lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMuHMdXcBKpiCPE7b4UR9TdmqT_4D8_iptAczYX7XE0Xn7hr=w@mail.gmail.com>
Date: Wed, 19 Feb 2025 15:30:50 +0100
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: James Bottomley <James.Bottomley@...senpartnership.com>
Cc: Dan Carpenter <dan.carpenter@...aro.org>, Christoph Hellwig <hch@...radead.org>, 
	Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, 
	rust-for-linux <rust-for-linux@...r.kernel.org>, 
	Linus Torvalds <torvalds@...ux-foundation.org>, Greg KH <gregkh@...uxfoundation.org>, 
	David Airlie <airlied@...il.com>, linux-kernel@...r.kernel.org, ksummit@...ts.linux.dev
Subject: Re: Rust kernel policy

Hi James,

On Wed, 19 Feb 2025 at 15:20, James Bottomley
<James.Bottomley@...senpartnership.com> wrote:
> On Wed, 2025-02-19 at 11:05 +0300, Dan Carpenter wrote:
> > On Tue, Feb 18, 2025 at 08:08:18AM -0800, Christoph Hellwig wrote:
> > > But that also shows how core maintainers are put off by trivial
> > > things like checking for integer overflows or compiler enforced
> > > synchronization (as in the clang thread sanitizer).
> > > How are we're going to bridge the gap between a part of the kernel
> > > that is not even accepting relatively easy rules for improving
> > > safety vs another one that enforces even strong rules.
> >
> > Yeah.  It's an ironic thing...
> >
> >         unsigned long total = nr * size;
> >
> >         if (nr > ULONG_MAX / size)
> >                 return -EINVAL;
> >
> > In an ideal world, people who write code like that should receive a
> > permanent ban from promoting Rust.
>
> I look at most of the bugfixes flowing through subsystems I watch and a
> lot of them are in error legs.  Usually around kfree cockups (either
> forgetting or freeing to early).  Could we possibly fix a lot of this
> by adopting the _cleanup_ annotations[1]?  I've been working in systemd
> code recently and they seem to make great use of this for error leg
> simplification.

Sure!
https://elixir.bootlin.com/linux/v6.13.3/source/include/linux/cleanup.h

Unfortunately these may cause a new bunch of cockups, due to
forgetting to call no_free_ptr() when needed...

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ