lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9dc6f94e-c739-4fdf-8e43-4386d35e02e5@wanadoo.fr>
Date: Tue, 8 Apr 2025 22:23:53 +0900
From: Vincent Mailhol <mailhol.vincent@...adoo.fr>
To: Kees Cook <kees@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>
Cc: Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
 linux-kernel@...r.kernel.org, linux-sparse@...r.kernel.org,
 Masahiro Yamada <masahiroy@...nel.org>, Paolo Bonzini <pbonzini@...hat.com>,
 Nick Desaulniers <nick.desaulniers+lkml@...il.com>
Subject: Re: [PATCH v2] build_bug.h: more user friendly error messages in
 BUILD_BUG_ON_ZERO()

On 08/04/2025 at 01:46, Kees Cook wrote:
> On Sat, Mar 29, 2025 at 01:48:50AM +0900, Vincent Mailhol wrote:
>> __BUILD_BUG_ON_ZERO_MSG(), as introduced in [1], makes it possible to
>> do a static assertions in expressions. The direct benefit is to
>> provide a meaningful error message instead of the cryptic negative
>> bitfield size error message currently returned by BUILD_BUG_ON_ZERO():
>>
>>   ./include/linux/build_bug.h:16:51: error: negative width in bit-field '<anonymous>'
>>      16 | #define BUILD_BUG_ON_ZERO(e) ((int)(sizeof(struct { int:(-!!(e)); })))
>>         |                                                   ^
>>
>> Get rid of BUILD_BUG_ON_ZERO()'s bitfield size hack. Instead rely on
>> __BUILD_BUG_ON_ZERO_MSG() which in turn relies on C11's
>> _Static_assert().
>>
>> Use some macro magic, similarly to static_assert(), to either use an
>> optional error message provided by the user or, when omitted, to
>> produce a default error message by stringifying the tested
>> expression. With this, for example:
>>
>>   BUILD_BUG_ON_ZERO(1 > 0)
>>
>> would now throw:
>>
>>   ./include/linux/compiler.h:197:62: error: static assertion failed: "1 > 0 is true"
> 
> This is so much easier to read! Thanks for this. :)
> 
> If no one else snags it, I can take this via the hardening tree for
> -next once -rc2 is released.

I discussed about this with Andrew by DM.

Andrew can pick it up but for the next-next release. That is to say,
wait for [1] to be merged in v6.16 and then take it to target the v6.17
merge windows.

If you can take it in your hardening-next tree and have it merged in
v6.16, then this is convenient for me.

Just make sure that you send it to Linus after Yury's bitmap-for-next
get merged: https://github.com/norov/linux/commits/bitmap-for-next/

Usually, bitmap changes are merged at the very beginning of the merge
window so that should be OK.


[1] commit b88937277df ("drm/i915: Convert REG_GENMASK*() to fixed-width
GENMASK_U*()")
Link: https://git.kernel.org/next/linux-next/c/b88937277df

Yours sincerely,
Vincent Mailhol

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ