lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 07 Dec 2009 09:30:09 +0200
From:	Pekka Enberg <penberg@...helsinki.fi>
To:	Vegard Nossum <vegard.nossum@...il.com>
CC:	Andrew Morton <akpm@...ux-foundation.org>,
	Eric Dumazet <eric.dumazet@...il.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kmemcheck: make bitfield annotations truly no-ops when
 disabled

Vegard Nossum kirjoitti:
> It turns out that even zero-sized struct members (int foo[0];) will affect
> the struct layout, causing us in particular to lose 4 bytes in struct sock.
> 
> This patch fixes the regression in CONFIG_KMEMCHECK=n case.
> 
> Reported-by: Eric Dumazet <eric.dumazet@...il.com>
> Signed-off-by: Vegard Nossum <vegard.nossum@...il.com>

Acked-by: Pekka Enberg <penberg@...helsinki.fi>

> ---
>  include/linux/kmemcheck.h |  110 ++++++++++++++++++++++++---------------------
>  1 files changed, 58 insertions(+), 52 deletions(-)
> 
> Andrew: Compile tested on x86_32 and x86_64, but because of my bad track
> record when it comes to brown paper bugs, can you please keep this in -mm
> for a little while? Thanks.
> 
> diff --git a/include/linux/kmemcheck.h b/include/linux/kmemcheck.h
> index e880d4c..08d7dc4 100644
> --- a/include/linux/kmemcheck.h
> +++ b/include/linux/kmemcheck.h
> @@ -36,6 +36,56 @@ int kmemcheck_hide_addr(unsigned long address);
>  
>  bool kmemcheck_is_obj_initialized(unsigned long addr, size_t size);
>  
> +/*
> + * Bitfield annotations
> + *
> + * How to use: If you have a struct using bitfields, for example
> + *
> + *     struct a {
> + *             int x:8, y:8;
> + *     };
> + *
> + * then this should be rewritten as
> + *
> + *     struct a {
> + *             kmemcheck_bitfield_begin(flags);
> + *             int x:8, y:8;
> + *             kmemcheck_bitfield_end(flags);
> + *     };
> + *
> + * Now the "flags_begin" and "flags_end" members may be used to refer to the
> + * beginning and end, respectively, of the bitfield (and things like
> + * &x.flags_begin is allowed). As soon as the struct is allocated, the bit-
> + * fields should be annotated:
> + *
> + *     struct a *a = kmalloc(sizeof(struct a), GFP_KERNEL);
> + *     kmemcheck_annotate_bitfield(a, flags);
> + */
> +#define kmemcheck_bitfield_begin(name)	\
> +	int name##_begin[0];
> +
> +#define kmemcheck_bitfield_end(name)	\
> +	int name##_end[0];
> +
> +#define kmemcheck_annotate_bitfield(ptr, name)				\
> +	do {								\
> +		int _n;							\
> +									\
> +		if (!ptr)						\
> +			break;						\
> +									\
> +		_n = (long) &((ptr)->name##_end)			\
> +			- (long) &((ptr)->name##_begin);		\
> +		MAYBE_BUILD_BUG_ON(_n < 0);				\
> +									\
> +		kmemcheck_mark_initialized(&((ptr)->name##_begin), _n);	\
> +	} while (0)
> +
> +#define kmemcheck_annotate_variable(var)				\
> +	do {								\
> +		kmemcheck_mark_initialized(&(var), sizeof(var));	\
> +	} while (0)							\
> +
>  #else
>  #define kmemcheck_enabled 0
>  
> @@ -106,60 +156,16 @@ static inline bool kmemcheck_is_obj_initialized(unsigned long addr, size_t size)
>  	return true;
>  }
>  
> -#endif /* CONFIG_KMEMCHECK */
> -
> -/*
> - * Bitfield annotations
> - *
> - * How to use: If you have a struct using bitfields, for example
> - *
> - *     struct a {
> - *             int x:8, y:8;
> - *     };
> - *
> - * then this should be rewritten as
> - *
> - *     struct a {
> - *             kmemcheck_bitfield_begin(flags);
> - *             int x:8, y:8;
> - *             kmemcheck_bitfield_end(flags);
> - *     };
> - *
> - * Now the "flags_begin" and "flags_end" members may be used to refer to the
> - * beginning and end, respectively, of the bitfield (and things like
> - * &x.flags_begin is allowed). As soon as the struct is allocated, the bit-
> - * fields should be annotated:
> - *
> - *     struct a *a = kmalloc(sizeof(struct a), GFP_KERNEL);
> - *     kmemcheck_annotate_bitfield(a, flags);
> - *
> - * Note: We provide the same definitions for both kmemcheck and non-
> - * kmemcheck kernels. This makes it harder to introduce accidental errors. It
> - * is also allowed to pass NULL pointers to kmemcheck_annotate_bitfield().
> - */
> -#define kmemcheck_bitfield_begin(name)	\
> -	int name##_begin[0];
> -
> -#define kmemcheck_bitfield_end(name)	\
> -	int name##_end[0];
> +#define kmemcheck_bitfield_begin(name)
> +#define kmemcheck_bitfield_end(name)
> +#define kmemcheck_annotate_bitfield(ptr, name)	\
> +	do {					\
> +	} while (0)
>  
> -#define kmemcheck_annotate_bitfield(ptr, name)				\
> -	do {								\
> -		int _n;							\
> -									\
> -		if (!ptr)						\
> -			break;						\
> -									\
> -		_n = (long) &((ptr)->name##_end)			\
> -			- (long) &((ptr)->name##_begin);		\
> -		MAYBE_BUILD_BUG_ON(_n < 0);				\
> -									\
> -		kmemcheck_mark_initialized(&((ptr)->name##_begin), _n);	\
> +#define kmemcheck_annotate_variable(var)	\
> +	do {					\
>  	} while (0)
>  
> -#define kmemcheck_annotate_variable(var)				\
> -	do {								\
> -		kmemcheck_mark_initialized(&(var), sizeof(var));	\
> -	} while (0)							\
> +#endif /* CONFIG_KMEMCHECK */
>  
>  #endif /* LINUX_KMEMCHECK_H */

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ