| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Feb 2010 19:10:34 +0100 From: Arnd Bergmann <arnd@...db.de> To: paulmck@...ux.vnet.ibm.com Cc: Alexey Dobriyan <adobriyan@...il.com>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com, dipankar@...ibm.com, akpm@...ux-foundation.org, josh@...htriplett.org, dvhltc@...ibm.com, niv@...ibm.com, tglx@...utronix.de, peterz@...radead.org, rostedt@...dmis.org, Valdis.Kletnieks@...edu, dhowells@...hat.com Subject: Re: [PATCH 07/10] module: __rcu annotations On Thursday 25 February 2010, Paul E. McKenney wrote: > > > > The nice thing about this is that we don't end up with the API explosion > > for the RCU list primitives. However, it does require that a given > > rcu_list_head have a single synchronization-design rule for all uses. > > Of course, if there were multiple rules, one could construct a check > > that was simply the union of all the rules, but that would miss some > > types of errors. What would it miss? E.g. having the module code check for (mutex_is_locked(&module_lock) || rcu_read_lock_held) should cover all cases as far as I can tell. > > Of course, if this became a problem, there could be an argument to the > > ->check function that the normal list_for_each_entry_rcu() defaults to > > "no effect". I've also been thinking about adding a list_for_each_entry_norcu() macro that takes an rcu_list_head but then just performs a simple list_for_each_entry(). > > Or is there a better way to handle this? > > One approach would be to use your original sparse-based approach, but > use an rcu_deference_const(ptr,lockdep_condition) for cases when the > value cannot change, for example, when the update-side lock is held. > This should eliminate most of the false positives, in particular, > eliminate the need for otherwise-useless rcu_read_lock()s -- and also > for the compiler constraints in the normal rcu_dereference(). Right. > Your pointer-to-function idea could be a really cool way to handle the > tree algorithms that can be protected either by RCU or by locking. > The tree nodes could have the pointer to check function, and the > current rcu_dereference_raw() calls could be replaced by an invocation > of rcu_dereference_check() that calls the check function. A check > function for an RCU-protected tree would use "rcu_read_lock_held() || > lockdep_is_held(&update_side_lock)", while a lock-protected tree would > just use "lockdep_is_held(&update_side_lock)". I've postponed that problem for now, and updated my series to split the rculist annotations from the basic __rcu pointer annotations, as well as to apply on top of your patches in tip/core/rcu, see http://git.kernel.org/?p=linux/kernel/git/arnd/playground.git;\ a=shortlog;h=refs/heads/rcu-annotate-tip. Should we merge the simple annotations in this merge window and then think about rculist and trees separately? Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists