lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z0Q0PJzTMg_Or22I@gmail.com>
Date: Mon, 25 Nov 2024 09:24:28 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Borislav Petkov <bp@...en8.de>
Cc: Thomas Gleixner <tglx@...utronix.de>, x86-ml <x86@...nel.org>,
	lkml <linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH] x86/boot: Get rid of linux/init.h include


* Borislav Petkov <bp@...en8.de> wrote:

> On Fri, Nov 22, 2024 at 05:55:52PM +0100, Ingo Molnar wrote:
> > > --- a/arch/x86/boot/compressed/head_32.S
> > > +++ b/arch/x86/boot/compressed/head_32.S
> > > @@ -24,7 +24,6 @@
> > >   */
> > >  	.text
> > >  
> > > -#include <linux/init.h>
> > >  #include <linux/linkage.h>
> > >  #include <asm/segment.h>
> > >  #include <asm/page_types.h>
> > > @@ -32,6 +31,10 @@
> > >  #include <asm/asm-offsets.h>
> > >  #include <asm/bootparam.h>
> > >  
> > > +#ifdef KERNEL_PROPER_HEADER
> > > +#error Do not include kernel proper namespace headers
> > > +#endif
> > 
> > The canonical solution in such cases is to use the existing header 
> > guard, ie:
> > 
> >  #ifdef _LINUX_INIT_H
> >  # error Do not include kernel proper namespace headers
> >  #endif
> > 
> > Then we can skip defining KERNEL_PROPER_HEADER as well, and this change 
> > will be purely to x86 code.
> 
> Yap, I know, thought about it.
> 
> However, if we have to protect against every header, then we will have to do
> a big
> 
> if defined...
> 
> which doesn't really work.
> 
> For the above example:
> 
> #if defined(_LINUX_INIT_H) || defined(_LINUX_LINKAGE_H)
> 
> and that would protect against the two headers which are included here.
> 
> If someone includes another one, it won't fire.

And if someone doesn't add the ugly KERNEL_PROPER_HEADER defines to a 
new header that somehow gets included into the decompressor build 
virally, it won't fire either. I think it's better to concentrate the 
uglies in the 'weird' code, ie. the decompressor.

Also, what's the root problem being solved? The changelog says:

   > no collisions and ugly ifdeffery when those kernel proper headers 
   > get shared.

But that's pretty vague - is there some recent build regression this is 
responding to? Which kernel headers collided with which headers used by 
the decompressor build?

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ