lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Apr 2024 14:20:29 -0700
From: Boqun Feng <boqun.feng@...il.com>
To: Benno Lossin <benno.lossin@...ton.me>
Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>,
	Wedson Almeida Filho <wedsonaf@...il.com>,
	Gary Guo <gary@...yguo.net>,
	Björn Roy Baron <bjorn3_gh@...tonmail.com>,
	Andreas Hindborg <a.hindborg@...sung.com>,
	Alice Ryhl <aliceryhl@...gle.com>,
	Martin Rodriguez Reboredo <yakoyoku@...il.com>,
	rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rust: init: change the generated name of guard variables

On Wed, Apr 03, 2024 at 07:43:37PM +0000, Benno Lossin wrote:
> The initializers created by the `[try_][pin_]init!` macros utilize the
> guard pattern to drop already initialized fields, when initialization
> fails mid-way. These guards are generated to have the same name as the
> field that they handle. To prevent namespacing issues when the field

Do you have an example of this kind of issues?

Regards,
Boqun

> name is the same as e.g. a constant name, add `__` as a prefix and
> `_guard` as the suffix.
> 
> Signed-off-by: Benno Lossin <benno.lossin@...ton.me>
> ---
>  rust/kernel/init/macros.rs | 28 ++++++++++++++--------------
>  1 file changed, 14 insertions(+), 14 deletions(-)
> 
> diff --git a/rust/kernel/init/macros.rs b/rust/kernel/init/macros.rs
> index cb6e61b6c50b..93bf4c3080f9 100644
> --- a/rust/kernel/init/macros.rs
> +++ b/rust/kernel/init/macros.rs
> @@ -250,7 +250,7 @@
>  //!                     // error type is `Infallible`) we will need to drop this field if there
>  //!                     // is an error later. This `DropGuard` will drop the field when it gets
>  //!                     // dropped and has not yet been forgotten.
> -//!                     let t = unsafe {
> +//!                     let __t_guard = unsafe {
>  //!                         ::pinned_init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).t))
>  //!                     };
>  //!                     // Expansion of `x: 0,`:
> @@ -261,14 +261,14 @@
>  //!                         unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).x), x) };
>  //!                     }
>  //!                     // We again create a `DropGuard`.
> -//!                     let x = unsafe {
> +//!                     let __x_guard = unsafe {
>  //!                         ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).x))
>  //!                     };
>  //!                     // Since initialization has successfully completed, we can now forget
>  //!                     // the guards. This is not `mem::forget`, since we only have
>  //!                     // `&DropGuard`.
> -//!                     ::core::mem::forget(x);
> -//!                     ::core::mem::forget(t);
> +//!                     ::core::mem::forget(__x_guard);
> +//!                     ::core::mem::forget(__t_guard);
>  //!                     // Here we use the type checker to ensure that every field has been
>  //!                     // initialized exactly once, since this is `if false` it will never get
>  //!                     // executed, but still type-checked.
> @@ -461,16 +461,16 @@
>  //!             {
>  //!                 unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).a), a) };
>  //!             }
> -//!             let a = unsafe {
> +//!             let __a_guard = unsafe {
>  //!                 ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).a))
>  //!             };
>  //!             let init = Bar::new(36);
>  //!             unsafe { data.b(::core::addr_of_mut!((*slot).b), b)? };
> -//!             let b = unsafe {
> +//!             let __b_guard = unsafe {
>  //!                 ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).b))
>  //!             };
> -//!             ::core::mem::forget(b);
> -//!             ::core::mem::forget(a);
> +//!             ::core::mem::forget(__b_guard);
> +//!             ::core::mem::forget(__a_guard);
>  //!             #[allow(unreachable_code, clippy::diverging_sub_expression)]
>  //!             let _ = || {
>  //!                 unsafe {
> @@ -1192,14 +1192,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
>          // We use `paste!` to create new hygiene for `$field`.
>          ::kernel::macros::paste! {
>              // SAFETY: We forget the guard later when initialization has succeeded.
> -            let [<$field>] = unsafe {
> +            let [< __ $field _guard >] = unsafe {
>                  $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
>              };
>  
>              $crate::__init_internal!(init_slot($use_data):
>                  @data($data),
>                  @slot($slot),
> -                @guards([<$field>], $($guards,)*),
> +                @guards([< __ $field _guard >], $($guards,)*),
>                  @munch_fields($($rest)*),
>              );
>          }
> @@ -1223,14 +1223,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
>          // We use `paste!` to create new hygiene for `$field`.
>          ::kernel::macros::paste! {
>              // SAFETY: We forget the guard later when initialization has succeeded.
> -            let [<$field>] = unsafe {
> +            let [< __ $field _guard >] = unsafe {
>                  $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
>              };
>  
>              $crate::__init_internal!(init_slot():
>                  @data($data),
>                  @slot($slot),
> -                @guards([<$field>], $($guards,)*),
> +                @guards([< __ $field _guard >], $($guards,)*),
>                  @munch_fields($($rest)*),
>              );
>          }
> @@ -1255,14 +1255,14 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {}
>          // We use `paste!` to create new hygiene for `$field`.
>          ::kernel::macros::paste! {
>              // SAFETY: We forget the guard later when initialization has succeeded.
> -            let [<$field>] = unsafe {
> +            let [< __ $field _guard >] = unsafe {
>                  $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field))
>              };
>  
>              $crate::__init_internal!(init_slot($($use_data)?):
>                  @data($data),
>                  @slot($slot),
> -                @guards([<$field>], $($guards,)*),
> +                @guards([< __ $field _guard >], $($guards,)*),
>                  @munch_fields($($rest)*),
>              );
>          }
> 
> base-commit: 9ffe2a730313f27cebd0859ea856247ac59c576c
> -- 
> 2.44.0
> 
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ