~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/kernel/kcsan/permissive.h

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 /*
  3  * Special rules for ignoring entire classes of data-racy memory accesses. None
  4  * of the rules here imply that such data races are generally safe!
  5  *
  6  * All rules in this file can be configured via CONFIG_KCSAN_PERMISSIVE. Keep
  7  * them separate from core code to make it easier to audit.
  8  *
  9  * Copyright (C) 2019, Google LLC.
 10  */
 11 
 12 #ifndef _KERNEL_KCSAN_PERMISSIVE_H
 13 #define _KERNEL_KCSAN_PERMISSIVE_H
 14 
 15 #include <linux/bitops.h>
 16 #include <linux/sched.h>
 17 #include <linux/types.h>
 18 
 19 /*
 20  * Access ignore rules based on address.
 21  */
 22 static __always_inline bool kcsan_ignore_address(const volatile void *ptr)
 23 {
 24         if (!IS_ENABLED(CONFIG_KCSAN_PERMISSIVE))
 25                 return false;
 26 
 27         /*
 28          * Data-racy bitops on current->flags are too common, ignore completely
 29          * for now.
 30          */
 31         return ptr == &current->flags;
 32 }
 33 
 34 /*
 35  * Data race ignore rules based on access type and value change patterns.
 36  */
 37 static bool
 38 kcsan_ignore_data_race(size_t size, int type, u64 old, u64 new, u64 diff)
 39 {
 40         if (!IS_ENABLED(CONFIG_KCSAN_PERMISSIVE))
 41                 return false;
 42 
 43         /*
 44          * Rules here are only for plain read accesses, so that we still report
 45          * data races between plain read-write accesses.
 46          */
 47         if (type || size > sizeof(long))
 48                 return false;
 49 
 50         /*
 51          * A common pattern is checking/setting just 1 bit in a variable; for
 52          * example:
 53          *
 54          *      if (flags & SOME_FLAG) { ... }
 55          *
 56          * and elsewhere flags is updated concurrently:
 57          *
 58          *      flags |= SOME_OTHER_FLAG; // just 1 bit
 59          *
 60          * While it is still recommended that such accesses be marked
 61          * appropriately, in many cases these types of data races are so common
 62          * that marking them all is often unrealistic and left to maintainer
 63          * preference.
 64          *
 65          * The assumption in all cases is that with all known compiler
 66          * optimizations (including those that tear accesses), because no more
 67          * than 1 bit changed, the plain accesses are safe despite the presence
 68          * of data races.
 69          *
 70          * The rules here will ignore the data races if we observe no more than
 71          * 1 bit changed.
 72          *
 73          * Of course many operations can effecively change just 1 bit, but the
 74          * general assuption that data races involving 1-bit changes can be
 75          * tolerated still applies.
 76          *
 77          * And in case a true bug is missed, the bug likely manifests as a
 78          * reportable data race elsewhere.
 79          */
 80         if (hweight64(diff) == 1) {
 81                 /*
 82                  * Exception: Report data races where the values look like
 83                  * ordinary booleans (one of them was 0 and the 0th bit was
 84                  * changed) More often than not, they come with interesting
 85                  * memory ordering requirements, so let's report them.
 86                  */
 87                 if (!((!old || !new) && diff == 1))
 88                         return true;
 89         }
 90 
 91         return false;
 92 }
 93 
 94 #endif /* _KERNEL_KCSAN_PERMISSIVE_H */
 95
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php