lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 4 Apr 2024 13:07:15 +0200
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Laine Taffin Altman <alexanderaltman@...com>
Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>, 
	Benno Lossin <benno.lossin@...ton.me>, rust-for-linux@...r.kernel.org, 
	Wedson Almeida Filho <wedsonaf@...il.com>, Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>, 
	Björn Roy Baron <bjorn3_gh@...tonmail.com>, 
	Andreas Hindborg <a.hindborg@...sung.com>, Alice Ryhl <aliceryhl@...gle.com>, 
	Martin Rodriguez Reboredo <yakoyoku@...il.com>, lkml <linux-kernel@...r.kernel.org>, 
	stable@...r.kernel.org
Subject: Re: [PATCH v4] rust: init: remove impl Zeroable for Infallible

On Wed, Apr 3, 2024 at 11:07 PM Laine Taffin Altman
<alexanderaltman@...com> wrote:
>
> In Rust, producing an invalid value of any type is immediate undefined
> behavior (UB); this includes via zeroing memory.  Therefore, since an
> uninhabited type has no valid values, producing any values at all for it is
> UB.
>
> The Rust standard library type `core::convert::Infallible` is uninhabited,
> by virtue of having been declared as an enum with no cases, which always
> produces uninhabited types in Rust.
>
> The current kernel code allows this UB to be triggered, for example by code
> like `Box::<core::convert::Infallible>::init(kernel::init::zeroed())`.
>
> Thus, remove the implementation of `Zeroable` for `Infallible`, thereby
> avoiding the unsoundness (potential for future UB).
>
> Cc: stable@...r.kernel.org
> Fixes: 38cde0bd7b67 ("rust: init: add `Zeroable` trait and `init::zeroed` function")
> Closes: https://github.com/Rust-for-Linux/pinned-init/pull/13
> Signed-off-by: Laine Taffin Altman <alexanderaltman@...com>
> Reviewed-by: Alice Ryhl <aliceryhl@...gle.com>
> Reviewed-by: Boqun Feng <boqun.feng@...il.com>

[ Reformatted the comment slightly. ]

Applied to `rust-fixes` -- thanks everyone! Please feel free to still send tags.

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ