| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <94fa4f05-929f-4be8-b2d1-0277826984b1@acm.org> Date: Fri, 7 Feb 2025 09:46:34 -0800 From: Bart Van Assche <bvanassche@....org> To: Peter Zijlstra <peterz@...radead.org>, Marco Elver <elver@...gle.com> Cc: Will Deacon <will@...nel.org>, Christoph Hellwig <hch@....de>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Nathan Chancellor <nathan@...nel.org>, Kees Cook <kees@...nel.org>, Jann Horn <jannh@...gle.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH RFC 00/33] Compile-time thread-safety checking On 2/7/25 1:08 AM, Peter Zijlstra wrote: > On Fri, Feb 07, 2025 at 10:05:47AM +0100, Marco Elver wrote: >> Yes, you can add multiple guarded_by. But it's just going to enforce >> that you need to hold both locks before you access the member. If you >> want the rules to be more complex, the best way to express that is with >> some helpers. E.g. something like this (tested on top my series) > > Oh gawd, this is going to be a pain, isn't it :/ The Clang thread-safety annotations are used widely so behavior of existing attributes must be preserved. I propose to introduce new thread-safety attributes when useful to annotate kernel code. As an example, the Clang try_acquire_capability function attribute does not support functions that return pointers although this is a common pattern in the Linux kernel. I think that introducing a new function attribute to support functions that return pointers is a better solution than trying to annotate such functions with any of the existing Clang thread-safety attributes. Thanks, Bart.
Powered by blists - more mailing lists