lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhQXOezJ2=B1BQOqLgfuzDJEVS5G_r9+_bQ+OUNTpjZCKw@mail.gmail.com>
Date: Thu, 14 Aug 2025 11:19:31 -0400
From: Paul Moore <paul@...l-moore.com>
To: Benno Lossin <lossin@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>
Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>, 
	Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>, 
	Björn Roy Baron <bjorn3_gh@...tonmail.com>, 
	Andreas Hindborg <a.hindborg@...nel.org>, Trevor Gross <tmgross@...ch.edu>, 
	Danilo Krummrich <dakr@...nel.org>, Fiona Behrens <me@...enk.dev>, Jocelyn Falempe <jfalempe@...hat.com>, 
	rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 07/11] rust: security: replace `core::mem::zeroed` with `pin_init::zeroed`

On Thu, Aug 14, 2025 at 5:31 AM Benno Lossin <lossin@...nel.org> wrote:
>
> All types in `bindings` implement `Zeroable` if they can, so use
> `pin_init::zeroed` instead of relying on `unsafe` code.
>
> If this ends up not compiling in the future, something in bindgen or on
> the C side changed and is most likely incorrect.
>
> Signed-off-by: Benno Lossin <lossin@...nel.org>
> ---
>  rust/kernel/security.rs | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)

I'm happy to take this via the LSM tree, but it would be nice to see a
Reviewed-by/Acked-by from someone with a better understanding of Rust
:)

Alice, you've reviewed/submitted LSM rust bits in the past, can you
look at this?

> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 0c63e9e7e564..11a6493525f3 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -25,8 +25,7 @@ impl SecurityCtx {
>      /// Get the security context given its id.
>      #[inline]
>      pub fn from_secid(secid: u32) -> Result<Self> {
> -        // SAFETY: `struct lsm_context` can be initialized to all zeros.
> -        let mut ctx: bindings::lsm_context = unsafe { core::mem::zeroed() };
> +        let mut ctx: bindings::lsm_context = pin_init::zeroed();
>
>          // SAFETY: Just a C FFI call. The pointer is valid for writes.
>          to_result(unsafe { bindings::security_secid_to_secctx(secid, &mut ctx) })?;
> --
> 2.50.1

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ