lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 23 May 2019 15:32:20 +0200
From:   Andrea Parri <andrea.parri@...rulasolutions.com>
To:     linux-kernel@...r.kernel.org
Cc:     Andrea Parri <andrea.parri@...rulasolutions.com>,
        "Paul E. McKenney" <paulmck@...ux.ibm.com>,
        Josh Triplett <josh@...htriplett.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
        Lai Jiangshan <jiangshanlai@...il.com>,
        Joel Fernandes <joel@...lfernandes.org>, rcu@...r.kernel.org,
        Peter Zijlstra <peterz@...radead.org>,
        Will Deacon <will.deacon@....com>,
        Mark Rutland <mark.rutland@....com>
Subject: [RFC PATCH] rcu: Make 'rcu_assign_pointer(p, v)' of type 'typeof(p)'

The expression

  rcu_assign_pointer(p, typeof(p) v)

is reported to be of type 'typeof(p)' in the documentation (c.f., e.g.,
Documentation/RCU/whatisRCU.txt) but this is not the case: for example,
the following snippet

  int **y;
  int *x;
  int *r0;

  ...

  r0 = rcu_assign_pointer(*y, x);

can currently result in the compiler warning

  warning: assignment to ‘int *’ from ‘uintptr_t’ {aka ‘long unsigned int’} makes pointer from integer without a cast [-Wint-conversion]

Cast the uintptr_t value to a typeof(p) value.

Signed-off-by: Andrea Parri <andrea.parri@...rulasolutions.com>
Cc: "Paul E. McKenney" <paulmck@...ux.ibm.com>
Cc: Josh Triplett <josh@...htriplett.org>
Cc: Steven Rostedt <rostedt@...dmis.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
Cc: Lai Jiangshan <jiangshanlai@...il.com>
Cc: Joel Fernandes <joel@...lfernandes.org>
Cc: rcu@...r.kernel.org
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Will Deacon <will.deacon@....com>
Cc: Mark Rutland <mark.rutland@....com>
---
NOTE:

TBH, I'm not sure this is 'the right patch' (hence the RFC...): in
fact, I'm currently missing the motivations for allowing assignments
such as the "r0 = ..." assignment above in generic code.  (BTW, it's
not currently possible to use such assignments in litmus tests...)

The usual concern is, of course, that if something is allowed (read
'compile!' ;/) then people will soon or later use it and they'll do
it in all sorts of 'creative' ways, such as 'to extend dependencies
across rcu_assign_pointer() calls' as in

  x = READ_ONCE(*z);
  r0 = rcu_assign_pointer(*y, x);
  WRITE_ONCE(*w, r0);

Notice that using a 'do { ... } while (0)', say, would prevent such
tricks/rvalues. (The same approach is used by smp_store_release().)

For a related discussion, please see:

  https://lkml.kernel.org/r/20190523083013.GA4616@andrea

Thoughts?

  Andrea
---
 include/linux/rcupdate.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h
index 915460ec08722..b94ba5de78fba 100644
--- a/include/linux/rcupdate.h
+++ b/include/linux/rcupdate.h
@@ -375,7 +375,7 @@ static inline void rcu_preempt_sleep_check(void) { }
 		WRITE_ONCE((p), (typeof(p))(_r_a_p__v));		      \
 	else								      \
 		smp_store_release(&p, RCU_INITIALIZER((typeof(p))_r_a_p__v)); \
-	_r_a_p__v;							      \
+	((typeof(p))_r_a_p__v);						      \
 })
 
 /**
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ