lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130315175117.GA2462@redhat.com>
Date:	Fri, 15 Mar 2013 18:51:17 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Frederic Weisbecker <fweisbec@...il.com>
Cc:	Ming Lei <tom.leiming@...il.com>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	Shaohua Li <shli@...nel.org>,
	Al Viro <viro@...iv.linux.org.uk>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: +
	atomic-improve-atomic_inc_unless_negative-atomic_dec_unless_positive
	.patch added to -mm tree

On 03/15, Frederic Weisbecker wrote:
>
> > The lack of the barrier?
> >
> > I thought about this, this should be fine? atomic_add_unless() has the same
> > "problem", but this is documented in atomic_ops.txt:
> >
> >         atomic_add_unless requires explicit memory barriers around the operation
> >         unless it fails (returns 0).
> >
> > I thought that atomic_add_unless_negative() should have the same
> > guarantees?
>
> I feel very uncomfortable with that. The memory barrier is needed
> anyway to make sure we don't deal with a stale value of the atomic val
> (wrt. ordering against another object).
> The following should really be expected to work without added barrier:
>
> void put_object(foo *obj)
> {
>       if (atomic_dec_return(obj->ref) == -1)
>           free_rcu(obj);
> }
>
> bool try_get_object(foo *obj)
> {
>       if (atomic_add_unless_negative(obj, 1))
>            return true;
>       return false;
> }
>
> = CPU 0 =                = CPU 1
>                                 rcu_read_lock()
> put_object(obj0);
>                                 obj = rcu_derefr(obj0);
> rcu_assign_ptr(obj0, NULL);

(I guess you meant rcu_assign_ptr() then put_object())

>                                 if (try_get_object(obj))
>                                      do_something...
>                                 else
>                                      object is dying
>                                 rcu_read_unlock()

I must have missed something.

do_something() looks fine, if atomic_add_unless_negative() succeeds
we do have a barrier?

Anyway, I understand that it is possible to write the code which
won't work without the uncoditional mb().

My point was: should we fix atomic_add_unless() then? If not, why
should atomic_add_unless_negative() differ?

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ