| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190110124123.GA21224@hirez.programming.kicks-ass.net>
Date: Thu, 10 Jan 2019 13:41:23 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Florian Westphal <fw@...len.de>
Cc: Anatol Pomozov <anatol.pomozov@...il.com>,
Dmitry Vyukov <dvyukov@...gle.com>, paulmck@...ux.ibm.com,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: seqcount usage in xt_replace_table()
On Tue, Jan 08, 2019 at 11:37:46PM +0100, Florian Westphal wrote:
> Anatol Pomozov <anatol.pomozov@...il.com> wrote:
> > Or maybe xt_replace_table() can be enhanced? When I hear that
> > something waits until an event happens on all CPUs I think about
> > wait_event() function. Would it be better for xt_replace_table() to
> > introduce an atomic counter that is decremented by CPUs, and the main
> > CPU waits until the counter gets zero?
>
> That would mean placing an additional atomic op into the
> iptables evaluation path (ipt_do_table and friends).
>
For:
/*
* Ensure contents of newinfo are visible before assigning to
* private.
*/
smp_wmb();
table->private = newinfo;
we have:
smp_store_release(&table->private, newinfo);
But what store does that second smp_wmb() order against? The comment:
/* make sure all cpus see new ->private value */
smp_wmb();
makes no sense what so ever, no smp_*() barrier can provide such
guarantees.
> Only alternative I see that might work is synchronize_rcu (the
> _do_table functions are called with rcu read lock held).
>
> I guess current scheme is cheaper though.
Is performance a concern in this path? There is no comment justifying
this 'creative' stuff.
Powered by blists - more mailing lists