[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()

To: Jan Beulich <jbeulich@xxxxxxxx>
From: Julien Grall <julien@xxxxxxx>
Date: Tue, 18 Aug 2020 12:52:36 +0100
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Julien Grall <jgrall@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Tue, 18 Aug 2020 11:52:46 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>



On 18/08/2020 12:27, Jan Beulich wrote:

On 18.08.2020 11:12, Julien Grall wrote:

As pointed
out before, ACCESS_ONCE() and {read,write}_atomic() serve slightly
different purposes, and so far it looks like all of us are lacking ideas
on how to construct something that catches all cases by one single approach.


I am guessing you are referring to [1], right?

If you read the documentation of READ_ONCE()/WRITE_ONCE(), they are meant to be 
atomic in some cases. The cases are exactly the same as {read, write}_atomic().

I will ask the same thing as I asked to Roger. If Linux can rely on it, why 
can't we?


That's not the way I'd like to see arguments go here: If Linux has
something suitable, I'm fine with us using it. But we ought to be
permitted to question whether what we inherit is indeed fit for
purpose, and afaict there is at least one gap to be filled. In no
case should we blindly pull in things from Linux and then assume
that simply by doing so all is well.

I don't think any of us here are compilers guru, so I would tend to relyon Linux memory work. After all their code received much more attention.But sure we can question everything they have been doing.

To me the expected semantics (/!\ I am not referring to theimplementation) for all the helpers are the same. But you seem todisagree on that.

I read the thread again and I couldn't find any explanation how adevelopper could chose between ACCESS_ONCE() and {read, write}_atomic().


Can you outline how one would decide?

Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Jan Beulich

References:
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Julien Grall
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Jan Beulich
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Julien Grall
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Jan Beulich
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Julien Grall
- Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
  - From: Jan Beulich

Prev by Date: Re: [PATCH] efi: discover ESRT table on Xen PV too
Next by Date: Re: [PATCH] efi: discover ESRT table on Xen PV too
Previous by thread: Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
Next by thread: Re: [PATCH] xen/x86: irq: Avoid a TOCTOU race in pirq_spin_lock_irq_desc()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.