linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: David Howells <dhowells@redhat.com>
To: jmorris@namei.org
Cc: dhowells@redhat.com, linux-security-module@vger.kernel.org,
	keyrings@vger.kernel.org, linux-kernel@vger.kernel.org,
	Davidlohr Bueso <dbueso@suse.de>
Subject: [PATCH 02/23] security: use READ_ONCE instead of deprecated ACCESS_ONCE
Date: Thu, 08 Jun 2017 14:47:34 +0100	[thread overview]
Message-ID: <149692965438.11452.17954613433247309012.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <149692963884.11452.7673998701432248814.stgit@warthog.procyon.org.uk>

From: Davidlohr Bueso <dave@stgolabs.net>

With the new standardized functions, we can replace all ACCESS_ONCE()
calls across relevant security/keyrings/.

ACCESS_ONCE() does not work reliably on non-scalar types. For example
gcc 4.6 and 4.7 might remove the volatile tag for such accesses during
the SRA (scalar replacement of aggregates) step:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58145

Update the new calls regardless of if it is a scalar type, this is
cleaner than having three alternatives.

Signed-off-by: Davidlohr Bueso <dbueso@suse.de>
Signed-off-by: David Howells <dhowells@redhat.com>
---

 security/keys/keyring.c |   12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 4d1678e4586f..de81793f9920 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -706,7 +706,7 @@ static bool search_nested_keyrings(struct key *keyring,
 	 * Non-keyrings avoid the leftmost branch of the root entirely (root
 	 * slots 1-15).
 	 */
-	ptr = ACCESS_ONCE(keyring->keys.root);
+	ptr = READ_ONCE(keyring->keys.root);
 	if (!ptr)
 		goto not_this_keyring;
 
@@ -720,7 +720,7 @@ static bool search_nested_keyrings(struct key *keyring,
 		if ((shortcut->index_key[0] & ASSOC_ARRAY_FAN_MASK) != 0)
 			goto not_this_keyring;
 
-		ptr = ACCESS_ONCE(shortcut->next_node);
+		ptr = READ_ONCE(shortcut->next_node);
 		node = assoc_array_ptr_to_node(ptr);
 		goto begin_node;
 	}
@@ -740,7 +740,7 @@ static bool search_nested_keyrings(struct key *keyring,
 	if (assoc_array_ptr_is_shortcut(ptr)) {
 		shortcut = assoc_array_ptr_to_shortcut(ptr);
 		smp_read_barrier_depends();
-		ptr = ACCESS_ONCE(shortcut->next_node);
+		ptr = READ_ONCE(shortcut->next_node);
 		BUG_ON(!assoc_array_ptr_is_node(ptr));
 	}
 	node = assoc_array_ptr_to_node(ptr);
@@ -752,7 +752,7 @@ static bool search_nested_keyrings(struct key *keyring,
 ascend_to_node:
 	/* Go through the slots in a node */
 	for (; slot < ASSOC_ARRAY_FAN_OUT; slot++) {
-		ptr = ACCESS_ONCE(node->slots[slot]);
+		ptr = READ_ONCE(node->slots[slot]);
 
 		if (assoc_array_ptr_is_meta(ptr) && node->back_pointer)
 			goto descend_to_node;
@@ -790,13 +790,13 @@ static bool search_nested_keyrings(struct key *keyring,
 	/* We've dealt with all the slots in the current node, so now we need
 	 * to ascend to the parent and continue processing there.
 	 */
-	ptr = ACCESS_ONCE(node->back_pointer);
+	ptr = READ_ONCE(node->back_pointer);
 	slot = node->parent_slot;
 
 	if (ptr && assoc_array_ptr_is_shortcut(ptr)) {
 		shortcut = assoc_array_ptr_to_shortcut(ptr);
 		smp_read_barrier_depends();
-		ptr = ACCESS_ONCE(shortcut->back_pointer);
+		ptr = READ_ONCE(shortcut->back_pointer);
 		slot = shortcut->parent_slot;
 	}
 	if (!ptr)

  parent reply	other threads:[~2017-06-08 14:04 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-06-08 13:47 [PATCH 00/23] KEYS: Fixes David Howells
2017-06-08 13:47 ` [PATCH 01/23] security/keys: add CONFIG_KEYS_COMPAT to Kconfig David Howells
2017-06-08 13:47 ` David Howells [this message]
2017-06-08 13:47 ` [PATCH 03/23] KEYS: fix refcount_inc() on zero David Howells
2017-06-08 13:47 ` [PATCH 04/23] X.509: Fix error code in x509_cert_parse() David Howells
2017-06-08 13:47 ` [PATCH 05/23] KEYS: Delete an error message for a failed memory allocation in get_derived_key() David Howells
2017-06-08 13:48 ` [PATCH 06/23] KEYS: put keyring if install_session_keyring_to_cred() fails David Howells
2017-06-08 13:48 ` [PATCH 07/23] KEYS: encrypted: avoid encrypting/decrypting stack buffers David Howells
2017-06-08 13:48 ` [PATCH 08/23] KEYS: encrypted: fix buffer overread in valid_master_desc() David Howells
2017-06-08 13:48 ` [PATCH 09/23] KEYS: encrypted: fix race causing incorrect HMAC calculations David Howells
2017-06-08 13:48 ` [PATCH 10/23] KEYS: encrypted: use constant-time HMAC comparison David Howells
2017-06-08 13:48 ` [PATCH 11/23] KEYS: fix dereferencing NULL payload with nonzero length David Howells
2017-06-08 13:48 ` [PATCH 12/23] KEYS: fix freeing uninitialized memory in key_update() David Howells
2017-06-08 13:48 ` [PATCH 13/23] KEYS: sanitize add_key() and keyctl() key payloads David Howells
2017-06-08 13:49 ` [PATCH 14/23] KEYS: user_defined: sanitize " David Howells
2017-06-08 13:49 ` [PATCH 15/23] KEYS: encrypted: sanitize all key material David Howells
2017-06-08 13:49 ` [PATCH 16/23] KEYS: trusted: " David Howells
2017-06-08 13:49 ` [PATCH 17/23] KEYS: sanitize key structs before freeing David Howells
2017-06-08 13:49 ` [PATCH 18/23] KEYS: DH: forbid using digest_null as the KDF hash David Howells
2017-06-08 13:49 ` [PATCH 19/23] KEYS: DH: don't feed uninitialized "otherinfo" into KDF David Howells
2017-06-08 13:49 ` [PATCH 20/23] KEYS: DH: ensure the KDF counter is properly aligned David Howells
2017-06-08 13:49 ` [PATCH 21/23] KEYS: DH: add __user annotations to keyctl_kdf_params David Howells
2017-06-08 13:50 ` [PATCH 22/23] crypto : asymmetric_keys : verify_pefile:zero memory content before freeing David Howells
2017-06-08 13:50 ` [PATCH 23/23] KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API David Howells
2017-06-08 14:33 ` [PATCH 00/23] KEYS: Fixes James Morris
2017-06-08 14:49 ` David Howells

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=149692965438.11452.17954613433247309012.stgit@warthog.procyon.org.uk \
    --to=dhowells@redhat.com \
    --cc=dbueso@suse.de \
    --cc=jmorris@namei.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).