[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y7U4ncG4Gkd5uRsb@kroah.com>
Date: Wed, 4 Jan 2023 09:28:13 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Deepak R Varma <drv@...lo.com>
Cc: Jiri Slaby <jirislaby@...nel.org>,
"Maciej W. Rozycki" <macro@...am.me.uk>,
linux-serial@...r.kernel.org, linux-kernel@...r.kernel.org,
Saurabh Singh Sengar <ssengar@...rosoft.com>,
Praveen Kumar <kumarpraveen@...ux.microsoft.com>
Subject: Re: [PATCH v4 1/2] tty: serial: dz: convert atomic_* to refcount_*
APIs for map_guard
On Tue, Jan 03, 2023 at 03:35:15PM +0530, Deepak R Varma wrote:
> On Tue, Jan 03, 2023 at 09:59:52AM +0100, Jiri Slaby wrote:
> > On 26. 12. 22, 7:21, Deepak R Varma wrote:
> > > The refcount_* APIs are designed to address known issues with the
> > > atomic_t APIs for reference counting. They provide following distinct
> > > advantages
> > > - protect the reference counters from overflow/underflow
> > > - avoid use-after-free errors
> > > - provide improved memory ordering guarantee schemes
> > > - neater and safer.
> >
> > Really? (see below)
> >
> > > --- a/drivers/tty/serial/dz.c
> > > +++ b/drivers/tty/serial/dz.c
> > ...
> > > @@ -687,23 +686,19 @@ static int dz_map_port(struct uart_port *uport)
> > > static int dz_request_port(struct uart_port *uport)
> > > {
> > > struct dz_mux *mux = to_dport(uport)->mux;
> > > - int map_guard;
> > > int ret;
> > >
> > > - map_guard = atomic_add_return(1, &mux->map_guard);
> > > - if (map_guard == 1) {
> > > - if (!request_mem_region(uport->mapbase, dec_kn_slot_size,
> > > - "dz")) {
> > > - atomic_add(-1, &mux->map_guard);
> > > - printk(KERN_ERR
> > > - "dz: Unable to reserve MMIO resource\n");
> > > + refcount_inc(&mux->map_guard);
> > > + if (refcount_read(&mux->map_guard) == 1) {
> >
> > This is now racy, right?
>
> Hello Jiri,
> Thank you for the feedback. You are correct. I have split a single instruction
> in two (or more?) instructions potentially resulting in race conditions. I
> looked through the refcount_* APIs but did not find a direct match.
>
>
> Can you please comment if the the following variation will avoid race condition?
>
> if (!refcount_add_not_zero(1, &mux->map_guard)) {
> refcount_inc(&mux->map_guard);
> ...
> }
What do you think? The onus is on you to prove the conversion is
correct, otherwise, why do the conversion at all?
Actually, why do this at all, what is the goal here? And how was this
tested?
thanks,
greg k-h
Powered by blists - more mailing lists