lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Mar 2016 18:08:37 +0100 From: Frederic Weisbecker <fweisbec@...il.com> To: Ingo Molnar <mingo@...nel.org> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Thomas Gleixner <tglx@...utronix.de>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH v2] atomic: Fix bugs in 'fetch_or()' and rename it to 'xchg_or()' Thanks a lot for fixing this! Some comments below: On Tue, Mar 15, 2016 at 01:21:45PM +0100, Ingo Molnar wrote: > Linus noticed a couple of problems with the fetch_or() implementation introduced > by 5fd7a09cfb8c ("atomic: Export fetch_or()"): > > - Sloppy macro implementation: 'mask' and 'ptr' is evaluated multiple times, > which will break if arguments have side effects. Also, it uses > double-underscore temporary variables - which is dangerous as low level asm > ones are using those too and they may alias in unexpected ways. > > - Sloppy semantics: the naming and structure of the macro is ambigious, with > no well-defined semantics. It's neither an atomic nor a cmpxchg() interface, > but still it lives in include/linux/atomic.h. > > Solve this by: > > - Extracting the arguments into helper variables once, and never > using the original arguments from that point on. This makes it > pretty clear that there can be no unwanted macro evaluation > side effects. > > - Using single-underscore temporary variables. > > - Renaming fetch_or() to xchg_or(), recognizing that the semantics > are xchg()-alike. I wouldn't mind that much having xchg_or() but I think Peterz has good arguments in favour of keeping the original name. > > Also propagate the rename to the call sites. > > Reported-by: Linus Torvalds <torvalds@...ux-foundation.org> > Cc: Andrew Morton <akpm@...ux-foundation.org> > Cc: Chris Metcalf <cmetcalf@...hip.com> > Cc: Christoph Lameter <cl@...ux.com> > Cc: Frederic Weisbecker <fweisbec@...il.com> > Cc: Luiz Capitulino <lcapitulino@...hat.com> > Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl> > Cc: Peter Zijlstra <peterz@...radead.org> > Cc: Rik van Riel <riel@...hat.com> > Cc: Thomas Gleixner <tglx@...utronix.de> > Cc: Viresh Kumar <viresh.kumar@...aro.org> > Link: http://lkml.kernel.org/r/20160315093245.GA7943@gmail.com > Signed-off-by: Ingo Molnar <mingo@...nel.org> > --- > include/linux/atomic.h | 26 ++++++++++++++++---------- > kernel/sched/core.c | 2 +- > kernel/time/tick-sched.c | 4 ++-- > 3 files changed, 19 insertions(+), 13 deletions(-) > > diff --git a/include/linux/atomic.h b/include/linux/atomic.h > index 6c502cb13c95..7bc5297bcca8 100644 > --- a/include/linux/atomic.h > +++ b/include/linux/atomic.h > @@ -549,22 +549,28 @@ static inline int atomic_dec_if_positive(atomic_t *v) > #endif > > /** > - * fetch_or - perform *ptr |= mask and return old value of *ptr > - * @ptr: pointer to value > + * xchg_or - perform *ptr |= mask atomically and return old value of *ptr > + * @ptr: pointer to value (cmpxchg() compatible integer pointer type) > * @mask: mask to OR on the value > * > - * cmpxchg based fetch_or, macro so it works for different integer types > + * cmpxchg() based, it's a macro so it works for different integer types. > */ > -#ifndef fetch_or > -#define fetch_or(ptr, mask) \ > -({ typeof(*(ptr)) __old, __val = *(ptr); \ > +#ifndef xchg_or > +# define xchg_or(ptr, mask) \ > +({ \ > + typeof(ptr) _ptr = (ptr); \ Can we add a comment above to prevent from future mistakes with cmpxchg variables aliasing? I'm suprised that GCC doesn't warn about that actually.
Powered by blists - more mailing lists