| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68ba09a2.050a0220.84a5d.2f3a@mx.google.com> Date: Thu, 4 Sep 2025 14:50:23 -0700 From: Mitchell Levy <levymitchell0@...il.com> To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com> Cc: Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, Andreas Hindborg <a.hindborg@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>, Andrew Morton <akpm@...ux-foundation.org>, Dennis Zhou <dennis@...nel.org>, Tejun Heo <tj@...nel.org>, Christoph Lameter <cl@...ux.com>, Danilo Krummrich <dakr@...nel.org>, Benno Lossin <lossin@...nel.org>, Yury Norov <yury.norov@...il.com>, Viresh Kumar <viresh.kumar@...aro.org>, Tyler Hicks <code@...icks.com>, linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org, linux-mm@...ck.org Subject: Re: [PATCH v3 5/7] rust: percpu: Support non-zeroable types for DynamicPerCpu On Thu, Sep 04, 2025 at 10:37:48PM +0200, Miguel Ojeda wrote: > On Thu, Sep 4, 2025 at 10:17 PM Mitchell Levy <levymitchell0@...il.com> wrote: > > > > Will do. > > By the way, sorry -- just to clarify, I didn't mean to remove > anything, but rather split it (likely at the first full stop). Oh no worries, I gotcha > > Yes, this is true; strictly speaking, calling this function without > > dereferencing the returned pointer is always safe. I suppose I find i > t> clearer that, when a function has preconditions that are necessary for > > it to return a valid pointer, the "safe-ness" has more to do with the > > functions preconditions than the act of dereferencing the pointer. > > In that case, I would make it safe -- we don't use safety > preconditions to mark "dangerous" operations, so to speak. Understood. > > In this case, the pointer shouldn't be going very far, but I think this > > logic applies especially well in cases where pointers might be getting > > stored away for later (and so the validity of the dereference later on > > might rely on non-local conditions). > > But that applies to any returned raw pointer, no? This is a fair point :) > > This flows from the first requirement (that `self` is a live allocation, > > which is necessary for `per_cpu_ptr` to return a valid pointer). Though, > > as above, simply possessing this pointer isn't UB, so it's arguable that > > any call to `per_cpu_ptr` (on x86 at least, I'm not sure how it's > > implemented on other arches) is always safe. Regardless, I agree this > > comment should be more clear (even if the function is safe, it's > > probably worth noting why the pointer returned is valid when the > > function preconditions are met); will fix. > > Sounds good, thanks! > > If you have cases you think other architectures may have different > requirements, and you think it is likely one could enable the support > for other arches and break it, then I would suggest adding a comment > about it. > > Or, ideally, try to see if other architectures are fine already, even > if you still don't enable the code in other arches. Yeah agreed, I'd like to get ARM64 support going soon-ish at the very least. My hope is that I should only need to mess with `percpu::numeric` and `PerCpuPtr::get_ptr`... usage of `per_cpu_ptr` *shouldn't* have any prerequisites, but there's just this note: https://elixir.bootlin.com/linux/v6.17-rc4/source/include/asm-generic/percpu.h#L29 so I don't want to make strong claims :) (note, I think the comment about x86_64 might be out-of-date, see https://elixir.bootlin.com/linux/v6.17-rc4/source/arch/x86/kernel/setup_percpu.c#L32 and https://elixir.bootlin.com/linux/v6.17-rc4/source/arch/x86/kernel/setup_percpu.c#L165 ) Thanks, Mitchell > Cheers, > Miguel
Powered by blists - more mailing lists