| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACT4Y+bV-3HgNOAd+f7W0RBU2-qoocpMCepKhLEb+BcyiJM5Mg@mail.gmail.com> Date: Wed, 25 Jun 2025 10:56:04 +0200 From: Dmitry Vyukov <dvyukov@...gle.com> To: Sasha Levin <sashal@...nel.org> Cc: kees@...nel.org, elver@...gle.com, linux-api@...r.kernel.org, linux-kernel@...r.kernel.org, tools@...nel.org, workflows@...r.kernel.org Subject: Re: [RFC 00/19] Kernel API Specification Framework On Tue, 24 Jun 2025 at 22:04, Sasha Levin <sashal@...nel.org> wrote: > >9. I see that syscalls and ioctls say: > >KAPI_CONTEXT(KAPI_CTX_PROCESS | KAPI_CTX_SLEEPABLE) > >Can't we make this implicit? Are there any other options? > > Maybe? I wasn't sure how we'd describe somthing like getpid() which > isn't supposed to sleep. > > >Similarly an ioctl description says it releases a mutex (.released = true,), > >all ioctls/syscalls must release all acquired mutexes, no? > >Generally, the less verbose the descriptions are, the higher chances of their survival. > >+Marco also works static compiler-enforced lock checking annotations, > >I wonder if they can be used to describe this in a more useful way. > > I was thinking about stuff like futex or flock which can return with a > lock back to userspace. I see, this makes sense. Then I would go with explicitly specifying rare uncommon cases instead, and require 99% of common cases be the default that does not require saying anything. E.g. KAPI_CTX_NON_SLEEPABLE, .not_released = true. KAPI_CTX_NON_SLEEPABLE looks useful, since it allows easy validation: set current flag, and BUG on any attempt to sleep when the flag is set (lockdep probably already has required pieces for this).
Powered by blists - more mailing lists