From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:51556 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755057AbcEBSlq (ORCPT ); Mon, 2 May 2016 14:41:46 -0400 Subject: Patch "locking/mcs: Fix mcs_spin_lock() ordering" has been added to the 4.4-stable tree To: peterz@infradead.org, akpm@linux-foundation.org, gregkh@linuxfoundation.org, mingo@kernel.org, parri.andrea@gmail.com, paulmck@linux.vnet.ibm.com, tglx@linutronix.de, torvalds@linux-foundation.org, will.deacon@arm.com Cc: , From: Date: Mon, 02 May 2016 11:41:44 -0700 Message-ID: <1462214504249141@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled locking/mcs: Fix mcs_spin_lock() ordering to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: locking-mcs-fix-mcs_spin_lock-ordering.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From 920c720aa5aa3900a7f1689228fdfc2580a91e7e Mon Sep 17 00:00:00 2001 From: Peter Zijlstra Date: Mon, 1 Feb 2016 15:11:28 +0100 Subject: locking/mcs: Fix mcs_spin_lock() ordering From: Peter Zijlstra commit 920c720aa5aa3900a7f1689228fdfc2580a91e7e upstream. Similar to commit b4b29f94856a ("locking/osq: Fix ordering of node initialisation in osq_lock") the use of xchg_acquire() is fundamentally broken with MCS like constructs. Furthermore, it turns out we rely on the global transitivity of this operation because the unlock path observes the pointer with a READ_ONCE(), not an smp_load_acquire(). This is non-critical because the MCS code isn't actually used and mostly serves as documentation, a stepping stone to the more complex things we've build on top of the idea. Reported-by: Andrea Parri Signed-off-by: Peter Zijlstra (Intel) Cc: Andrew Morton Cc: Linus Torvalds Cc: Paul E. McKenney Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Will Deacon Fixes: 3552a07a9c4a ("locking/mcs: Use acquire/release semantics") Signed-off-by: Ingo Molnar Signed-off-by: Greg Kroah-Hartman --- kernel/locking/mcs_spinlock.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) --- a/kernel/locking/mcs_spinlock.h +++ b/kernel/locking/mcs_spinlock.h @@ -67,7 +67,13 @@ void mcs_spin_lock(struct mcs_spinlock * node->locked = 0; node->next = NULL; - prev = xchg_acquire(lock, node); + /* + * We rely on the full barrier with global transitivity implied by the + * below xchg() to order the initialization stores above against any + * observation of @node. And to provide the ACQUIRE ordering associated + * with a LOCK primitive. + */ + prev = xchg(lock, node); if (likely(prev == NULL)) { /* * Lock acquired, don't need to set node->locked to 1. Threads Patches currently in stable-queue which might be from peterz@infradead.org are queue-4.4/cgroup-make-sure-a-parent-css-isn-t-freed-before-its-children.patch queue-4.4/x86-edac-sb_edac.c-repair-damage-introduced-when-fixing-channel-address.patch queue-4.4/efi-expose-non-blocking-set_variable-wrapper-to-efivars.patch queue-4.4/sched-cgroup-fix-cleanup-cgroup-teardown-init.patch queue-4.4/asm-generic-futex-re-enable-preemption-in-futex_atomic_cmpxchg_inatomic.patch queue-4.4/x86-mce-avoid-using-object-after-free-in-genpool.patch queue-4.4/futex-handle-unlock_pi-race-gracefully.patch queue-4.4/locking-mcs-fix-mcs_spin_lock-ordering.patch queue-4.4/futex-acknowledge-a-new-waiter-in-counter-before-plist.patch queue-4.4/x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch