Received: by 10.223.176.5 with SMTP id f5csp3913289wra;
        Mon, 29 Jan 2018 22:30:06 -0800 (PST)
X-Google-Smtp-Source: AH8x224YA3bRaYRDl8qGJhknkMaAGILNEKeVpCQb5XKUnGlSUtocyHjlaooEhTK1VweM/2Ppif6y
X-Received: by 2002:a17:902:6e4:: with SMTP id 91-v6mr23195834plh.26.1517293806450;
        Mon, 29 Jan 2018 22:30:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517293806; cv=none;
        d=google.com; s=arc-20160816;
        b=vsmream9FQNDsNPRZWXMtw3jX4LGwrXG9JUylSvr+o9r+ZNppXVxhcUU4pyyjMkQ6X
         xY02EfmSJ4NdFtlSxLyGG6IGdt9/ukAR0TnoA5gBeitZhQbiMxYNoR9N4/K/gL3Hmdqq
         K5HYyy1jRihq7KuuLtzJfojeykX84sgxgSyM/t3M4amWtUT1tZMBdzcO8/IKqaeTGgQJ
         Hv64goI8bjwpR1ndSCCWjHpg8I0xLWqXpVWkfaqT3nbgfR0E91bw8qxdYf3T9H9gLQwD
         t7i04/wlYZVOdJYAbcuDJQg0Mlg8blpNjBaM9AIFTHb4Yw42nE4WNqL5gF3byUD0IAdW
         alBw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=RPwJVY9WhUU9JxsVgh7J5KcZGnkXaETounV378NGsHA=;
        b=zn/CCyMKfRmslIklWjTbOuDEkg52QSMPwCL0whOD7LloMEv70wH5ooAsVLwOnm10Qn
         MWtx5esHXBHqK1OfLlQY6/pofSss2bkJo2BvWQgF45AasmhmNa81pSuCjTtvFOAxZvVp
         KfPNrFVDtVGzlJJTqTD48SmyZMaAK27gOqgX9xc72IMDv0ilEH4078M5RU3UtawHr+Tk
         kmi0yaGWDZ/3Ge8w4iHHfKUg5OdRqg4HyNHTvQuvRhNZkH5gGWOz73RFIhLBQ2a6TUeK
         pO47x5jszFq1IqAdQow6bmzfH2DBzpyx+oOtfYCSYf65jw3S9JBzgw2l5z1Up8mB5QZI
         zNYQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=ehLnMaq1;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h189si1046885pgc.784.2018.01.29.22.29.50;
        Mon, 29 Jan 2018 22:30:06 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=ehLnMaq1;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752830AbeA3G3S (ORCPT <rfc822;vladislav.valtchev@gmail.com>
        + 99 others); Tue, 30 Jan 2018 01:29:18 -0500
Received: from mail-ot0-f173.google.com ([74.125.82.173]:37098 "EHLO
        mail-ot0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752787AbeA3G3P (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 30 Jan 2018 01:29:15 -0500
Received: by mail-ot0-f173.google.com with SMTP id a24so8960425otd.4
        for <linux-kernel@vger.kernel.org>; Mon, 29 Jan 2018 22:29:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=intel-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=RPwJVY9WhUU9JxsVgh7J5KcZGnkXaETounV378NGsHA=;
        b=ehLnMaq1fvIsQQub+CpymhyQtM05fJbxd3Dt1xq5rpG6qpomM9zbmtX0Nob+t3LKRI
         gxx51H0LNPaPtnUXHAfu6maOMlGbfpJRtJmkTj1axX5vwA8LI8FUAMvc6IAeEUbYe5BD
         rKFGHr4Yq2ZpfSQvovThQTqfDuOym32x787cSJQp/sGLEGU/Cr4JkACRRGPyUvuF1Rvm
         9XXkmE3+d6nNBRMbDgSvEoyw/t/pNCpk4zn0M45bcsPBU0CFpb2eD2tF2k1pSMmgiRlI
         yx7iFhDkflI7UA2ZmyYGlQk6M5nCkp/rYg5Fs6/Ilo2KDfJj9Wh7lbcOOo6IL2KzBd9L
         yqLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=RPwJVY9WhUU9JxsVgh7J5KcZGnkXaETounV378NGsHA=;
        b=GKPeb3+uOVOYDZbNVduL+N6Rd+dNe9Q/AstIFat+mX95sByldBJP+Sx6OqvLG2fg+9
         rjiP9SzpjhaiYosXl2KsWUmBcLQIHiparJTF5iV8/ZO6eM5r+4z4hOHXB0DVqJeWYgdm
         1oqE3pGs8AAzTr3IB4Q0LsRDTsuzkKOQD27NGrmbW3tSLewJLvn1KZFvBX+fA77Jt5PQ
         w19d7DyIC5VXvzsGJ9dYCjiCVwRM9OxZ4hcUROdSkejz2B8pdOPefS9npzeanq+nb7Ry
         iFGbMgEp5gjLYImsHIUWYBsJn0J9HCfo9gFUAB7a82p+YcNHtLcRSp5Cr3HUvuKWQsHa
         GEyg==
X-Gm-Message-State: AKwxytdClx4MRbbCk9qS6tatKqpph+B5ypE0t8Yc+Bk1/o/RhywXHdqa
        blJm8U7atYjUOchCVx7/zfp8qVzbdeT3TuQRPcJ7aA==
X-Received: by 10.157.0.102 with SMTP id 93mr20658372ota.175.1517293755044;
 Mon, 29 Jan 2018 22:29:15 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.62.91 with HTTP; Mon, 29 Jan 2018 22:29:12 -0800 (PST)
In-Reply-To: <alpine.DEB.2.20.1801281931180.2126@nanos>
References: <151703971300.26578.1185595719337719486.stgit@dwillia2-desk3.amr.corp.intel.com>
 <151703972396.26578.7326612698912543866.stgit@dwillia2-desk3.amr.corp.intel.com>
 <20180128085500.djlm5rlbhjlpfj4i@gmail.com> <CAPcyv4jTaskPT1qXhdCO2mWVkcaMDMBq12vUJ_hSfjOU49qvgQ@mail.gmail.com>
 <alpine.DEB.2.20.1801281931180.2126@nanos>
From:   Dan Williams <dan.j.williams@intel.com>
Date:   Mon, 29 Jan 2018 22:29:12 -0800
Message-ID: <CAPcyv4hSZ7=+076s+fmJ0HQ293H4X8829-LTrbvd8ZqJygGV6A@mail.gmail.com>
Subject: Re: [PATCH v5 02/12] array_idx: sanitize speculative array de-references
To:     Thomas Gleixner <tglx@linutronix.de>
Cc:     Ingo Molnar <mingo@kernel.org>,
        linux-arch <linux-arch@vger.kernel.org>,
        Cyril Novikov <cnovikov@lynx.com>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Catalin Marinas <catalin.marinas@arm.com>,
        X86 ML <x86@kernel.org>, Will Deacon <will.deacon@arm.com>,
        Russell King <linux@armlinux.org.uk>,
        Ingo Molnar <mingo@redhat.com>,
        Greg KH <gregkh@linuxfoundation.org>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Alan Cox <alan@linux.intel.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Jan 28, 2018 at 10:36 AM, Thomas Gleixner <tglx@linutronix.de> wrote:
> On Sun, 28 Jan 2018, Dan Williams wrote:
>> On Sun, Jan 28, 2018 at 12:55 AM, Ingo Molnar <mingo@kernel.org> wrote:
>> >> + */
>> >> +#define array_idx(idx, sz)                                           \
>> >> +({                                                                   \
>> >> +     typeof(idx) _i = (idx);                                         \
>> >> +     typeof(sz) _s = (sz);                                           \
>> >> +     unsigned long _mask = array_idx_mask(_i, _s);                   \
>> >> +                                                                     \
>> >> +     BUILD_BUG_ON(sizeof(_i) > sizeof(long));                        \
>> >> +     BUILD_BUG_ON(sizeof(_s) > sizeof(long));                        \
>> >> +                                                                     \
>> >> +     _i &= _mask;                                                    \
>> >> +     _i;                                                             \
>> >> +})
>> >> +#endif /* __NOSPEC_H__ */
>> >
>> > For heaven's sake, please name a size variable as 'size', not 'sz'. We don't have
>> > a shortage of characters and can deobfuscate common primitives, can we?
>> >
>> > Also, beyond the nits, I also hate the namespace here. We have a new generic
>> > header providing two new methods:
>> >
>> >         #include <linux/nospec.h>
>> >
>> >         array_idx_mask()
>> >         array_idx()
>> >
>> > which is then optimized for x86 in asm/barrier.h. That's already a non-sequitor.
>> >
>> > Then we introduce uaccess API variants with a _nospec() postfix.
>> >
>> > Then we add ifence() to x86.
>> >
>> > There's no naming coherency to this.
>>
>> Ingo, I love you, but please take the incredulity down a bit,
>> especially when I had 'nospec' in all the names in v1. Thomas, Peter,
>> and Alexei wanted s/nospec_barrier/ifence/ and
>
> Sorry, I never was involved in that discussion.
>
>> s/array_idx_nospec/array_idx/. You can always follow on with a patch
>> to fix up the names and placements to your liking. While they'll pick
>> on my name choices, they won't pick on yours, because I simply can't
>> be bothered to care about a bikeshed color at this point after being
>> bounced around for 5 revisions of this patch set.
>
> Oh well, we really need this kind of attitude right now. We are all fed up
> with that mess, but Ingo and I care about the details, consistency and
> general code quality beyond the current rush to get stuff solved. It's our
> damned job as maintainers.

Of course, and everything about the technical feedback and suggestions
was completely valid, on point, and made the patches that much better.
What wasn't appreciated and what I am tired of grinning and bearing is
the idea that it's only the maintainer that can show emotion, that
it's only the maintainer that can be exasperated and burnt out.

For example, I would have spun v6 the same day (same hour?) had the
mail started, "hey I'm late to the party, why aren't all these helpers
in a new _nospec namespace?". I might have pointed to the mails from
Peter about ifence being his preferred name for a speculation barrier
and Alexei's request to drop nospec [1] and moved on because naming is
a maintainer's prerogative.

> If you decide you don't care anymore, please let me know, so I can try to
> free up some cycles to pick up the stuff from where you decided to dump it.

Care is a two way street. I respect yours and Ingo's workload, please
respect mine.

[1]: https://lkml.org/lkml/2018/1/9/1232