| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aCtici15vSCBDbzE@pollux>
Date: Mon, 19 May 2025 18:55:14 +0200
From: Danilo Krummrich <dakr@...nel.org>
To: Remo Senekowitsch <remo@...nzli.dev>
Cc: Rob Herring <robh@...nel.org>, Saravana Kannan <saravanak@...gle.com>,
Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>,
Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Benno Lossin <benno.lossin@...ton.me>,
Andreas Hindborg <a.hindborg@...nel.org>,
Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Dirk Behme <dirk.behme@...bosch.com>, linux-kernel@...r.kernel.org,
devicetree@...r.kernel.org, rust-for-linux@...r.kernel.org
Subject: Re: [PATCH v4 6/9] rust: device: Add bindings for reading device
properties
On Mon, May 19, 2025 at 05:43:17PM +0200, Remo Senekowitsch wrote:
> On Mon May 12, 2025 at 3:36 PM CEST, Danilo Krummrich wrote:
> >> +/// Implemented for all integers that can be read as properties.
> >> +///
> >> +/// This helper trait is needed on top of the existing [`Property`]
> >> +/// trait to associate the integer types of various sizes with their
> >> +/// corresponding `fwnode_property_read_*_array` functions.
> >> +pub trait PropertyInt: Copy {
> >> + /// # Safety
> >> + ///
> >> + /// Callers must uphold the same safety invariants as for the various
> >> + /// `fwnode_property_read_*_array` functions.
> >
> > I think you have additional requirements on the fwnode, propname and val
> > pointers as well as on nval, please document them as well.
>
> What are the additional requirements? The implementation just calls the
> underlying `fwnode_property_read_*_array` with the exact same arguments,
> so I don't know what the additional requirements are.
First of all, I don't think you can refer to the safety requirements of the
`fwnode_property_read_*_array` functions, since they don't have any documented
safety requirements.
So, I think you have safety requirements regarding pointer validity of fwnode,
propname and val.
Additionally, there's the requirement that val has to be an array of nval
length.
Also, the PropertyInt trait itself has to be unsafe, given that it contains
unsafe functions.
I also pinged Benno about it, he usually knows best how to cover such things
properly. :)
> >> + unsafe fn read_array_from_fwnode_property(
> >> + fwnode: *const bindings::fwnode_handle,
> >> + propname: *const ffi::c_char,
> >> + val: *mut Self,
> >> + nval: usize,
> >> + ) -> ffi::c_int;
> >> +}
Powered by blists - more mailing lists