| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Jul 2007 06:53:18 -0700 From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org, mingo@...e.hu, dipankar@...ibm.com, josht@...ux.vnet.ibm.com Subject: Re: [PATCH] Immunize rcu_dereference() against crazy compiler writers On Tue, Jul 17, 2007 at 02:46:00AM -0700, Andrew Morton wrote: > On Wed, 11 Jul 2007 18:00:58 -0700 "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> wrote: > > > Turns out that compiler writers are a bit more aggressive about optimizing > > than one might expect. This patch prevents a number of such optimizations > > from messing up rcu_deference(). This is not merely a theoretical > > problem, as evidenced by the rmb() in mce_log(). > > > > Signed-off-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com> > > --- > > > > rcupdate.h | 14 +++++++++++++- > > 1 file changed, 13 insertions(+), 1 deletion(-) > > > > diff -urpNa -X dontdiff linux-2.6.22/include/linux/rcupdate.h linux-2.6.22-volrcud/include/linux/rcupdate.h > > --- linux-2.6.22/include/linux/rcupdate.h 2007-07-08 16:32:17.000000000 -0700 > > +++ linux-2.6.22-volrcud/include/linux/rcupdate.h 2007-07-11 17:21:09.000000000 -0700 > > @@ -217,6 +217,18 @@ extern int rcu_needs_cpu(int cpu); > > local_bh_enable(); \ > > } while(0) > > > > +/* > > + * Prevent the compiler from merging or refetching accesses. The compiler > > + * is also forbidden from reordering successive instances of ACCESS_ONCE(), > > + * but only when the compiler is aware of some particular ordering. One way > > + * to make the compiler aware of ordering is to put the two invocations of > > + * ACCESS_ONCE() in different C statements. > > + * > > + * This macro does absolutely -nothing- to prevent the CPU from reordering, > > + * merging, or refetching absolutely anything at any time. > > + */ > > +#define ACCESS_ONCE(x) (*(volatile typeof(x) *)&(x)) > > drivers/net/hamradio/bpqether.c: In function 'bpq_seq_next': > drivers/net/hamradio/bpqether.c:421: error: invalid lvalue in unary '&' This is a bug in bpqether.c, and here is a patch that compiles. I don't have the necessary hardware to test. As you might expect, I assert that the fact that the new implementation of rcu_dereference() detects improper use on rvalues is a feature. ;-) Signed-off-by: Paul E. McKenney <paulmck@...ux.vnet.ibm.com> --- bpqether.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff -urpNa -X dontdiff linux-2.6.22/drivers/net/hamradio/bpqether.c linux-2.6.22-volrcud-hamfix/drivers/net/hamradio/bpqether.c --- linux-2.6.22/drivers/net/hamradio/bpqether.c 2007-07-08 16:32:17.000000000 -0700 +++ linux-2.6.22-volrcud-hamfix/drivers/net/hamradio/bpqether.c 2007-07-17 06:46:16.000000000 -0700 @@ -413,12 +413,12 @@ static void *bpq_seq_next(struct seq_fil ++*pos; if (v == SEQ_START_TOKEN) - p = bpq_devices.next; + p = rcu_dereference(bpq_devices.next); else - p = ((struct bpqdev *)v)->bpq_list.next; + p = rcu_dereference(((struct bpqdev *)v)->bpq_list.next); return (p == &bpq_devices) ? NULL - : rcu_dereference(list_entry(p, struct bpqdev, bpq_list)); + : list_entry(p, struct bpqdev, bpq_list); } static void bpq_seq_stop(struct seq_file *seq, void *v) - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists