| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100223131543.GA19174@Krystal> Date: Tue, 23 Feb 2010 08:15:44 -0500 From: Mathieu Desnoyers <mathieu.desnoyers@...icios.com> To: Arnd Bergmann <arnd@...db.de> Cc: paulmck@...ux.vnet.ibm.com, linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com, dipankar@...ibm.com, akpm@...ux-foundation.org, josh@...htriplett.org, dvhltc@...ibm.com, niv@...ibm.com, tglx@...utronix.de, peterz@...radead.org, rostedt@...dmis.org, Valdis.Kletnieks@...edu, dhowells@...hat.com Subject: Re: [PATCH tip/core/rcu 0/21] v6 add lockdep-based diagnostics to rcu_dereference() * Arnd Bergmann (arnd@...db.de) wrote: > On Tuesday 23 February 2010, Paul E. McKenney wrote: > > This patch series adds lockdep-based checking to the rcu_dereference() > > primitive in order to flag misuses of RCU. > > While I haven't looked much at this series, I've been thinking about > adding static diagnostics for rcu_dereference misuse, in the form of > an __rcu address space qualifier for pointers. Such a patch would > obviously conflict with this series, so I'd wait for yours to go > in first, but maybe you like the idea enough to do it yourself ;-). > > The observation is that all accesses to an RCU protected pointer > are either through rcu_dereference, rcu_assign_pointer or one of their > variants. so it should be possible to add a new address space like we > have for __iomem, __user and soon __percpu and have sparse check that > we use RCU consistently on pointers that need it. Just to make myself the devil's advocate: how should we consider initialization of RCU pointers at boot time that happens before any possible concurrent reader is allowed to run ? I think this case is an example of valid RCU-pointer access that is not done through the RCU primitives. It seems valid to perform these RCU-pointer accesses when serialized by a different exclusion mechanism, in this case being the guarantee that no concurrent reader are running at early boot. The same applies to stop_machine(), and, as I come to think of it, we could probably think of a scheme that dynamically switch from an RCU read-lock to, e.g., a mutex for all users, wait for RCU quiescent state, and then serialize all users on the mutex during the update. So while some of these cases are a bit far-fetched, I think they are valid, and I wonder how the address space validation would take them into account. Thanks, Mathieu > > Arnd -- Mathieu Desnoyers OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists