lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20260116154754.GN830755@noisy.programming.kicks-ass.net>
Date: Fri, 16 Jan 2026 16:47:54 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Christoph Hellwig <hch@....de>
Cc: Marco Elver <elver@...gle.com>, Steven Rostedt <rostedt@...dmis.org>,
	Ingo Molnar <mingo@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>, Will Deacon <will@...nel.org>,
	Boqun Feng <boqun.feng@...il.com>, Waiman Long <longman@...hat.com>,
	linux-kernel@...r.kernel.org, llvm@...ts.linux.dev,
	Bart Van Assche <bvanassche@....org>
Subject: Re: [PATCH tip/locking/core] compiler-context-analysis: Support
 immediate acquisition after initialization

On Fri, Jan 16, 2026 at 04:27:41PM +0100, Christoph Hellwig wrote:
> On Fri, Jan 16, 2026 at 04:20:16PM +0100, Peter Zijlstra wrote:
> > is *much* clearer than something like:
> > 
> > 	spinlock_init(&obj->lock);
> > 	// init
> > 	spinlock_deinit(&obj->lock);
> > 
> > Exactly because it has explicit scope. (also my deinit naming might not
> > be optimal, it is ambiguous at best, probably confusing).
> 
> WTF is spinlock_deinit even supposed to be?
> 
> I though this is about:
> 
> 	spin_lock_init(&obj->lock);
> 	spin_lock(&obj->lock);
> 
> > Not to mention that the scope things are far more robust vs error paths.
> 
> They are just a really hacked up clumsy way to provide what a very
> limited version of what the capability analys provides, while messing
> up the code.

So the base problem here is something like:

struct obj {
	spinlock_t	lock;
	int		state __guarded_by(lock);
};

struct obj *create_obj(void)
{
	struct obj *obj = kzmalloc(sizeof(*obj), GFP_KERNEL);
	if (!obj)
		return NULL;

	spin_lock_init(&obj->lock);
	obj->state = INIT_STATE; // error: ->state demands ->lock is held
}

So if you want/can take spin_lock() directly after spin_lock_init(),
then yes, you can write:


	spin_lock_init(&obj->lock);
	spin_lock(&obj->lock);
	obj->state = INIT_STATE; // OK

However, if code is structured such that you need to init fields before
taking the lock, you need a 'fake' lock acquire to wrap the
initialization -- which is safe because there is no concurrency yet and
all that, furthermore, by holding the fake lock you also ensure you
cannot in fact take the lock and create undue concurrency before
initialization is complete.

So the fairly common pattern where an object is first (fully) initialized
before it can be used will need this fake acquisition. For this we get:

	scoped_lock (spinlock_init, &obj->lock) {
		// init goes here
	}

Or you can manually __acquire_ctx_lock() / __release_ctx_lock().

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ