lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 2 Apr 2016 18:29:03 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
	Darren Hart <darren@...art.com>,
	Ingo Molnar <mingo@...nel.org>,
	Michael Kerrisk <mtk.manpages@...glemail.com>,
	Davidlohr Bueso <dave@...olabs.net>, Chris Mason <clm@...com>,
	Carlos O'Donell <carlos@...hat.com>,
	Torvald Riegel <triegel@...hat.com>,
	Eric Dumazet <edumazet@...gle.com>
Subject: Re: [RFC patch 4/7] futex: Add support for attached futexes

On Sat, Apr 02, 2016 at 11:09:18AM -0000, Thomas Gleixner wrote:
> +/**
> + * futex_detach_task - Detach task from global state
> + * @slot:	Slot number in the task local cache
> + *
> + * If the global state refcount drops to zero, the global state is destroyed.
> + */
> +static void futex_detach_task(int slot)
> +{
> +	struct futex_cache *tc = current->futex_cache;
> +	struct futex_state *fs = tc->slots[slot].fs;
> +	struct futex_hash_bucket *hb = fs->global_hb;
> +	struct futex_q *q = &fs->q;
> +
> +	/* Remove it from the task local cache */
> +	__clear_bit(slot, tc->cache_map);
> +	tc->slots[slot].uaddr = NULL;
> +	tc->slots[slot].fs = NULL;
> +
> +	/*
> +	 * Lock the global hash bucket. Decrement global state refcount. If 0
> +	 * remove it from the global hash and free it.
> +	 */
> +	spin_lock(&hb->lock);
> +	if (--fs->refcount == 0)
> +		hb_remove_q(q, hb);
> +	else
> +		fs = NULL;
> +	spin_unlock(&hb->lock);

So you could play funny games like:

	if (atomic_add_unless(&fs->recount, -1, 1))
		return;

	spin_lock(&hb->lock);
	if (atomic_dec_return(&fs->refcount) == 0)
		hb_remove_q(q, hb);
	else
		fs = NULL;
	spin_unlock(&hb->lock);

To avoid taking that lock entirely in the 'fast' path, but I'm not sure
how performance critical this path is.

> +	kfree(fs);
> +}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ