lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200901022024.07293.vapier@gentoo.org>
Date:	Fri, 2 Jan 2009 20:24:06 -0500
From:	Mike Frysinger <vapier@...too.org>
To:	Arnd Bergmann <arnd@...db.de>
Cc:	Sam Ravnborg <sam@...nborg.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] headers_install.pl: autoconvert asm/inline/volatile to __xxx__

On Friday 02 January 2009 18:20:34 Arnd Bergmann wrote:
> On Wednesday 31 December 2008, Mike Frysinger wrote:
> > On Wednesday 31 December 2008 12:15:07 Arnd Bergmann wrote:
> > > On Saturday 27 December 2008, Mike Frysinger wrote:
> > > > Headers in userspace should be using the __xxx__ form of the asm,
> > > > inline, and volatile keywords.  Since people like to revert these
> > > > things without realizing what's going on, have the headers install
> > > > step autoconvert these keywords.
> > >
> > > The patch looks right, but I would argue that most of the instances of
> > > any of these should not be exported in the first place. I'm not
> > > sure whether there is a legitimate use for the byteorder inlines,
> > > but the others I could find look like they are not meant for use by the
> > > kernel.
> >
> > maybe, but those threads are going to take quite a while to resolve and
> > things will constantly leak back out.
>
> I guess I forgot to make my main point, I'm not arguing against your patch
> at all, but would also like to see another patch to headers_check.pl that
> warns about all instances of the __asm__, __inline__ and volatile keywords,
> possibly with a list of known good cases.

how would you propose maintaining said list ?  attempting to maintain external 
to the file in question will just lead to rot (since we dont want to whitelist 
entire files, and we cant track line numbers, and we cant detect where the 
keyword is being used in terms of macro/function) ... that leaves two choices 
that i can think of:
 - a new __asm_userok__ type marker
 - adding a simple /* userok */ comment we can filter in the perl regex

neither of which sounds entire pleasant either ...
-mike

Download attachment "signature.asc " of type "application/pgp-signature" (836 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ