lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jul 2007 18:20:34 +1000 From: Nick Piggin <nickpiggin@...oo.com.au> To: Satyam Sharma <ssatyam@....iitk.ac.in> CC: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, David Howells <dhowells@...hat.com>, Andi Kleen <ak@...e.de>, Andrew Morton <akpm@...ux-foundation.org>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH 8/8] i386: bitops: smp_mb__{before, after}_clear_bit() definitions Satyam Sharma wrote: > On Tue, 24 Jul 2007, Nick Piggin wrote: > > >>Satyam Sharma wrote: >> >>>From: Satyam Sharma <ssatyam@....iitk.ac.in> >>> >>>[8/8] i386: bitops: smp_mb__{before, after}_clear_bit() definitions >>> >>> >>>>>From Documentation/atomic_ops.txt, those archs that require explicit >>> >>>memory barriers around clear_bit() must also implement these two interfaces. >>>However, for i386, clear_bit() is a strict, locked, atomic and >>>un-reorderable operation and includes an implicit memory barrier already. >>> >>>But these two functions have been wrongly defined as "barrier()" which is >>>a pointless _compiler optimization_ barrier, and only serves to make gcc >>>not do legitimate optimizations that it could have otherwise done. >>> >>>So let's make these proper no-ops, because that's exactly what we require >>>these to be on the i386 platform. >> >>No. clear_bit is not a compiler barrier on i386, > > > Obvious. > > >>thus smp_mb__before/after >>must be. > > > Not so obvious. Why do we require these to be a full compiler barrier > is precisely the question I raised here. > > Consider this (the above two functions exist only for clear_bit(), > the atomic variant, as you already know), the _only_ memory reference > we care about is that of the address of the passed bit-string: No. Memory barriers explicitly extend to all memory references. > (1) The compiler must not optimize / elid it (i.e. we need to disallow > compiler optimization for that reference) -- but we've already taken > care of that with the __asm__ __volatile__ and the constraints on > the memory "addr" operand there, and, > (2) For the i386, it also includes an implicit memory (CPU) barrier > already. Repeating what has been said before: A CPU memory barrier is not a compiler barrier or vice versa. Seeing as we are talking about the compiler barrier, it is irrelevant as to whether or not the assembly includes a CPU barrier. > So I /think/ it makes sense to let the compiler optimize _other_ memory > references across the call to clear_bit(). There's a difference. I think > we'd be safe even if we do this, because the synchronization in callers > must be based upon the _passed bit-string_, otherwise _they_ are the > ones who're buggy. Yes it makes sense to let the compiler move memory operations over clear_bit(), because we have defined the interface to be nice and relaxed. And this is exactly why we do need to have an additional barrier there in smp_mb__*_clear_bit(). > [ For those interested, I've been looking at the code generated > for the test kernel I built with these patches, and I don't > really see anything gcc did that it shouldn't have -- but ok, > that doesn't mean other versions/toolchains for other setups > won't. Also, the test box has been up all night, but I'm only > running Firefox on it anyway, and don't really know how to > verify if I've introduced any correctness issues / bugs. ] correct output != correct input. Without a barrier there, we _allow_ the compiler to reorder. If it does not reorder, the missing barrier is still a bug :) -- SUSE Labs, Novell Inc. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists