lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <202504070945.BAC93C0@keescook>
Date: Mon, 7 Apr 2025 09:46:39 -0700
From: Kees Cook <kees@...nel.org>
To: Vincent Mailhol <mailhol.vincent@...adoo.fr>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
	Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
	linux-kernel@...r.kernel.org, linux-sparse@...r.kernel.org,
	Masahiro Yamada <masahiroy@...nel.org>,
	Paolo Bonzini <pbonzini@...hat.com>,
	Nick Desaulniers <nick.desaulniers+lkml@...il.com>
Subject: Re: [PATCH v2] build_bug.h: more user friendly error messages in
 BUILD_BUG_ON_ZERO()

On Sat, Mar 29, 2025 at 01:48:50AM +0900, Vincent Mailhol wrote:
> __BUILD_BUG_ON_ZERO_MSG(), as introduced in [1], makes it possible to
> do a static assertions in expressions. The direct benefit is to
> provide a meaningful error message instead of the cryptic negative
> bitfield size error message currently returned by BUILD_BUG_ON_ZERO():
> 
>   ./include/linux/build_bug.h:16:51: error: negative width in bit-field '<anonymous>'
>      16 | #define BUILD_BUG_ON_ZERO(e) ((int)(sizeof(struct { int:(-!!(e)); })))
>         |                                                   ^
> 
> Get rid of BUILD_BUG_ON_ZERO()'s bitfield size hack. Instead rely on
> __BUILD_BUG_ON_ZERO_MSG() which in turn relies on C11's
> _Static_assert().
> 
> Use some macro magic, similarly to static_assert(), to either use an
> optional error message provided by the user or, when omitted, to
> produce a default error message by stringifying the tested
> expression. With this, for example:
> 
>   BUILD_BUG_ON_ZERO(1 > 0)
> 
> would now throw:
> 
>   ./include/linux/compiler.h:197:62: error: static assertion failed: "1 > 0 is true"

This is so much easier to read! Thanks for this. :)

If no one else snags it, I can take this via the hardening tree for
-next once -rc2 is released.

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ