| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Mar 2024 00:05:48 +0000 From: "Dr. David Alan Gilbert" <dave@...blig.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Kent Overstreet <kent.overstreet@...ux.dev>, Philipp Stanner <pstanner@...hat.com>, Boqun Feng <boqun.feng@...il.com>, rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org, llvm@...ts.linux.dev, Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>, Wedson Almeida Filho <wedsonaf@...il.com>, Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, Benno Lossin <benno.lossin@...ton.me>, Andreas Hindborg <a.hindborg@...sung.com>, Alice Ryhl <aliceryhl@...gle.com>, Alan Stern <stern@...land.harvard.edu>, Andrea Parri <parri.andrea@...il.com>, Will Deacon <will@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Nicholas Piggin <npiggin@...il.com>, David Howells <dhowells@...hat.com>, Jade Alglave <j.alglave@....ac.uk>, Luc Maranget <luc.maranget@...ia.fr>, "Paul E. McKenney" <paulmck@...nel.org>, Akira Yokosawa <akiyks@...il.com>, Daniel Lustig <dlustig@...dia.com>, Joel Fernandes <joel@...lfernandes.org>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, kent.overstreet@...il.com, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, elver@...gle.com, Mark Rutland <mark.rutland@....com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>, Catalin Marinas <catalin.marinas@....com>, linux-arm-kernel@...ts.infradead.org, linux-fsdevel@...r.kernel.org Subject: Re: [WIP 0/3] Memory model and atomic API in Rust * Linus Torvalds (torvalds@...ux-foundation.org) wrote: <snip> > IOW, the whole access size problem that Boqun described is > *inherently* tied to the fact that the C++ and Rust memory model is > badly designed from the wrong principles. > > Instead of designing it as a "this is an atomic object that you can do > these operations on", it should have been "this is an atomic access, > and you can use this simple object model to have the compiler generate > the accesses for you". Isn't one of the aims of the Rust/C++ idea that you can't forget to access a shared piece of data atomically? If you want to have 'atomic accesses' explicitly, how do you tell the compiler what you can use them on, and when it should stop you mixing them with normal accesses on the same object? Dave > This is why I claim that LKMM is fundamentally better. It didn't start > out from a bass-ackwards starting point of marking objects "atomic". > > And yes, the LKMM is a bit awkward, because we don't have the > shorthands, so you have to write out "atomic_read()" and friends. > > Tough. It's better to be correct than to be simple. > > Linus > -- -----Open up your eyes, open up your mind, open up your code ------- / Dr. David Alan Gilbert | Running GNU/Linux | Happy \ \ dave @ treblig.org | | In Hex / \ _________________________|_____ http://www.treblig.org |_______/
Powered by blists - more mailing lists