From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: "Måns Rullgård" <mans@mansr.com>
Cc: Christian Riesch <christian.riesch@omicron.at>,
Jiri Slaby <jslaby@suse.cz>,
linux-kernel@vger.kernel.org,
Peter Hurley <peter@hurleysoftware.com>,
stable@vger.kernel.org
Subject: Re: [PATCH] n_tty: Add memory barrier to fix race condition in receive path
Date: Thu, 6 Nov 2014 12:56:44 -0800 [thread overview]
Message-ID: <20141106205644.GA31435@kroah.com> (raw)
In-Reply-To: <yw1xwq78jbr6.fsf@unicorn.mansr.com>
On Thu, Nov 06, 2014 at 08:49:01PM +0000, Måns Rullgård wrote:
> Greg Kroah-Hartman <gregkh@linuxfoundation.org> writes:
>
> > On Thu, Nov 06, 2014 at 12:39:59PM +0100, Christian Riesch wrote:
> >> The current implementation of put_tty_queue() causes a race condition
> >> when re-arranged by the compiler.
> >>
> >> On my build with gcc 4.8.3, cross-compiling for ARM, the line
> >>
> >> *read_buf_addr(ldata, ldata->read_head++) = c;
> >>
> >> was re-arranged by the compiler to something like
> >>
> >> x = ldata->read_head
> >> ldata->read_head++
> >> *read_buf_addr(ldata, x) = c;
> >>
> >> which causes a race condition. Invalid data is read if data is read
> >> before it is actually written to the read buffer.
> >
> > Really? A compiler can rearange things like that and expect things to
> > actually work? How is that valid?
>
> This is actually required by the C spec. There is a sequence point
> before a function call, after the arguments have been evaluated. Thus
> all side-effects, such as the post-increment, must be complete before
> the function is called, just like in the example.
>
> There is no "re-arranging" here. The code is simply wrong.
Ah, ok, time to dig out the C spec...
Anyway, because of this, no need for the wmb() calls, just rearrange the
logic and all should be good, right? Christian, can you test that
instead?
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: "Måns Rullgård" <mans@mansr.com>
Cc: Christian Riesch <christian.riesch@omicron.at>,
Jiri Slaby <jslaby@suse.cz>,
linux-kernel@vger.kernel.org,
Peter Hurley <peter@hurleysoftware.com>,
stable@vger.kernel.org
Subject: Re: [PATCH] n_tty: Add memory barrier to fix race condition in receive path
Date: Thu, 6 Nov 2014 12:56:44 -0800 [thread overview]
Message-ID: <20141106205644.GA31435@kroah.com> (raw)
In-Reply-To: <yw1xwq78jbr6.fsf@unicorn.mansr.com>
On Thu, Nov 06, 2014 at 08:49:01PM +0000, M�ns Rullg�rd wrote:
> Greg Kroah-Hartman <gregkh@linuxfoundation.org> writes:
>
> > On Thu, Nov 06, 2014 at 12:39:59PM +0100, Christian Riesch wrote:
> >> The current implementation of put_tty_queue() causes a race condition
> >> when re-arranged by the compiler.
> >>
> >> On my build with gcc 4.8.3, cross-compiling for ARM, the line
> >>
> >> *read_buf_addr(ldata, ldata->read_head++) = c;
> >>
> >> was re-arranged by the compiler to something like
> >>
> >> x = ldata->read_head
> >> ldata->read_head++
> >> *read_buf_addr(ldata, x) = c;
> >>
> >> which causes a race condition. Invalid data is read if data is read
> >> before it is actually written to the read buffer.
> >
> > Really? A compiler can rearange things like that and expect things to
> > actually work? How is that valid?
>
> This is actually required by the C spec. There is a sequence point
> before a function call, after the arguments have been evaluated. Thus
> all side-effects, such as the post-increment, must be complete before
> the function is called, just like in the example.
>
> There is no "re-arranging" here. The code is simply wrong.
Ah, ok, time to dig out the C spec...
Anyway, because of this, no need for the wmb() calls, just rearrange the
logic and all should be good, right? Christian, can you test that
instead?
thanks,
greg k-h
next prev parent reply other threads:[~2014-11-06 20:56 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-06 11:39 [PATCH] n_tty: Add memory barrier to fix race condition in receive path Christian Riesch
2014-11-06 20:38 ` Greg Kroah-Hartman
2014-11-06 20:49 ` Måns Rullgård
2014-11-06 20:49 ` Måns Rullgård
2014-11-06 20:56 ` Greg Kroah-Hartman [this message]
2014-11-06 20:56 ` Greg Kroah-Hartman
2014-11-06 21:01 ` Måns Rullgård
2014-11-06 21:01 ` Måns Rullgård
2014-11-06 21:17 ` Greg Kroah-Hartman
2014-11-06 21:17 ` Greg Kroah-Hartman
2014-11-06 21:38 ` Måns Rullgård
2014-11-06 21:38 ` Måns Rullgård
2014-11-06 22:02 ` Greg Kroah-Hartman
2014-11-06 22:02 ` Greg Kroah-Hartman
2014-11-06 22:12 ` Måns Rullgård
2014-11-06 22:12 ` Måns Rullgård
2014-11-06 22:31 ` Greg Kroah-Hartman
2014-11-06 22:31 ` Greg Kroah-Hartman
2014-11-06 22:54 ` Måns Rullgård
2014-11-06 22:54 ` Måns Rullgård
2014-11-07 6:50 ` Christian Riesch
2014-11-07 13:45 ` Peter Hurley
2014-12-30 19:02 ` Denis Du
2014-12-30 19:18 ` Peter Hurley
2014-11-06 21:40 ` Christian Riesch
2014-11-10 7:51 ` Christian Riesch
2014-11-10 9:25 ` Måns Rullgård
2014-11-10 9:25 ` Måns Rullgård
2014-11-10 9:38 ` Christian Riesch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141106205644.GA31435@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=christian.riesch@omicron.at \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mans@mansr.com \
--cc=peter@hurleysoftware.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.