lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANiq72nf4N_HXOAZupM_Gq=c0jg-L__YUQtx4fSRpNuRqt4JAw@mail.gmail.com>
Date:   Sun, 30 Jul 2023 22:43:44 +0200
From:   Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To:     Boqun Feng <boqun.feng@...il.com>,
        Björn Roy Baron <bjorn3_gh@...tonmail.com>
Cc:     rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, Miguel Ojeda <ojeda@...nel.org>,
        Alex Gaynor <alex.gaynor@...il.com>,
        Wedson Almeida Filho <wedsonaf@...il.com>,
        Gary Guo <gary@...yguo.net>,
        Benno Lossin <benno.lossin@...ton.me>,
        Martin Rodriguez Reboredo <yakoyoku@...il.com>,
        Alice Ryhl <aliceryhl@...gle.com>,
        Dariusz Sosnowski <dsosnowski@...snowski.pl>,
        Geoffrey Thomas <geofft@...reload.com>,
        Fox Chen <foxhlchen@...il.com>,
        John Baublitz <john.m.baublitz@...il.com>,
        Christoph Lameter <cl@...ux.com>,
        Pekka Enberg <penberg@...nel.org>,
        David Rientjes <rientjes@...gle.com>,
        Joonsoo Kim <iamjoonsoo.kim@....com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Vlastimil Babka <vbabka@...e.cz>,
        Roman Gushchin <roman.gushchin@...ux.dev>,
        Hyeonggon Yoo <42.hyeyoo@...il.com>,
        Kees Cook <keescook@...omium.org>, stable@...r.kernel.org,
        Andreas Hindborg <nmi@...aspace.dk>
Subject: Re: [PATCH 1/3] rust: allocator: Prevent mis-aligned allocation

On Sun, Jul 30, 2023 at 3:29 AM Boqun Feng <boqun.feng@...il.com> wrote:
>
> +// Note: Although these are *safe* functions, but they are only generated at
> +// `GlobalAlloc` callsites, hence we assume the parameters obey the same
> +// `GlobalAlloc` function safety requirements: size and align should form a
> +// valid layout, and size is greater than 0.

Thanks for adding all the `// SAFETY` comments here Boqun!

Björn, do they look good to you? (since you fixed the issue in the compiler)

On this comment in particular, "generated at `GlobalAlloc` callsites"
sounds a bit confusing to me. Would "... called by the compiler with
parameters that obey ..." make sense? Or does the sentence refer to
the normal case (i.e. when the functions are generated)? Anyway, it is
not a big deal.

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ