All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jason Wang <jasowang@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
	John Fastabend <john.fastabend@gmail.com>,
	David Miller <davem@davemloft.net>
Subject: Re: [PATCH net-next 05/12] ptr_ring: disallow lockless __ptr_ring_full
Date: Mon, 29 Jan 2018 15:09:49 +0800	[thread overview]
Message-ID: <b4216081-fece-9252-f38c-f4eec5129fb9@redhat.com> (raw)
In-Reply-To: <20180129064001-mutt-send-email-mst@kernel.org>



On 2018年01月29日 12:41, Michael S. Tsirkin wrote:
> On Mon, Jan 29, 2018 at 11:36:09AM +0800, Jason Wang wrote:
>>
>> On 2018年01月26日 10:46, Michael S. Tsirkin wrote:
>>>> On 2018年01月26日 07:36, Michael S. Tsirkin wrote:
>>>>> Similar to bcecb4bbf88a ("net: ptr_ring: otherwise safe empty checks can
>>>>> overrun array bounds") a lockless use of __ptr_ring_full might
>>>>> cause an out of bounds access.
>>>>>
>>>>> We can fix this, but it's easier to just disallow lockless
>>>>> __ptr_ring_full for now.
>>>> It looks to me that just fix this is better than disallow through doc (which
>>>> is easily to be ignored ...).
>>>>
>>>> Thanks
>>> lockless is tricky, and I'd rather not sprinkle READ/WRITE_ONCE where
>>> they aren't necessary.
>>>
>> The problem is then API looks a little bit strange. Lockless were only
>> allowed to be done at __ptr_ring_empty() but not __ptr_ring_full().
>>
>> Thanks
> So __ptr_ring_empty doesn't really work lockless. It merely does not crash.
> I don't believe we can do anything to remove the need to read the
> docs unless people use the safe non __ variants.
>

Ok, then I will ack the series.

Thanks

  reply	other threads:[~2018-01-29  7:09 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-25 23:36 [PATCH net-next 00/12] ptr_ring fixes Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 01/12] ptr_ring: keep consumer_head valid at all times Michael S. Tsirkin
2018-01-26  0:11   ` John Fastabend
2018-01-25 23:36 ` [PATCH net-next 02/12] ptr_ring: clean up documentation Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 03/12] ptr_ring: READ/WRITE_ONCE for __ptr_ring_empty Michael S. Tsirkin
2018-01-26  2:37   ` Jason Wang
2018-01-26  2:44     ` Michael S. Tsirkin
2018-01-26  3:19       ` Jason Wang
2018-01-26 13:44         ` Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 04/12] tap: fix use-after-free Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 05/12] ptr_ring: disallow lockless __ptr_ring_full Michael S. Tsirkin
2018-01-26  2:38   ` Jason Wang
2018-01-26  2:46     ` Michael S. Tsirkin
2018-01-29  3:36       ` Jason Wang
2018-01-29  4:41         ` Michael S. Tsirkin
2018-01-29  7:09           ` Jason Wang [this message]
2018-01-25 23:36 ` [PATCH net-next 06/12] Revert "net: ptr_ring: otherwise safe empty checks can overrun array bounds" Michael S. Tsirkin
2018-01-26  0:12   ` John Fastabend
2018-01-25 23:36 ` [PATCH net-next 07/12] skb_array: use __ptr_ring_empty Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 08/12] ptr_ring: prevent queue load/store tearing Michael S. Tsirkin
2018-01-26  2:38   ` Jason Wang
2018-01-26  2:49     ` Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 09/12] tools/virtio: switch to __ptr_ring_empty Michael S. Tsirkin
2018-01-25 23:36 ` Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 10/12] tools/virtio: more stubs to fix tools build Michael S. Tsirkin
2018-01-25 23:36   ` Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 11/12] tools/virtio: copy READ/WRITE_ONCE Michael S. Tsirkin
2018-01-25 23:36 ` Michael S. Tsirkin
2018-01-25 23:36 ` [PATCH net-next 12/12] tools/virtio: fix smp_mb on x86 Michael S. Tsirkin
2018-01-26  3:56   ` Jason Wang
2018-01-26  3:56     ` Jason Wang
2018-01-26 13:45     ` Michael S. Tsirkin
2018-01-26 13:45     ` Michael S. Tsirkin
2018-01-25 23:36 ` Michael S. Tsirkin
2018-01-26  3:20 ` [PATCH net-next 00/12] ptr_ring fixes Jason Wang
2018-01-29  7:10 ` Jason Wang
2018-01-29 17:03   ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b4216081-fece-9252-f38c-f4eec5129fb9@redhat.com \
    --to=jasowang@redhat.com \
    --cc=davem@davemloft.net \
    --cc=john.fastabend@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mst@redhat.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.