lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 25 Feb 2010 18:12:13 -0800
From:	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To:	Arnd Bergmann <arnd@...db.de>
Cc:	Alexey Dobriyan <adobriyan@...il.com>,
	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	linux-kernel@...r.kernel.org, mingo@...e.hu, laijs@...fujitsu.com,
	dipankar@...ibm.com, akpm@...ux-foundation.org,
	josh@...htriplett.org, dvhltc@...ibm.com, niv@...ibm.com,
	tglx@...utronix.de, peterz@...radead.org, rostedt@...dmis.org,
	Valdis.Kletnieks@...edu, dhowells@...hat.com
Subject: Re: [PATCH 07/10] module: __rcu annotations

On Thu, Feb 25, 2010 at 12:05:32PM -0800, Paul E. McKenney wrote:
> On Thu, Feb 25, 2010 at 07:10:34PM +0100, Arnd Bergmann wrote:

[ . . . ]

> > I've postponed that problem for now, and updated my series to split
> > the rculist annotations from the basic __rcu pointer annotations,
> > as well as to apply on top of your patches in tip/core/rcu,
> > see http://git.kernel.org/?p=linux/kernel/git/arnd/playground.git;\
> > a=shortlog;h=refs/heads/rcu-annotate-tip.

At first glance, this looks reasonably sane.  I have looked up through
the "scheduler: __rcu annotations" commit.

Some comments:

o	The name rcu_dereference_const() makes more sense to me than
	does __rcu_dereference(), as it documents when you can safely
	use it -- when something is preventing the RCU-protected
	pointer in question from changing.

o	Uses of __rcu_dereference() in your playground.git that are
	safe because some lock is held should be changed to
	rcu_dereference_check(), mentioning that lock.  Ditto zero
	reference counts.

	For example, in your first change to put_ctx() in
	kernel/perf_event.c, the:

		put_ctx(__rcu_dereference(ctx->parent_ctx));

	should instead be:

		put_ctx(rcu_dereference_check(ctx->parent_ctx,
					      ctx->refcount == 0));

	This does take a bit more space, but very clearly documents
	the synchronization design and enables the combination of
	sparse and lockdep to enforce it.  And yes, this example has
	the "if" right above the use, but many other cases are not
	so easy to see so quickly.  And a future change might well
	rearrange the code so that the "if" is a long ways away from
	the dereference.

o	Whatever we choose for the name of what is __rcu_dereference()
	in your tree, uses should be commented, just as things like
	smp_mb() are commented.  For example:

		q = __rcu_dereference(p->next); /* Initialization. */

	to indicate that the structure is still being initialized so
	that no other CPU or task has access to it.

Again, looks promising!

							Thanx, Paul

> > Should we merge the simple annotations in this merge window and
> > then think about rculist and trees separately?
> 
> I haven't given up on the possibility of getting the whole thing into
> this merge window, but if that is not possible, it would be good to
> start on the annotations.  Of course, the annotations would need to be
> done so that they don't rain false positives on people who are not
> actively looking to see them.
> 
> 							Thanx, Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ