Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <76f3b894980d4a79a2c0ae815425d6a0@AcuMS.aculab.com>
Date: Mon, 1 Apr 2019 15:28:35 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Alan Stern' <stern@...land.harvard.edu>, Oleg Nesterov <oleg@...hat.com>
CC: "Paul E. McKenney" <paulmck@...ux.ibm.com>, Jann Horn <jannh@...gle.com>,
	Joel Fernandes <joel@...lfernandes.org>, Kees Cook <keescook@...omium.org>,
	"Eric W. Biederman" <ebiederm@...ssion.com>, LKML
	<linux-kernel@...r.kernel.org>, Android Kernel Team
	<kernel-team@...roid.com>, Kernel Hardening
	<kernel-hardening@...ts.openwall.com>, Andrew Morton
	<akpm@...ux-foundation.org>, Matthew Wilcox <willy@...radead.org>, "Michal
 Hocko" <mhocko@...e.com>, "Reshetova, Elena" <elena.reshetova@...el.com>
Subject: RE: [PATCH] Convert struct pid count to refcount_t

From: Alan Stern
> Sent: 29 March 2019 19:45
...
> There is a big difference between WRITE_ONCE() and plain assignment.
> Given "WRITE_ONCE(X, 2)", the compiler will emit a simple store
> instruction.  But given "X = 2", the compiler is allowed to emit
> instructions equivalent to:
> 
> 	if (X != 2)
> 		X = 2;

Worse for you, it can also emit:
	X = 0;
	X = 2;

Many years ago I fell foul of a compiler (not C) that implemented
a write to a 2 bit wide bitfield as:
	X &= ~3
	X |= value
even when 'value' was a compile time constant of 3.
Took a while to find out why the linked list got f*cked.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.