| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220902211341.2585133-1-paul.heidekrueger@in.tum.de>
Date: Fri, 2 Sep 2022 21:13:40 +0000
From: Paul Heidekrüger <paul.heidekrueger@...tum.de>
To: Alan Stern <stern@...land.harvard.edu>,
Andrea Parri <parri.andrea@...il.com>,
Will Deacon <will@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Boqun Feng <boqun.feng@...il.com>,
Nicholas Piggin <npiggin@...il.com>,
David Howells <dhowells@...hat.com>,
Jade Alglave <j.alglave@....ac.uk>,
Luc Maranget <luc.maranget@...ia.fr>,
"Paul E. McKenney" <paulmck@...nel.org>,
Akira Yokosawa <akiyks@...il.com>,
Daniel Lustig <dlustig@...dia.com>,
Joel Fernandes <joel@...lfernandes.org>,
Paul Heidekrüger <paul.heidekrueger@...tum.de>,
Michael Ellerman <mpe@...erman.id.au>,
linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org
Cc: Marco Elver <elver@...gle.com>,
Charalampos Mainas <charalampos.mainas@...il.com>,
Pramod Bhatotia <pramod.bhatotia@...tum.de>,
Soham Chakraborty <s.s.chakraborty@...elft.nl>,
Martin Fink <martin.fink@...tum.de>
Subject: [PATCH v3] tools/memory-model: Weaken ctrl dependency definition in explanation.txt
The current informal control dependency definition in explanation.txt is
too broad and, as discussed, needs to be updated.
Consider the following example:
> if(READ_ONCE(x))
> return 42;
>
> WRITE_ONCE(y, 42);
>
> return 21;
The read event determines whether the write event will be executed "at all"
- as per the current definition - but the formal LKMM does not recognize
this as a control dependency.
Introduce a new definition which includes the requirement for the second
memory access event to syntactically lie within the arm of a non-loop
conditional.
Link: https://lore.kernel.org/all/20220615114330.2573952-1-paul.heidekrueger@in.tum.de/
Cc: Marco Elver <elver@...gle.com>
Cc: Charalampos Mainas <charalampos.mainas@...il.com>
Cc: Pramod Bhatotia <pramod.bhatotia@...tum.de>
Cc: Soham Chakraborty <s.s.chakraborty@...elft.nl>
Cc: Martin Fink <martin.fink@...tum.de>
Signed-off-by: Paul Heidekrüger <paul.heidekrueger@...tum.de>
Co-developed-by: Alan Stern <stern@...land.harvard.edu>
---
v3:
- Address Alan and Joel's feedback re: the wording around switch statements
and the use of "guarding"
v2:
- Fix typos
- Fix indentation of code snippet
v1:
@Alan, since I got it wrong the last time, I'm adding you as a co-developer
after my SOB. I'm sorry if this creates extra work on your side due to you
having to resubmit the patch now with your SOB if I understand correctly,
but since it's based on your wording from the other thread, I definitely
wanted to give you credit.
tools/memory-model/Documentation/explanation.txt | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/tools/memory-model/Documentation/explanation.txt b/tools/memory-model/Documentation/explanation.txt
index ee819a402b69..0b7e1925a673 100644
--- a/tools/memory-model/Documentation/explanation.txt
+++ b/tools/memory-model/Documentation/explanation.txt
@@ -464,9 +464,11 @@ to address dependencies, since the address of a location accessed
through a pointer will depend on the value read earlier from that
pointer.
-Finally, a read event and another memory access event are linked by a
-control dependency if the value obtained by the read affects whether
-the second event is executed at all. Simple example:
+Finally, a read event X and another memory access event Y are linked by
+a control dependency if Y syntactically lies within an arm of an if
+statement and X affects the evaluation of the if condition via a data or
+address dependency (or similarly for a switch statement). Simple
+example:
int x, y;
--
2.35.1
Powered by blists - more mailing lists