Re: [PATCH net-next 05/12] ptr_ring: disallow lockless __ptr_ring_full

From: Jason Wang
Date: Mon Jan 29 2018 - 02:10:13 EST




On 2018å01æ29æ 12:41, Michael S. Tsirkin wrote:
On Mon, Jan 29, 2018 at 11:36:09AM +0800, Jason Wang wrote:

On 2018å01æ26æ 10:46, Michael S. Tsirkin wrote:
On 2018å01æ26æ 07:36, Michael S. Tsirkin wrote:
Similar to bcecb4bbf88a ("net: ptr_ring: otherwise safe empty checks can
overrun array bounds") a lockless use of __ptr_ring_full might
cause an out of bounds access.

We can fix this, but it's easier to just disallow lockless
__ptr_ring_full for now.
It looks to me that just fix this is better than disallow through doc (which
is easily to be ignored ...).

Thanks
lockless is tricky, and I'd rather not sprinkle READ/WRITE_ONCE where
they aren't necessary.

The problem is then API looks a little bit strange. Lockless were only
allowed to be done at __ptr_ring_empty() but not __ptr_ring_full().

Thanks
So __ptr_ring_empty doesn't really work lockless. It merely does not crash.
I don't believe we can do anything to remove the need to read the
docs unless people use the safe non __ variants.


Ok, then I will ack the series.

Thanks