lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0d5a71b7-92d4-4052-93a8-ed61bc9ebb67@nvidia.com>
Date: Wed, 21 May 2025 11:57:24 -0400
From: Joel Fernandes <joelagnelf@...dia.com>
To: Boqun Feng <boqun.feng@...il.com>, Alexandre Courbot <acourbot@...dia.com>
Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>,
 Gary Guo <gary@...yguo.net>, Björn Roy Baron
 <bjorn3_gh@...tonmail.com>, Benno Lossin <benno.lossin@...ton.me>,
 Andreas Hindborg <a.hindborg@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>,
 Trevor Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>,
 David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>,
 Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
 Maxime Ripard <mripard@...nel.org>, Thomas Zimmermann <tzimmermann@...e.de>,
 John Hubbard <jhubbard@...dia.com>, Ben Skeggs <bskeggs@...dia.com>,
 Timur Tabi <ttabi@...dia.com>, Alistair Popple <apopple@...dia.com>,
 linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
 nouveau@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org
Subject: Re: [PATCH v4 01/20] rust: dma: expose the count and size of
 CoherentAllocation



On 5/21/2025 8:43 AM, Boqun Feng wrote:
> On Wed, May 21, 2025 at 03:44:56PM +0900, Alexandre Courbot wrote:
>> These properties are very useful to have and should be accessible.
>>
>> Signed-off-by: Alexandre Courbot <acourbot@...dia.com>
>> ---
>>  rust/kernel/dma.rs | 18 ++++++++++++++++++
>>  1 file changed, 18 insertions(+)
>>
>> diff --git a/rust/kernel/dma.rs b/rust/kernel/dma.rs
>> index 605e01e35715667f93297fd9ec49d8e7032e0910..2a60eefa47dfc1f836c30ee342e26c6ff3e9b13a 100644
>> --- a/rust/kernel/dma.rs
>> +++ b/rust/kernel/dma.rs
>> @@ -129,6 +129,10 @@ pub mod attrs {
>>  //
>>  // Hence, find a way to revoke the device resources of a `CoherentAllocation`, but not the
>>  // entire `CoherentAllocation` including the allocated memory itself.
>> +//
>> +// # Invariants
>> +//
>> +// The size in bytes of the allocation is equal to `size_of::<T> * count()`.
>>  pub struct CoherentAllocation<T: AsBytes + FromBytes> {
>>      dev: ARef<Device>,
>>      dma_handle: bindings::dma_addr_t,
>> @@ -201,6 +205,20 @@ pub fn alloc_coherent(
>>          CoherentAllocation::alloc_attrs(dev, count, gfp_flags, Attrs(0))
>>      }
>>  
>> +    /// Returns the number of elements `T` in this allocation.
>> +    ///
>> +    /// Note that this is not the size of the allocation in bytes, which is provided by
>> +    /// [`Self::size`].
>> +    pub fn count(&self) -> usize {
>> +        self.count
>> +    }
>> +
>> +    /// Returns the size in bytes of this allocation.
>> +    pub fn size(&self) -> usize {
>> +        // As per the invariants of `CoherentAllocation`.
>> +        self.count * core::mem::size_of::<T>()
> 
> I think we need a comment or even an invariant saying this multiply
> cannot overflow.
> 
If there is a coding error (say large count passed to alloc_coherent()), then I
don't think it can guaranteed. Maybe use
self.count.checked_mul(core::mem::size_of::<T>())?

thanks,

 - Joel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ