| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YfprOGVPci8tiiFEBN5olLh8NiFh8mRJOcQQ5icOWAhXjncFLKy9Aj-Tr5sidcCiSguYYykfdv_4PM2UoF238vjzuXHeckZal5cGNMW2y8c=@proton.me>
Date: Wed, 05 Jul 2023 21:44:16 +0000
From: Benno Lossin <benno.lossin@...ton.me>
To: Gary Guo <gary@...yguo.net>
Cc: Boqun Feng <boqun.feng@...il.com>, Miguel Ojeda <ojeda@...nel.org>,
Wedson Almeida Filho <wedsonaf@...il.com>,
Alex Gaynor <alex.gaynor@...il.com>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Alice Ryhl <aliceryhl@...gle.com>,
Andreas Hindborg <nmi@...aspace.dk>,
rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
patches@...ts.linux.dev, Asahi Lina <lina@...hilina.net>
Subject: Re: [PATCH 5/7] rust: init: add `..Zeroable::zeroed()` syntax for zeroing all missing fields
On 05.07.23 19:48, Gary Guo wrote:
> On Mon, 3 Jul 2023 11:15:55 -0700
> Boqun Feng <boqun.feng@...il.com> wrote:
>
>> On Sat, Jun 24, 2023 at 09:25:19AM +0000, Benno Lossin wrote:
>> [...]
>> (this is `init_slot`)
>>> @@ -1064,7 +1152,7 @@ macro_rules! __init_internal {
>>> @data($data:ident),
>>> @slot($slot:ident),
>>> @guards($($guards:ident,)*),
>>> - @munch_fields($(,)?),
>>> + @munch_fields($(..Zeroable::zeroed())? $(,)?),
>>
>> since you append an unconditional comma ',' to init_slot and
>> make_initializer when "calling" them in with_update_parsed, shouldn't
>> this be:
>>
>> + @munch_fields($(..Zeroable::zeroed(),)? $(,)?),
>>
>> , and..
>>
>>> ) => {
>>> // Endpoint of munching, no fields are left. If execution reaches this point, all fields
>>> // have been initialized. Therefore we can now dismiss the guards by forgetting them.
>>> @@ -1157,6 +1245,30 @@ macro_rules! __init_internal {
>>> @munch_fields($($rest)*),
>>> );
>>> };
>>> + (make_initializer:
>>> + @slot($slot:ident),
>>> + @type_name($t:ident),
>>> + @munch_fields(..Zeroable::zeroed() $(,)?),
>>
>> this should be:
>>
>> + @munch_fields(..Zeroable::zeroed() , $(,)?),
>>
>> Otherwise the example before `pin_init!()` wouldn't compile:
>>
>> /// pin_init!(Buf {
>> /// buf: [1; 64],
>> /// ..Zeroable::zeroed(),
>> /// });
>
> Comma is not allowed after base struct.
Yes this is a mistake in the example, will fix.
--
Cheers,
Benno
>
>>
>> Regards,
>> Boqun
>>
>>> + @acc($($acc:tt)*),
>>> + ) => {
>>> + // Endpoint, nothing more to munch, create the initializer. Since the users specified
>>> + // `..Zeroable::zeroed()`, the slot will already have been zeroed and all field that have
>>> + // not been overwritten are thus zero and initialized. We still check that all fields are
>>> + // actually accessible by using the struct update syntax ourselves.
>>> + // Since we are in the `if false` branch, this will never get executed. We abuse `slot` to
>>> + // get the correct type inference here:
>>> + unsafe {
>>> + let mut zeroed = ::core::mem::zeroed();
>>> + // We have to use type inference her to make zeroed have the correct type. This does
>>> + // not get executed, so it has no effect.
>>> + ::core::ptr::write($slot, zeroed);
>>> + zeroed = ::core::mem::zeroed();
>>> + ::core::ptr::write($slot, $t {
>>> + $($acc)*
>>> + ..zeroed
>>> + });
>>> + }
>>> + };
>>> (make_initializer:
>>> @slot($slot:ident),
>>> @type_name($t:ident),
>>> --
>>> 2.41.0
>>>
>>>
>
Powered by blists - more mailing lists