lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202411151247.280F316C83@keescook>
Date: Fri, 15 Nov 2024 12:48:27 -0800
From: Kees Cook <kees@...nel.org>
To: Philipp Reisner <philipp.reisner@...bit.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
	Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
	linux-sparse@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] compiler.h: Fix undefined BUILD_BUG_ON_ZERO()

On Fri, Nov 15, 2024 at 09:46:02PM +0100, Philipp Reisner wrote:
> <linux/compiler.h> defines __must_be_array() and __must_be_cstr() and
> both expand to BUILD_BUG_ON_ZERO(), but <linux/build_bug.h> defines
> BUILD_BUG_ON_ZERO(). Including <linux/build_bug.h> in
> <linux/compiler.h> would create a cyclic dependency as
> <linux/build_bug.h> already includes <linux/compiler.h>.
> 
> Fix that by defining __BUILD_BUG_ON_ZERO_MSG() in <linux/compiler.h>
> and using that for __must_be_array() and __must_be_cstr().
> 
> Signed-off-by: Philipp Reisner <philipp.reisner@...bit.com>

Thanks for finding a simple way to make this work sanely. :)

Acked-by: Kees Cook <kees@...nel.org>

Linus, do you want a PR for this, or will you apply it directly?

Thanks!

-Kees

> ---
>  include/linux/compiler.h | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
> index 4d4e23b6e3e7..469a64dd6495 100644
> --- a/include/linux/compiler.h
> +++ b/include/linux/compiler.h
> @@ -239,11 +239,18 @@ static inline void *offset_to_ptr(const int *off)
>  
>  #endif /* __ASSEMBLY__ */
>  
> +#ifdef __CHECKER__
> +#define __BUILD_BUG_ON_ZERO_MSG(e, msg) (0)
> +#else /* __CHECKER__ */
> +#define __BUILD_BUG_ON_ZERO_MSG(e, msg) ((int)sizeof(struct {_Static_assert(!(e), msg);}))
> +#endif /* __CHECKER__ */
> +
>  /* &a[0] degrades to a pointer: a different type from an array */
> -#define __must_be_array(a)	BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0]))
> +#define __must_be_array(a)	__BUILD_BUG_ON_ZERO_MSG(__same_type((a), &(a)[0]), "must be array")
>  
>  /* Require C Strings (i.e. NUL-terminated) lack the "nonstring" attribute. */
> -#define __must_be_cstr(p)	BUILD_BUG_ON_ZERO(__annotated(p, nonstring))
> +#define __must_be_cstr(p) \
> +	__BUILD_BUG_ON_ZERO_MSG(__annotated(p, nonstring), "must be cstr (NUL-terminated)")
>  
>  /*
>   * This returns a constant expression while determining if an argument is
> -- 
> 2.47.0
> 

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ