| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <46806E8D.90403@myri.com> Date: Mon, 25 Jun 2007 21:40:29 -0400 From: Loic Prylli <loic@...i.com> To: Andi Kleen <ak@...e.de> CC: Chuck Ebbert <cebbert@...hat.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] MTRR: Fix race causing set_mtrr to go into infinite loop On 6/25/2007 6:34 PM, Andi Kleen wrote: > On Tuesday 26 June 2007 00:05:17 Chuck Ebbert wrote: > >> On 06/25/2007 05:38 PM, Loic Prylli wrote: >> >> [cc: Andi] >> >> >>> Processors synchronization in set_mtrr requires the .gate field >>> to be set after .count field is properly initialized. Without an explicit >>> barrier, the compiler was reordering those memory stores. That was sometimes >>> causing a processor (in ipi_handler) to see the .gate change and >>> decrement .count before the latter is set by set_mtrr() (which >>> then hangs in a infinite loop with irqs disabled). >>> > > Hmm, perhaps we should just put the smp_wmb into atomic_set(). > Near all other atomic operations have memory barriers too. I think > that would be the better fix. > > -Andi > In Documentation/atomic_ops.txt atomic_set/atomic_read are described as nothing more than a type-safe assignement or reading, without any extra semantics. For other atomic operations, the rule is that any atomic operation that doesn't return a value doesn't come with a barrier (and any operation that returns the atomic value must have memory barriers). So I guess you are suggesting to change the doc and the implementation for all arches. I should admit I did not knew a number of atomic operations did not imply memory-barriers before. But maybe the extra cost might not be completely negligible, especially if, for consistency with other "barrier-implied" atomic operations, a new memory barrier is put before and after, Are you suggested changing just atomic_set(), or also other barrier-free atomic operations :"atomic_dec", "atomic_inc", "atomic_add", "atomic_sub" ? Independently of what is done to atomic, what about not making the .gate field an atomic_t, but a simple "int" in the mttr code, since the only operations done on it are atomic_read and atomic_set? Loic - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists