On 4/27/2023 3:50 AM, Ville Juven wrote:
Hi,

I agree totally that the contents of the stack allocated wait object (whatever) do not need validation, and the user of course cannot access / destroy the contents.

What I did not understand before inspecting the Linux kernel code, is how the wait list integrity is ensured when the stack allocated wait object (whatever) is destroyed. I did not understand where the list head resides. But after inspecting the Linux source more carefully I realized the global hash bucket contains the list head, so indeed it is safe to use a stack allocated list element, as long as the list is globally locked when inserting / removing.

I think I will not implement the hash bucket, I don't think O(n) complexity (insert) is acceptable for us, correct me if I'm wrong... ? Global locking also sounds kind of unnecessary. I'll do something else instead for the list heads. But this solution is workable I think.

Br,

Ville


+1   Low complexity/size is good for an RTOS.  I think that your solution should have the same level of security as the rest of the OS; and security-related embellishments should be systematic and uniform across the OS.

Reply via email to