lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 22 Sep 2022 20:55:01 -0400
From:   Siddhesh Poyarekar <siddhesh@...plt.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     linux-hardening@...r.kernel.org,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Arnd Bergmann <arnd@...db.de>, Juergen Gross <jgross@...e.com>,
        Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Tom Rix <trix@...hat.com>, Miguel Ojeda <ojeda@...nel.org>,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH 0/4] fortify: Use __builtin_dynamic_object_size() when
 available

On 2022-09-22 20:20, Kees Cook wrote:
> Yeah, this could be another interest set of additions. It seems like it
> might be more "coder friendly" if, in the future that has the
> __element_count__ attribute, it could be used in function parameters
> too, like:
> 
> If we had:
> 
> int do_something(struct context *ctx, u32 *data, int count)
> 
> this seems less easy to read to me:
> 
> int __access(read_write, 2, 3) do_something(struct context *ctx, u32 *data, int count)
> 
> as this seems more readable to me, though I guess the access-mode
> information is lost:
> 
> int do_something(struct context *ctx, u32 * __element_count(count) data, int count)

It doesn't *have* to lose access mode info:

int do_something(struct context *ctx,
		 u32 * __element_count(count, __read_only__) data,
		 int count)
{
...
}

where omitting the access mode could imply __read_write__.

Thanks,
Sid

Powered by blists - more mailing lists