lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Oct 2014 09:06:54 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: Al Viro <viro@...iv.linux.org.uk> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Linux-Fsdevel <linux-fsdevel@...r.kernel.org>, Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-unionfs@...r.kernel.org, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> Subject: Re: [GIT PULL] overlay filesystem v25 [Paul McKenney added to CC] On Sat, Oct 25, 2014 at 7:06 PM, Al Viro <viro@...iv.linux.org.uk> wrote: > On Sat, Oct 25, 2014 at 11:53:52AM +0200, Miklos Szeredi wrote: > >> Yes, but it's not about race with copy-up (which the ovl_path_upper() >> protects against), but race of two fsync calls with each other. If >> there's no synchronization between them, then that od->upperfile does >> indeed count as lockless access, no matter that the assignment was >> done under lock. > > p = global; > if (!p) { // outside of lock > p = alloc(); > grab lock > if (!global) { > global = p; > } else { > destroy(p); > p = global; > } > drop lock > } > is a very common pattern, especially if you look for cases when lock is > a spinlock and allocation is blocking (in those cases you'll often see > destroy() part done after dropping the lock; that's where what I fucked up in > what I'd originally pushed. And it wasn't even needed - fput() under > ->i_mutex is OK...) Being a very common pattern does not automatically make it correct... My understanding of these issues is very limited, but it's not clear to me what will order initialization of members of p with the storing of p into global. E.g. we start out with global == NULL and p->foo == 0. CPU1: p->foo = 1 grab lock if (!global) global = p CPU1: p = global if (p) q = p->foo Is it guaranteed that the above sequence (as is, without any barriers or ACCESS_ONCE() other than the lock acquisition) will result in q == 1 if p != NULL? Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists