| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Mar 2016 18:08:37 +0100
From: Frederic Weisbecker <fweisbec@...il.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH v2] atomic: Fix bugs in 'fetch_or()' and rename it to
'xchg_or()'
Thanks a lot for fixing this!
Some comments below:
On Tue, Mar 15, 2016 at 01:21:45PM +0100, Ingo Molnar wrote:
> Linus noticed a couple of problems with the fetch_or() implementation introduced
> by 5fd7a09cfb8c ("atomic: Export fetch_or()"):
>
> - Sloppy macro implementation: 'mask' and 'ptr' is evaluated multiple times,
> which will break if arguments have side effects. Also, it uses
> double-underscore temporary variables - which is dangerous as low level asm
> ones are using those too and they may alias in unexpected ways.
>
> - Sloppy semantics: the naming and structure of the macro is ambigious, with
> no well-defined semantics. It's neither an atomic nor a cmpxchg() interface,
> but still it lives in include/linux/atomic.h.
>
> Solve this by:
>
> - Extracting the arguments into helper variables once, and never
> using the original arguments from that point on. This makes it
> pretty clear that there can be no unwanted macro evaluation
> side effects.
>
> - Using single-underscore temporary variables.
>
> - Renaming fetch_or() to xchg_or(), recognizing that the semantics
> are xchg()-alike.
I wouldn't mind that much having xchg_or() but I think Peterz has good arguments in favour
of keeping the original name.
>
> Also propagate the rename to the call sites.
>
> Reported-by: Linus Torvalds <torvalds@...ux-foundation.org>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Cc: Chris Metcalf <cmetcalf@...hip.com>
> Cc: Christoph Lameter <cl@...ux.com>
> Cc: Frederic Weisbecker <fweisbec@...il.com>
> Cc: Luiz Capitulino <lcapitulino@...hat.com>
> Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>
> Cc: Peter Zijlstra <peterz@...radead.org>
> Cc: Rik van Riel <riel@...hat.com>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Viresh Kumar <viresh.kumar@...aro.org>
> Link: http://lkml.kernel.org/r/20160315093245.GA7943@gmail.com
> Signed-off-by: Ingo Molnar <mingo@...nel.org>
> ---
> include/linux/atomic.h | 26 ++++++++++++++++----------
> kernel/sched/core.c | 2 +-
> kernel/time/tick-sched.c | 4 ++--
> 3 files changed, 19 insertions(+), 13 deletions(-)
>
> diff --git a/include/linux/atomic.h b/include/linux/atomic.h
> index 6c502cb13c95..7bc5297bcca8 100644
> --- a/include/linux/atomic.h
> +++ b/include/linux/atomic.h
> @@ -549,22 +549,28 @@ static inline int atomic_dec_if_positive(atomic_t *v)
> #endif
>
> /**
> - * fetch_or - perform *ptr |= mask and return old value of *ptr
> - * @ptr: pointer to value
> + * xchg_or - perform *ptr |= mask atomically and return old value of *ptr
> + * @ptr: pointer to value (cmpxchg() compatible integer pointer type)
> * @mask: mask to OR on the value
> *
> - * cmpxchg based fetch_or, macro so it works for different integer types
> + * cmpxchg() based, it's a macro so it works for different integer types.
> */
> -#ifndef fetch_or
> -#define fetch_or(ptr, mask) \
> -({ typeof(*(ptr)) __old, __val = *(ptr); \
> +#ifndef xchg_or
> +# define xchg_or(ptr, mask) \
> +({ \
> + typeof(ptr) _ptr = (ptr); \
Can we add a comment above to prevent from future mistakes with cmpxchg
variables aliasing?
I'm suprised that GCC doesn't warn about that actually.
Powered by blists - more mailing lists