 
and now nothing will ever clear it. So the interrupt handler that tries to 
send an IPI will now spin forever.

So NAK on this patch. I think the approach is correct, but the 
implementation is buggy.

			Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ