lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Jan 2022 12:43:57 -0800 From: Kees Cook <keescook@...omium.org> To: Jonathan Corbet <corbet@....net> Cc: Kees Cook <keescook@...omium.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Martin Uecker <Martin.Uecker@....uni-goettingen.de>, Ingo Molnar <mingo@...nel.org>, Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, Rikard Falkeborn <rikard.falkeborn@...il.com>, Arnd Bergmann <arnd@...db.de>, linux-doc@...r.kernel.org, Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>, Andrew Morton <akpm@...ux-foundation.org>, Andy Shevchenko <andy.shevchenko@...il.com>, Nick Desaulniers <ndesaulniers@...gle.com>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: [PATCH] linux/const.h: Explain how __is_constexpr() works The __is_constexpr() macro is dark magic. Shed some light on it with a comment to explain how and why it works. Cc: Jonathan Corbet <corbet@....net> Cc: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Martin Uecker <Martin.Uecker@....uni-goettingen.de> Cc: Ingo Molnar <mingo@...nel.org> Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com> Cc: Rikard Falkeborn <rikard.falkeborn@...il.com> Cc: Arnd Bergmann <arnd@...db.de> Cc: linux-doc@...r.kernel.org Signed-off-by: Kees Cook <keescook@...omium.org> --- Jon, since this is pure comment, do you want to take it through the docs tree? --- include/linux/const.h | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/include/linux/const.h b/include/linux/const.h index 435ddd72d2c4..7122d6a1f8ce 100644 --- a/include/linux/const.h +++ b/include/linux/const.h @@ -7,6 +7,30 @@ * This returns a constant expression while determining if an argument is * a constant expression, most importantly without evaluating the argument. * Glory to Martin Uecker <Martin.Uecker@....uni-goettingen.de> + * + * Details: + * - sizeof() is an integer constant expression, and does not evaluate the + * value of its operand; it only examines the type of its operand. + * - The results of comparing two integer constant expressions is also + * an integer constant expression. + * - The use of literal "8" is to avoid warnings about unaligned pointers; + * these could otherwise just be "1"s. + * - (long)(x) is used to avoid warnings about 64-bit types on 32-bit + * architectures. + * - The C standard defines an "integer constant expression" as different + * from a "null pointer constant" (an integer constant 0 pointer). + * - The conditional operator ("... ? ... : ...") returns the type of the + * operand that isn't a null pointer constant. This behavior is the + * central mechanism of the macro. + * - If (x) is an integer constant expression, then the "* 0l" resolves it + * into a null pointer constant, which forces the conditional operator + * to return the type of the last operand: "(int *)". + * - If (x) is not an integer constant expression, then the type of the + * conditional operator is from the first operand: "(void *)". + * - sizeof(int) == 4 and sizeof(void) == 1. + * - The ultimate comparison to "sizeof(int)" chooses between either: + * sizeof(*((int *) (8)) == sizeof(int) (x was a constant expression) + * sizeof(*((void *)(8)) == sizeof(void) (x was not a constant expression) */ #define __is_constexpr(x) \ (sizeof(int) == sizeof(*(8 ? ((void *)((long)(x) * 0l)) : (int *)8))) -- 2.30.2
Powered by blists - more mailing lists