lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 4 Apr 2017 08:55:55 -0700
From:   Kees Cook <keescook@...omium.org>
To:     "Moore, Robert" <robert.moore@...el.com>
Cc:     "Zheng, Lv" <lv.zheng@...el.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "Wysocki, Rafael J" <rafael.j.wysocki@...el.com>,
        Len Brown <lenb@...nel.org>,
        "linux-acpi@...r.kernel.org" <linux-acpi@...r.kernel.org>,
        "devel@...ica.org" <devel@...ica.org>,
        "Box, David E" <david.e.box@...el.com>,
        "Schmauss, Erik" <erik.schmauss@...el.com>
Subject: Re: [PATCH] ACPICA: use designated initializers

On Tue, Apr 4, 2017 at 8:02 AM, Moore, Robert <robert.moore@...el.com> wrote:
>> -----Original Message-----
>> From: keescook@...gle.com [mailto:keescook@...gle.com] On Behalf Of Kees
>> Cook
>> Sent: Monday, April 3, 2017 10:29 AM
>> To: Moore, Robert <robert.moore@...el.com>
>> Cc: Zheng, Lv <lv.zheng@...el.com>; linux-kernel@...r.kernel.org;
>> Wysocki, Rafael J <rafael.j.wysocki@...el.com>; Len Brown
>> <lenb@...nel.org>; linux-acpi@...r.kernel.org; devel@...ica.org
>> Subject: Re: [PATCH] ACPICA: use designated initializers
>>
>> On Fri, Mar 31, 2017 at 5:45 PM, Moore, Robert <robert.moore@...el.com>
>> wrote:
>> > Acpica is built with many compilers, even very old ones. It runs on at
>> least 12 known operating systems, and very probably more.
>> >
>> > I'm sorry, but no, we are not going to start adding compiler-specific
>> ifdefs/code in the base ACPICA code.
>> >
>> > I don't care what you do in the Linux-specific or gcc-specific
>> headers, however. If this breaks a customer build, we (you) will hear
>> about it rather quickly.
>>
>> Since the change is specific to the one place ACPICA uses an all-
>> function-pointer structure, I made the change local:
>>
>> https://github.com/acpica/acpica/pull/248
>>
>> would you rather this is in the .h files instead?
>>
>> -Kees
>>
>> --
>> Kees Cook
>> Pixel Security
>
>
>
>
> [Moore, Robert]
>
> I have some questions about this entire issue:
>
> + * Some compilers can handle designated initializers, which is needed
> + * under Linux kernel builds for structures that are entirely function
>   * pointers.
>
> I don't understand why this is coming up now, since ACPICA has been integrated with Linux for something like the last 15 years. It's the "which is needed under Linux kernel builds" wording that concerns me the most. Are you saying that the ACPICA build for Linux is broken and does not work?

I was trying to avoid being overly Linux-specific in the ACPICA commit
message. More accurately, this is "for future Linux builds using the
structure layout randomization plugin." That plugin will randomize the
layout of manually marked structures and automatically for structures
that are entirely function pointers. (And this acpica structure is one
noticed by the plugin.)

> Further, there are quite a few similar dispatch tables in ACPICA, why are these not a problem?

I can double-check, but I think this was the only one that showed up
in an x86 allyesconfig with the plugin enabled.

FWIW, I've been making these changes in lots of places, not just
ACPICA. ACPICA just has external requirements. :P

$ git log --oneline v4.9..next-20170404 | grep -i "designated initializers"
b3c829193253 reiserfs: use designated initializers
8291798dcf05 TOMOYO: Use designated initializers
f231aebfc4ca rbtree: use designated initializers
c4d27f4b4dc9 [media] solo6x10: use designated initializers
6351db2b4df3 [media] mtk-vcodec: use designated initializers
613e61a0252c drm/amdgpu: use designated initializers
8486adf0d755 apparmor: use designated initializers
7f6856b789ff RDMA/i40iw: use designated initializers
6554c9f7f749 RDMA/nes: use designated initializers
a641261e9998 video: fbdev: matroxfb: use designated initializers
6895aff47170 video: fbdev: sh_mobile_lcdcfb: use designated initializers
54e22bbf11ca staging: comedi: daqboard2000: use designated initializers
5f5fca6db3d3 scsi: cciss: use designated initializers
93380123fbb5 scsi: hpsa: use designated initializers
2fd2434c3f47 staging: lustre: ldlm: use designated initializers
f93a1c9e5e6a ALSA: synth: use designated initializers
2fa70bb9b564 drm/nouveau: use designated initializers
5ca16d8efa66 drm/vmwgfx: use designated initializers
4e98c378a137 drm/ttm: use designated initializers
c92f72370571 drm/ttm: use designated initializers
ffc7dc8d838c x86/floppy: Use designated initializers
e999cb43d51f net/x25: use designated initializers
ebf12f1320c7 isdn: use designated initializers
9751362a4fe7 bna: use designated initializers
aabd7ad94924 WAN: use designated initializers
9d1c0ca5e1d6 net: use designated initializers
99a5e178bde4 ATM: use designated initializers
4794195058b9 isdn/gigaset: use designated initializers


-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists