lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <fa9245f4-c84f-40ea-8a5c-b1a31fee7525@acm.org>
Date: Fri, 7 Feb 2025 10:35:12 -0800
From: Bart Van Assche <bvanassche@....org>
To: Marco Elver <elver@...gle.com>
Cc: Peter Zijlstra <peterz@...radead.org>, Will Deacon <will@...nel.org>,
 Christoph Hellwig <hch@....de>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Nick Desaulniers <ndesaulniers@...gle.com>,
 Nathan Chancellor <nathan@...nel.org>, Kees Cook <kees@...nel.org>,
 Jann Horn <jannh@...gle.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC 00/33] Compile-time thread-safety checking

On 2/7/25 10:24 AM, Marco Elver wrote:
> On Fri, 7 Feb 2025 at 18:46, Bart Van Assche <bvanassche@....org> wrote:
>> As an
>> example, the Clang try_acquire_capability function attribute does not
>> support functions that return pointers although this is a common pattern
>> in the Linux kernel. I think that introducing a new function attribute
>> to support functions that return pointers is a better solution than
>> trying to annotate such functions with any of the existing Clang
>> thread-safety attributes.
> 
> try_acquire_capability / __cond_acquires(cond, capability) is happy
> with pointer-returning functions when using int-literals for "cond"
> i.e. 0 or 1 (Clang's documentation says it only wants bool, but that's
> wrong). I just tested this on a pointer-returning function, and it
> works.

The first argument of the try_acquire_capability function annotation
must be the value that indicates that the capability has been acquired.
I'm not aware of any function in the Linux kernel that returns a pointer
and where returning a NULL pointer indicates success. Additionally,
return ERR_PTR() is used widely. Neither pattern can be annotated with
try_acquire_capability today. This is why I wrote that we need a new
function attribute for functions that return a pointer.

Thanks,

Bart.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ