lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250206-aligned-alloc-v3-1-0cbc0ab0306d@gmail.com>
Date: Thu, 06 Feb 2025 15:49:00 -0500
From: Tamir Duberstein <tamird@...il.com>
To: Danilo Krummrich <dakr@...nel.org>, Miguel Ojeda <ojeda@...nel.org>, 
 Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>, 
 Gary Guo <gary@...yguo.net>, 
 Björn Roy Baron <bjorn3_gh@...tonmail.com>, 
 Benno Lossin <benno.lossin@...ton.me>, 
 Andreas Hindborg <a.hindborg@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>, 
 Trevor Gross <tmgross@...ch.edu>
Cc: rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org, 
 Tamir Duberstein <tamird@...il.com>
Subject: [PATCH v3] rust: allocator_test: use `posix_memalign`

The implementation added in commit dd09538fb409 ("rust: alloc: implement
`Cmalloc` in module allocator_test") used `aligned_malloc` which has
implementation-defined requirements of its `alignment` parameter.

The macOS implementation of `aligned_alloc` appears to be based on
`posix_memalign` and inherits the stricter requirements of that
function, causing test failures on macOS.

Replace `aligned_alloc` with `posix_memalign` and comply with its
requirements. This ensures uniform behavior across systems.

Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")

Signed-off-by: Tamir Duberstein <tamird@...il.com>
---
I've intentionally not picked up Danilo's Acked-by from v2 because the
approach has changed quite a bit.
---
Changes in v3:
- Replace `aligned_malloc` with `posix_memalign` for portability.
- Link to v2: https://lore.kernel.org/r/20250202-aligned-alloc-v2-1-5af0b5fdd46f@gmail.com

Changes in v2:
- Shorten some variable names. (Danilo Krummrich)
- Replace shadowing alignment variable with a second call to
  Layout::align. (Danilo Krummrich)
- Link to v1: https://lore.kernel.org/r/20250201-aligned-alloc-v1-1-c99a73f3cbd4@gmail.com
---
 rust/kernel/alloc/allocator_test.rs | 27 +++++++++++++++++++++++----
 1 file changed, 23 insertions(+), 4 deletions(-)

diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
index e3240d16040b..0aa68d955b39 100644
--- a/rust/kernel/alloc/allocator_test.rs
+++ b/rust/kernel/alloc/allocator_test.rs
@@ -23,8 +23,19 @@
 pub type KVmalloc = Kmalloc;
 
 extern "C" {
-    #[link_name = "aligned_alloc"]
-    fn libc_aligned_alloc(align: usize, size: usize) -> *mut crate::ffi::c_void;
+    // NB: `posix_memalign` is intentionally used instead of `aligned_malloc`.
+    //
+    // ISO C (ISO/IEC 9899:2011) defines `aligned_malloc`:
+    //
+    // > The value of alignment shall be a valid alignment supported by the implementation [...].
+    //
+    // POSIX.1-2001 (IEEE 1003.1-2001) defines `posix_memalign`:
+    //
+    // > The value of alignment shall be a power of two multiple of sizeof (void *).
+    //
+    // `posix_memalign` is more portable than (but otherwise identical to) `aligned_malloc`.
+    #[link_name = "posix_memalign"]
+    fn libc_posix_memalign(align: usize, size: usize) -> *mut crate::ffi::c_void;
 
     #[link_name = "free"]
     fn libc_free(ptr: *mut crate::ffi::c_void);
@@ -62,13 +73,21 @@ unsafe fn realloc(
             ));
         }
 
+        // Ensure we comply with the requirements of `posix_memalign`.
+        let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
+        let (align, size) = if layout.align() < min_align {
+            (min_align, layout.size().div_ceil(min_align) * min_align)
+        } else {
+            (layout.align(), layout.size())
+        };
+
         // SAFETY: Returns either NULL or a pointer to a memory allocation that satisfies or
         // exceeds the given size and alignment requirements.
-        let dst = unsafe { libc_aligned_alloc(layout.align(), layout.size()) } as *mut u8;
+        let dst = unsafe { libc_posix_memalign(align, size) } as *mut u8;
         let dst = NonNull::new(dst).ok_or(AllocError)?;
 
         if flags.contains(__GFP_ZERO) {
-            // SAFETY: The preceding calls to `libc_aligned_alloc` and `NonNull::new`
+            // SAFETY: The preceding calls to `libc_posix_memalign` and `NonNull::new`
             // guarantee that `dst` points to memory of at least `layout.size()` bytes.
             unsafe { dst.as_ptr().write_bytes(0, layout.size()) };
         }

---
base-commit: dc58b514a628fc11ab459dccdd6a2f3a916e8f6a
change-id: 20250201-aligned-alloc-b52cb2353c82

Best regards,
-- 
Tamir Duberstein <tamird@...il.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ