| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJ-ks9n1SqM_1xAstHQpp8Z7-2JSTkp9zUn8kwZA7OAAqWxQ6Q@mail.gmail.com>
Date: Sun, 22 Jun 2025 13:48:28 -0400
From: Tamir Duberstein <tamird@...il.com>
To: Antonio Hickey <contact@...oniohickey.com>
Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>,
Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Benno Lossin <lossin@...nel.org>, Andreas Hindborg <a.hindborg@...nel.org>,
Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>,
Danilo Krummrich <dakr@...nel.org>, Daniel Cote <danielstonecote@...il.com>,
linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org
Subject: Re: [PATCH v3 1/2] rust: kernel: create `overflow_assert!` macro
On Sat, Jun 21, 2025 at 7:06 PM Antonio Hickey
<contact@...oniohickey.com> wrote:
>
> This commit creates a macro for overflow assertions. The use of this
> macro will avoid local `#ifdef`s by encapsulating the conditional
> behavior (like `#[cfg(CONFIG_RUST_OVERFLOW_CHECKS)]`) to the macro.
>
> In addition this macro allows us to document the intent of the assertion
> more clearly.
>
> Co-developed-by: Daniel Cote <danielstonecote@...il.com>
> Signed-off-by: Daniel Cote <danielstonecote@...il.com>
> Signed-off-by: Antonio Hickey <contact@...oniohickey.com>
> Link: https://github.com/Rust-for-Linux/linux/issues/1159
> Suggested-by: Miguel Ojeda <ojeda@...nel.org>
> ---
> rust/kernel/lib.rs | 1 +
> rust/kernel/overflow_assert.rs | 33 +++++++++++++++++++++++++++++++++
> 2 files changed, 34 insertions(+)
> create mode 100644 rust/kernel/overflow_assert.rs
>
> diff --git a/rust/kernel/lib.rs b/rust/kernel/lib.rs
> index 6b4774b2b1c3..e395adb6b293 100644
> --- a/rust/kernel/lib.rs
> +++ b/rust/kernel/lib.rs
> @@ -92,6 +92,7 @@
> pub mod of;
> #[cfg(CONFIG_PM_OPP)]
> pub mod opp;
> +pub mod overflow_assert;
> pub mod page;
> #[cfg(CONFIG_PCI)]
> pub mod pci;
> diff --git a/rust/kernel/overflow_assert.rs b/rust/kernel/overflow_assert.rs
> new file mode 100644
> index 000000000000..cc5f60611ba2
> --- /dev/null
> +++ b/rust/kernel/overflow_assert.rs
> @@ -0,0 +1,33 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +//! Overflow assert.
s/assert/assertion/
AFAIK the standard library always uses assertion where a noun is
needed, and assert where a verb is needed.
> +
> +/// Verifies at runtime that an expression is within an expected bound.
> +///
> +/// This macro is only active when `CONFIG_RUST_OVERFLOW_CHECKS` is enabled.
> +///
> +/// # Examples
> +///
> +/// ```
> +/// overflow_assert!(3 <= 10);
> +/// overflow_assert!(5 <= 5);
> +///
> +/// const X: u8 = 5;
> +/// overflow_assert!(X + 3 < 10);
> +///
> +/// const fn f(x: i32) -> i32 {
> +/// x + 1
> +/// }
> +/// overflow_assert!(f(40) < 42);
> +/// ```
> +#[macro_export]
> +macro_rules! overflow_assert {
> + ($cond:expr) => {
> + if cfg!(CONFIG_RUST_OVERFLOW_CHECKS) {
> + ::core::assert!(
> + $cond,
> + concat!("overflow assertion failed: ", stringify!($cond))
Can we still allow the caller to pass additional arguments to the
macro, so that the overflowing value can be emitted? Alternatively if
the expectation is that this macro is always used with a comparison
operator perhaps we could have `overflow_assert_lt` and
`overflow_assert_le` which provide panic messages containing the
operand values?
> + );
> + }
> + };
> +}
> --
> 2.50.0
>
>
>
Powered by blists - more mailing lists