lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANiq72nky1vpP6qNf4rdSNnr3i7oAdaB4SRQgSG5QaUCCiMs1A@mail.gmail.com>
Date: Sun, 9 Feb 2025 00:11:58 +0100
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Alejandro Colomar <alx@...nel.org>
Cc: DJ Delorie <dj@...hat.com>, Eric Blake <eblake@...hat.com>, 
	Will Newton <will.newton@...aro.org>, Paul Eggert <eggert@...ucla.edu>, linux-man@...r.kernel.org, 
	Danilo Krummrich <dakr@...nel.org>, Tamir Duberstein <tamird@...il.com>, Miguel Ojeda <ojeda@...nel.org>, 
	Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>, 
	Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, 
	Benno Lossin <benno.lossin@...ton.me>, Andreas Hindborg <a.hindborg@...nel.org>, 
	Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>, rust-for-linux@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements

On Sat, Feb 8, 2025 at 8:18 PM Alejandro Colomar <alx@...nel.org> wrote:
>
> -  aligned_alloc()
>
>         It seems to be like memalign(), with *some* input validation.
>         It makes sure that the input is a power of two, or it fails.
>         However, it doesn't check that the input is multiple of
>         _Alignof(void*).  That requirement is implementation-defined;
>         neither POSIX nor ISO C impose any specific requirements, so the
>         requirements that the input is a power of two are imposed by
>         glibc.  The documentation matches the experimental behavior.

Thanks Alejandro.

I am not sure I agree -- I am confused about three points:

  - I am not sure the documentation is matching the experimental
behavior. For instance, the Linux man pages say:

      "except for the added restriction that `size` should be a
multiple of `alignment`"

    But a call like `aligned_alloc(8, 9)` succeeds. What does "added
restriction" mean in this context? i.e. is it supposed to fail?

  - I am not sure if ISO C intends to require the power of two or not.
One of the C23 drafts says `aligned_alloc()` is supposed to fail if

      "the value of `alignment` is not a valid alignment supported by
the implementation the function"

    And then, elsewhere, that:

      "Valid alignments include only fundamental alignments, plus an
additional implementation-defined set of values, which can be empty.
Every valid alignment value shall be a nonnegative integral power of
two."

    So if those are intended to be connected, then it sounds like a
non-power-of-two is invalid and thus the function should fail.

  - What Danilo mentioned about the sections, e.g. is the "ERRORS"
section in the Linux man pages supposed to apply to all the functions
documented in the same page?

    Would it help to somehow indicate which errors apply for each function?

Thanks a lot!

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ