Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753849AbdGJL1p (ORCPT <rfc822;w@1wt.eu>);
        Mon, 10 Jul 2017 07:27:45 -0400
Received: from out02.mta.xmission.com ([166.70.13.232]:60227 "EHLO
        out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753610AbdGJL1n (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 10 Jul 2017 07:27:43 -0400
From: ebiederm@xmission.com (Eric W. Biederman)
To: Alexey Dobriyan <adobriyan@gmail.com>
Cc: "Reshetova\, Elena" <elena.reshetova@intel.com>,
        "linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "peterz\@infradead.org" <peterz@infradead.org>,
        "gregkh\@linuxfoundation.org" <gregkh@linuxfoundation.org>,
        "akpm\@linux-foundation.org" <akpm@linux-foundation.org>,
        "mingo\@redhat.com" <mingo@redhat.com>,
        "serge\@hallyn.com" <serge@hallyn.com>,
        "arozansk\@redhat.com" <arozansk@redhat.com>,
        "dave\@stgolabs.net" <dave@stgolabs.net>,
        "keescook\@chromium.org" <keescook@chromium.org>,
        Hans Liljestrand <ishkamiel@gmail.com>,
        David Windsor <dwindsor@gmail.com>
References: <1499417992-3238-1-git-send-email-elena.reshetova@intel.com>
        <1499417992-3238-2-git-send-email-elena.reshetova@intel.com>
        <87bmottgo4.fsf@xmission.com>
        <2236FBA76BA1254E88B949DDB74E612B6FF2269B@IRSMSX102.ger.corp.intel.com>
        <87k23gsn4u.fsf@xmission.com>
        <CACVxJT8cgQPWfMK-1zEfB07A5UhiCyvvzY4gy7hjUD0gA=izCQ@mail.gmail.com>
Date: Mon, 10 Jul 2017 06:19:32 -0500
In-Reply-To: <CACVxJT8cgQPWfMK-1zEfB07A5UhiCyvvzY4gy7hjUD0gA=izCQ@mail.gmail.com>
        (Alexey Dobriyan's message of "Mon, 10 Jul 2017 12:34:50 +0300")
Message-ID: <87ziccpmij.fsf@xmission.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-XM-SPF: eid=1dUWqX-0003IB-LE;;;mid=<87ziccpmij.fsf@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=67.3.213.87;;;frm=ebiederm@xmission.com;;;spf=neutral
X-XM-AID: U2FsdGVkX1+pzDiejADsJiGXJYrBpRPTlojo2/bMaHQ=
X-SA-Exim-Connect-IP: 67.3.213.87
X-SA-Exim-Mail-From: ebiederm@xmission.com
X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
        *  0.0 TVD_RCVD_IP Message was received from an IP address
        *  1.5 XMNoVowels Alpha-numberic number with no vowels
        *  0.7 XMSubLong Long Subject
        *  0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available.
        * -0.0 BAYES_40 BODY: Bayes spam probability is 20 to 40%
        *      [score: 0.2711]
        * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC
        *      [sa01 1397; Body=1 Fuz1=1 Fuz2=1]
        *  0.0 T_TooManySym_01 4+ unique symbols in subject
        *  0.0 T_TooManySym_02 5+ unique symbols in subject
X-Spam-DCC: XMission; sa01 1397; Body=1 Fuz1=1 Fuz2=1 
X-Spam-Combo: *;Alexey Dobriyan <adobriyan@gmail.com>
X-Spam-Relay-Country: 
X-Spam-Timing: total 5701 ms - load_scoreonly_sql: 0.05 (0.0%),
        signal_user_changed: 3.5 (0.1%), b_tie_ro: 2.4 (0.0%), parse: 1.25 (0.0%),
        extract_message_metadata: 30 (0.5%), get_uri_detail_list: 2.3 (0.0%),
        tests_pri_-1000: 14 (0.2%), tests_pri_-950: 2.0 (0.0%), tests_pri_-900: 1.62
        (0.0%), tests_pri_-400: 31 (0.6%), check_bayes: 30 (0.5%), b_tokenize: 12
        (0.2%), b_tok_get_all: 7 (0.1%), b_comp_prob: 3.9 (0.1%), b_tok_touch_all:
        2.2 (0.0%), b_finish: 0.78 (0.0%), tests_pri_0: 430 (7.5%),
        check_dkim_signature: 0.89 (0.0%), check_dkim_adsp: 4.4 (0.1%),
        tests_pri_500: 5182 (90.9%), poll_dns_idle: 5174 (90.8%), rewrite_mail: 0.00
        (0.0%)
Subject: Re: [PATCH 1/3] ipc: convert ipc_namespace.count from atomic_t to refcount_t
X-Spam-Flag: No
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1365
Lines: 37

Alexey Dobriyan <adobriyan@gmail.com> writes:

> On Mon, Jul 10, 2017 at 11:37 AM, Eric W. Biederman
> <ebiederm@xmission.com> wrote:
>> "Reshetova, Elena" <elena.reshetova@intel.com> writes:
>>
>> 2>> Elena Reshetova <elena.reshetova@intel.com> writes:
>>>>
>>>> > refcount_t type and corresponding API should be
>>>> > used instead of atomic_t when the variable is used as
>>>> > a reference counter. This allows to avoid accidental
>>>> > refcounter overflows that might lead to use-after-free
>>>> > situations.
>>>>
>>>> In this patch you can see all of the uses of the count.
>>>> What accidental refcount overflows are possible?
>>>
>>> Even if one can guarantee and prove that in the current implementation
>>> there are no overflows possible, we can't say that for
>>> sure for any future implementation. Bugs might always happen
>>> unfortunately, but if we convert the refcounter to a safer
>>> type we can be sure that overflows are not possible.
>>>
>>> Does it make sense to you?
>>
>> Not for code that is likely to remain unchanged for a decade no.
>>
>> This looks like a large set of unautomated changes without any real
>> thought put into it.  That almost always results in a typo somewhere
>> that breaks things.
>
> This is nonsense. The wrong code would simply emit a warning
> which are caught very quickly.

That depends on the typo.

Eric