From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751405AbeA2HJ7 (ORCPT ); Mon, 29 Jan 2018 02:09:59 -0500 Received: from mx1.redhat.com ([209.132.183.28]:27600 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751032AbeA2HJ6 (ORCPT ); Mon, 29 Jan 2018 02:09:58 -0500 Subject: Re: [PATCH net-next 05/12] ptr_ring: disallow lockless __ptr_ring_full To: "Michael S. Tsirkin" Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org, John Fastabend , David Miller References: <1516923320-16959-1-git-send-email-mst@redhat.com> <1516923320-16959-6-git-send-email-mst@redhat.com> <4bd89514-062c-dadf-53db-e6fac59512b1@redhat.com> <20180126044421-mutt-send-email-mst@kernel.org> <2c1b1348-08b3-a8b3-5d59-37db6257cda9@redhat.com> <20180129064001-mutt-send-email-mst@kernel.org> From: Jason Wang Message-ID: Date: Mon, 29 Jan 2018 15:09:49 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: <20180129064001-mutt-send-email-mst@kernel.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2018年01月29日 12:41, Michael S. Tsirkin wrote: > On Mon, Jan 29, 2018 at 11:36:09AM +0800, Jason Wang wrote: >> >> On 2018年01月26日 10:46, Michael S. Tsirkin wrote: >>>> On 2018年01月26日 07:36, Michael S. Tsirkin wrote: >>>>> Similar to bcecb4bbf88a ("net: ptr_ring: otherwise safe empty checks can >>>>> overrun array bounds") a lockless use of __ptr_ring_full might >>>>> cause an out of bounds access. >>>>> >>>>> We can fix this, but it's easier to just disallow lockless >>>>> __ptr_ring_full for now. >>>> It looks to me that just fix this is better than disallow through doc (which >>>> is easily to be ignored ...). >>>> >>>> Thanks >>> lockless is tricky, and I'd rather not sprinkle READ/WRITE_ONCE where >>> they aren't necessary. >>> >> The problem is then API looks a little bit strange. Lockless were only >> allowed to be done at __ptr_ring_empty() but not __ptr_ring_full(). >> >> Thanks > So __ptr_ring_empty doesn't really work lockless. It merely does not crash. > I don't believe we can do anything to remove the need to read the > docs unless people use the safe non __ variants. > Ok, then I will ack the series. Thanks