| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y4n0OXlSgW3TUM2h@paasikivi.fi.intel.com>
Date: Fri, 2 Dec 2022 12:48:57 +0000
From: Sakari Ailus <sakari.ailus@...ux.intel.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, Jason Gunthorpe <jgg@...pe.ca>,
Matthew Wilcox <willy@...radead.org>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
"Rafael J. Wysocki" <rafael@...nel.org>
Subject: Re: [PATCH 1/4] container_of: add container_of_const() that
preserves const-ness of the pointer
Hi Greg,
On Thu, Dec 01, 2022 at 08:30:54PM +0100, Greg Kroah-Hartman wrote:
> container_of does not preserve the const-ness of a pointer that is
> passed into it, which can cause C code that passes in a const pointer to
> get a pointer back that is not const and then scribble all over the data
> in it. To prevent this, container_of_const() will preserve the const
> status of the pointer passed into it using the newly available _Generic()
> method.
>
> Co-developed-by: Jason Gunthorpe <jgg@...pe.ca>
> Cc: Matthew Wilcox <willy@...radead.org>
> Cc: Sakari Ailus <sakari.ailus@...ux.intel.com>
> Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
> Cc: "Rafael J. Wysocki" <rafael@...nel.org>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> ---
> include/linux/container_of.h | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/include/linux/container_of.h b/include/linux/container_of.h
> index 2008e9f4058c..3c290e865151 100644
> --- a/include/linux/container_of.h
> +++ b/include/linux/container_of.h
> @@ -22,4 +22,18 @@
> "pointer type mismatch in container_of()"); \
> ((type *)(__mptr - offsetof(type, member))); })
>
> +/**
> + * container_of_const - cast a member of a structure out to the containing
> + * structure and preserve the const-ness of the pointer
> + * @ptr_type: the type of the pointer @ptr
> + * @ptr: the pointer to the member
> + * @member_type: the type of the container struct this is embedded in.
> + * @member: the name of the member within the struct.
> + */
> +#define container_of_const(ptr_type, ptr, member_type, member) \
I missed earlier you had four arguments for the macro instead of three.
With default: this can be done with just three:
#define container_of_const(ptr, member_type, member) \
_Generic(ptr, \
const typeof(*(ptr)) *: ((const member_type *)container_of(ptr, member_type, member)),\
default: ((member_type *)container_of(ptr, member_type, member)) \
)
The const typeof(*(ptr)) * will match if ptr is const, otherwise default
matches. But you can't have typeof(*(ptr)) * instead of default as the two
types are still the same, hence default.
I've tested this on GCC 10.2.1 and clang 11.0.1.
This should also make it a bit easier for existing users to switch to the
new macro and hopefully eventual rename back to container_of() once all
users have been converted.
> + _Generic(ptr, \
> + const ptr_type *: ((const member_type *)container_of(ptr, member_type, member)),\
> + ptr_type *: ((member_type *)container_of(ptr, member_type, member)) \
> + )
> +
> #endif /* _LINUX_CONTAINER_OF_H */
--
Kind regards,
Sakari Ailus
Powered by blists - more mailing lists