On 08-Feb-02 Terry Lambert wrote:
> Since the reference count is positive in both cases, an
> unlocked pointer comparison is fine.  In the case where
> there is a race on a credential change in the unlocked
> value, that race exists in the calling code, anyway.  The
> failure case in a change for->to instead of to->from is
> also safe, since the pointers will be inequal during the
> update, the lock will be held during the update, so the
> subsequent release and regrab with the increment never
> dropping below 1.

No, an unlocked compare is _not_ ok.  What if the p_ucred pointer was changed
on some other processor by another thread from this processor?  Without a lock
you don't have a guarantee that that other processor's writes are visible to
you.  We really don't want to be using stale credentials for syscalls given the
past history of race conditions involving credentials.  If in the future it is
deemed that getting a stale cred is an acceptable race, then this can be
optimized then, but for now we had better get it right.

FreeBSD doesn't run on just the i386 anymore, we have Alpha, ia64, and sparc64
SMP machines to deal with as well.


John Baldwin <[EMAIL PROTECTED]>  <><  http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to