* Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Wed, 6 May 2015 19:50:24 +0200 David Hildenbrand <dahi@xxxxxxxxxxxxxxxxxx> wrote:
>
> > As Peter asked me to also do the decoupling in one shot, this is
> > the new series.
> >
> > I recently discovered that might_fault() doesn't call might_sleep()
> > anymore. Therefore bugs like:
> >
> > spin_lock(&lock);
> > rc = copy_to_user(...);
> > spin_unlock(&lock);
> >
> > would not be detected with CONFIG_DEBUG_ATOMIC_SLEEP. The code was
> > changed to disable false positives for code like:
> >
> > pagefault_disable();
> > rc = copy_to_user(...);
> > pagefault_enable();
> >
> > Whereby the caller wants do deal with failures.
>
> hm, that was a significant screwup. I wonder how many bugs we
> subsequently added.
So I'm wondering what the motivation was to allow things like:
pagefault_disable();
rc = copy_to_user(...);
pagefault_enable();
and to declare it a false positive?
AFAICS most uses are indeed atomic:
pagefault_disable();
ret = futex_atomic_cmpxchg_inatomic(curval, uaddr, uval, newval);
pagefault_enable();
so why not make it explicitly atomic again?
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-arch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
