lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2025040954-prenatal-enamel-373f@gregkh>
Date: Wed, 9 Apr 2025 09:38:53 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: FUJITA Tomonori <fujita.tomonori@...il.com>
Cc: linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
	x86@...nel.org, linux-riscv@...ts.infradead.org,
	linux-arm-kernel@...ts.infradead.org, loongarch@...ts.linux.dev,
	tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
	dave.hansen@...ux.intel.com, peterz@...radead.org, hpa@...or.com,
	paul.walmsley@...ive.com, palmer@...belt.com, aou@...s.berkeley.edu,
	catalin.marinas@....com, will@...nel.org, chenhuacai@...nel.org,
	kernel@...0n.name, tangyouling@...ngson.cn, hejinyang@...ngson.cn,
	yangtiezhu@...ngson.cn, ojeda@...nel.org, alex.gaynor@...il.com,
	boqun.feng@...il.com, gary@...yguo.net, bjorn3_gh@...tonmail.com,
	benno.lossin@...ton.me, a.hindborg@...nel.org, aliceryhl@...gle.com,
	tmgross@...ch.edu
Subject: Re: [PATCH v5 4/4] rust: Add warn_on macro

On Wed, Apr 09, 2025 at 03:58:01PM +0900, FUJITA Tomonori wrote:
> Add warn_on macro, uses the BUG/WARN feature (lib/bug.c) via assembly
> for x86_64/arm64/riscv.
> 
> The current Rust code simply wraps BUG() macro but doesn't provide the
> proper debug information. The BUG/WARN feature can only be used from
> assembly.
> 
> This uses the assembly code exported by the C side via ARCH_WARN_ASM
> macro. To avoid duplicating the assembly code, this approach follows
> the same strategy as the static branch code: it generates the assembly
> code for Rust using the C preprocessor at compile time.
> 
> Similarly, ARCH_WARN_REACHABLE is also used at compile time to
> generate the assembly code; objtool's reachable anotation code. It's
> used for only architectures that use objtool.
> 
> For now, Loongarch and arm32 just use a wrapper for WARN macro.
> 
> UML doesn't use the assembly BUG/WARN feature; just wrapping generic
> BUG/WARN functions implemented in C works.
> 
> Signed-off-by: FUJITA Tomonori <fujita.tomonori@...il.com>

I don't object to this change, but I would STRONGLY recommend never
using this in any driver if at all possible.  Only use this if the
system is in such a state that the only way out is to reboot the kernel,
which is what both WARN() and BUG() will do.

Note, any way that a user can trigger either of these code paths will
result in a CVE, so don't do that either.  Almost always just properly
handle the issue and propagate up the error to the caller.

thanks,

gre gk-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ