crypto/threads_pthread.c: refactor all atomics fallbacks for type safety #24123
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The atomics fallbacks were using 'void *' as a generic transport for all possible scalar and pointer types, with the hypothesis that a pointer is as large as the largest possible scalar type that we would use. Then enters the use of uint64_t, which is larger than a pointer on any 32-bit system (or any system that has 32-bit pointer configurations). We could of course choose a larger type as a generic transport. However, that only pushes the problem forward in time... and it's still a hack. It's therefore safer to reimplement the fallbacks per type that atomics are used for, and deal with missing per type fallbacks when the need arrises in the future. For test build purposes, the macro USE_ATOMIC_FALLBACKS is introduced. If OpenSSL is configured with '-DUSE_ATOMIC_FALLBACKS', the fallbacks will be used, unconditionally. Fixes openssl#24096
levitte
added
branch: master
github-actions
bot
added
the
severity: fips change
|
LGTM, thanks for doing this |
levitte
added
approval: review pending
|
This PR cherry-picked on top of the openssl-3.3 branch builds fine on VMS, and most of all, |
nhorman
approved these changes
Apr 12, 2024
t8m
removed
the
approval: review pending
t8m
approved these changes
Apr 15, 2024
t8m
added
approval: done
openssl-machine
added
approval: ready to merge
|
This pull request is ready to merge |
|
Merged to the master and 3.3 branches. Thank you. |
openssl-machine
pushed a commit
that referenced
this pull request
Apr 16, 2024
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24123)
openssl-machine
pushed a commit
that referenced
this pull request
Apr 16, 2024
The atomics fallbacks were using 'void *' as a generic transport for all possible scalar and pointer types, with the hypothesis that a pointer is as large as the largest possible scalar type that we would use. Then enters the use of uint64_t, which is larger than a pointer on any 32-bit system (or any system that has 32-bit pointer configurations). We could of course choose a larger type as a generic transport. However, that only pushes the problem forward in time... and it's still a hack. It's therefore safer to reimplement the fallbacks per type that atomics are used for, and deal with missing per type fallbacks when the need arrises in the future. For test build purposes, the macro USE_ATOMIC_FALLBACKS is introduced. If OpenSSL is configured with '-DUSE_ATOMIC_FALLBACKS', the fallbacks will be used, unconditionally. Fixes #24096 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24123)
openssl-machine
pushed a commit
that referenced
this pull request
Apr 16, 2024
The atomics fallbacks were using 'void *' as a generic transport for all possible scalar and pointer types, with the hypothesis that a pointer is as large as the largest possible scalar type that we would use. Then enters the use of uint64_t, which is larger than a pointer on any 32-bit system (or any system that has 32-bit pointer configurations). We could of course choose a larger type as a generic transport. However, that only pushes the problem forward in time... and it's still a hack. It's therefore safer to reimplement the fallbacks per type that atomics are used for, and deal with missing per type fallbacks when the need arrises in the future. For test build purposes, the macro USE_ATOMIC_FALLBACKS is introduced. If OpenSSL is configured with '-DUSE_ATOMIC_FALLBACKS', the fallbacks will be used, unconditionally. Fixes #24096 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #24123) (cherry picked from commit a02077d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The atomics fallbacks were using
void *as a generic transport for allpossible scalar and pointer types, with the hypothesis that a pointer is
as large as the largest possible scalar type that we would use.
Then enters the use of
uint64_t, which is larger than a pointer on any32-bit system (or any system that has 32-bit pointer configurations).
We could of course choose a larger type as a generic transport. However,
that only pushes the problem forward in time... and it's still a hack.
It's therefore safer to reimplement the fallbacks per type that atomics
are used for, and deal with missing per type fallbacks when the need
arrises in the future.
For test build purposes, the macro
USE_ATOMIC_FALLBACKSis introduced.If OpenSSL is configured with
-DUSE_ATOMIC_FALLBACKS, the fallbackswill be used, unconditionally.
Fixes #24096