lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Feb 2015 16:47:12 +0000 From: David Vrabel <dvrabel@...tab.net> To: Raghavendra K T <raghavendra.kt@...ux.vnet.ibm.com>, tglx@...utronix.de, mingo@...hat.com, hpa@...or.com, peterz@...radead.org, torvalds@...ux-foundation.org, konrad.wilk@...cle.com, pbonzini@...hat.com CC: waiman.long@...com, jeremy@...p.org, ak@...ux.intel.com, a.ryabinin@...sung.com, kvm@...r.kernel.org, borntraeger@...ibm.com, jasowang@...hat.com, x86@...nel.org, oleg@...hat.com, linux-kernel@...r.kernel.org, paul.gortmaker@...driver.com, dave@...olabs.net, xen-devel@...ts.xenproject.org, davej@...hat.com, akpm@...ux-foundation.org, paulmck@...ux.vnet.ibm.com, virtualization@...ts.linux-foundation.org, sasha.levin@...cle.com Subject: Re: [Xen-devel] [PATCH V5] x86 spinlock: Fix memory corruption on completing completions On 15/02/15 17:30, Raghavendra K T wrote: > --- a/arch/x86/xen/spinlock.c > +++ b/arch/x86/xen/spinlock.c > @@ -41,7 +41,7 @@ static u8 zero_stats; > static inline void check_zero(void) > { > u8 ret; > - u8 old = ACCESS_ONCE(zero_stats); > + u8 old = READ_ONCE(zero_stats); > if (unlikely(old)) { > ret = cmpxchg(&zero_stats, old, 0); > /* This ensures only one fellow resets the stat */ > @@ -112,6 +112,7 @@ __visible void xen_lock_spinning(struct arch_spinlock *lock, __ticket_t want) > struct xen_lock_waiting *w = this_cpu_ptr(&lock_waiting); > int cpu = smp_processor_id(); > u64 start; > + __ticket_t head; > unsigned long flags; > > /* If kicker interrupts not initialized yet, just spin */ > @@ -159,11 +160,15 @@ __visible void xen_lock_spinning(struct arch_spinlock *lock, __ticket_t want) > */ > __ticket_enter_slowpath(lock); > > + /* make sure enter_slowpath, which is atomic does not cross the read */ > + smp_mb__after_atomic(); > + > /* > * check again make sure it didn't become free while > * we weren't looking > */ > - if (ACCESS_ONCE(lock->tickets.head) == want) { > + head = READ_ONCE(lock->tickets.head); > + if (__tickets_equal(head, want)) { > add_stats(TAKEN_SLOW_PICKUP, 1); > goto out; > } > @@ -204,8 +209,8 @@ static void xen_unlock_kick(struct arch_spinlock *lock, __ticket_t next) > const struct xen_lock_waiting *w = &per_cpu(lock_waiting, cpu); > > /* Make sure we read lock before want */ > - if (ACCESS_ONCE(w->lock) == lock && > - ACCESS_ONCE(w->want) == next) { > + if (READ_ONCE(w->lock) == lock && > + READ_ONCE(w->want) == next) { > add_stats(RELEASED_SLOW_KICKED, 1); > xen_send_IPI_one(cpu, XEN_SPIN_UNLOCK_VECTOR); > break; Acked-by: David Vrabel <david.vrabel@...rix.com> Although some of the ACCESS_ONCE to READ_ONCE changes are cosmetic and are perhaps best left out of a patch destined for stable. David -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists