lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a798561d24c486d31063a7994d8630c859df00e9.camel@perches.com>
Date:   Wed, 05 Jun 2019 10:03:19 -0700
From:   Joe Perches <joe@...ches.com>
To:     Mauro Carvalho Chehab <mchehab@...nel.org>
Cc:     Greg KH <gregkh@...uxfoundation.org>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Arnd Bergmann <arnd@...db.de>,
        Linux Media Mailing List <linux-media@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Randy Dunlap <rdunlap@...radead.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] media: do not use C++ style comments in uapi headers

On Wed, 2019-06-05 at 07:14 -0300, Mauro Carvalho Chehab wrote:
> Em Tue, 04 Jun 2019 22:22:05 -0700
> Joe Perches <joe@...ches.com> escreveu:
> 
> > On Wed, 2019-06-05 at 07:10 +0200, Greg KH wrote:
> > > On Wed, Jun 05, 2019 at 01:10:41PM +0900, Masahiro Yamada wrote:  
> > > > On Wed, Jun 5, 2019 at 3:21 AM Arnd Bergmann <arnd@...db.de> wrote:  
> > []
> > > > This means we cannot reliably use uint{8,16,32,64}_t in UAPI headers.  
> > > 
> > > We should not be doing that as they are in the userspace "namespace" of
> > > variables, not in the kernel namespace.  We've been over this many times
> > > in the past :(  
> > 
> > Just not very successfully...
> > 
> > $ git grep -w -P 'u?_?int(?:8|16|32|64)_t' include/uapi | wc -l
> > 342
> > $ git grep -w -P --name-only 'u?_?int(?:8|16|32|64)_t' include/uapi | wc -l
> > 13
> 
> Out of curiosity, I decided to check those occurrences...
> 
> About half of those 13 files are false-positives:
> 
> - bpf.h, pps.h and amdgpu_drm.h use those int types only inside comments;
> - drm.h and coda.h have their own typedefs for those int types;
> - vmwgfx_drm.h includes drm.h (which has the typedefs).
> 
> So, only 6 headers actually use posix types in a way that it seems that 
> it would require including stdint.h:
> 
> - include/uapi/linux/fuse.h
> 
>   This one explicitly includes stdint.h if !__KERNEL__
> 
> - include/uapi/linux/netfilter_bridge/ebtables.h,
>   include/uapi/linux/sctp.h,
>   include/uapi/scsi/scsi_netlink.h and
>   include/uapi/scsi/scsi_netlink_fc.h
> 
>   They include linux/types.h unconditionally, relying on
>   scripts/headers_install.sh to remove it;
> 
> - include/uapi/scsi/scsi_bsg_fc.h
> 
>   It doesn't include anything. In other words, it assumes that the c file 
>   would include either linux/types.h or stdint.h.
> 
> ---
> 
> Not saying that this is a good idea, but, as we have already a script that
> it is meant to sanitize uAPI header files when installing them
> (scripts/headers_install.sh), one could modify it (or convert to perl/python)
> in a way that it would be doing something like[1]:
> 
> 	sed -E
> 		...
> 		-e 's,//(.*),/* \1 */,'
> 
> [1] the actual rule should be more complex than that, in order to avoid 
> replacing // inside /**/ comments.

Perhaps a checkpatch change too:

The first block updates unsigned only bitfields
The second tests uapi definitions and suggests "__<kernel_types"
---
 scripts/checkpatch.pl | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index c33c5002f190..afc4bb05a987 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -3747,7 +3747,7 @@ sub process {
 		}
 
 # check for declarations of signed or unsigned without int
-		while ($line =~ m{\b($Declare)\s*(?!char\b|short\b|int\b|long\b)\s*($Ident)?\s*[=,;\[\)\(]}g) {
+		while ($line =~ m{\b($Declare)\s*(?!char\b|short\b|int\b|long\b)\s*($Ident)?\s*[=,;:\[\)\(]}g) {
 			my $type = $1;
 			my $var = $2;
 			$var = "" if (!defined $var);
@@ -5905,10 +5905,10 @@ sub process {
 			      "Using weak declarations can have unintended link defects\n" . $herecurr);
 		}
 
-# check for c99 types like uint8_t used outside of uapi/ and tools/
-		if ($realfile !~ m@\binclude/uapi/@ &&
-		    $realfile !~ m@\btools/@ &&
-		    $line =~ /\b($Declare)\s*$Ident\s*[=;,\[]/) {
+# check for c99 types like uint8_t used outside of tools/
+# for uapi, suggest using __<types>, otherwise use <types> like s8, u32, etc...
+		if ($realfile !~ m@\btools/@ &&
+		    $line =~ /\b($Declare)\s*$Ident\s*[=,;:\[]/) {
 			my $type = $1;
 			if ($type =~ /\b($typeC99Typedefs)\b/) {
 				$type = $1;
@@ -5916,6 +5916,9 @@ sub process {
 				$kernel_type = 's' if ($type =~ /^_*[si]/);
 				$type =~ /(\d+)/;
 				$kernel_type .= $1;
+				if ($realfile =~ m@\binclude/uapi/@) {
+					$kernel_type = "__" . $kernel_type;
+				}
 				if (CHK("PREFER_KERNEL_TYPES",
 					"Prefer kernel type '$kernel_type' over '$type'\n" . $herecurr) &&
 				    $fix) {

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ