| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250922171136.GA12668@lst.de> Date: Mon, 22 Sep 2025 19:11:36 +0200 From: Christoph Hellwig <hch@....de> To: Marco Elver <elver@...gle.com> Cc: Christoph Hellwig <hch@....de>, Nathan Chancellor <nathan@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Boqun Feng <boqun.feng@...il.com>, Ingo Molnar <mingo@...nel.org>, Will Deacon <will@...nel.org>, "David S. Miller" <davem@...emloft.net>, Luc Van Oostenryck <luc.vanoostenryck@...il.com>, "Paul E. McKenney" <paulmck@...nel.org>, Alexander Potapenko <glider@...gle.com>, Arnd Bergmann <arnd@...db.de>, Bart Van Assche <bvanassche@....org>, Bill Wendling <morbo@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Frederic Weisbecker <frederic@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Herbert Xu <herbert@...dor.apana.org.au>, Ian Rogers <irogers@...gle.com>, Jann Horn <jannh@...gle.com>, Joel Fernandes <joelagnelf@...dia.com>, Jonathan Corbet <corbet@....net>, Josh Triplett <josh@...htriplett.org>, Justin Stitt <justinstitt@...gle.com>, Kees Cook <kees@...nel.org>, Kentaro Takeda <takedakn@...data.co.jp>, Lukas Bulwahn <lukas.bulwahn@...il.com>, Mark Rutland <mark.rutland@....com>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Miguel Ojeda <ojeda@...nel.org>, Neeraj Upadhyay <neeraj.upadhyay@...nel.org>, Nick Desaulniers <nick.desaulniers+lkml@...il.com>, Steven Rostedt <rostedt@...dmis.org>, Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>, Thomas Gleixner <tglx@...utronix.de>, Thomas Graf <tgraf@...g.ch>, Uladzislau Rezki <urezki@...il.com>, Waiman Long <longman@...hat.com>, kasan-dev@...glegroups.com, linux-crypto@...r.kernel.org, linux-doc@...r.kernel.org, linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org, linux-mm@...ck.org, linux-security-module@...r.kernel.org, linux-sparse@...r.kernel.org, llvm@...ts.linux.dev, rcu@...r.kernel.org Subject: Re: [PATCH v3 00/35] Compiler-Based Capability- and Locking-Analysis On Mon, Sep 22, 2025 at 11:33:23AM +0200, Marco Elver wrote: > I gave this a try, and with the below patch and the Clang fix [1], > fs/xfs compiles cleanly. I think the fundamental limitation are the > conditional locking wrappers. I suspect it's possible to do better than > disabling the analysis here, by overapproximating the lock set taken > (like you did elsewhere), so that at least the callers are checked, but > when I tried it showed lots of callers need annotating as well, so I > gave up at that point. Still, it might be better than no checking at > all. I guess this at least allows us to work with the analysis, even if it drops coverage for one of the most important locks. I guess you also have CONFIG_XFS_QUOTA disabled as that would lead to similar warnings, and also currently has the lock the object on return if it's not a NULL return case? I now have a local series to remove that instance, but I've seen that pattern elsewhere in the kernel code. Besides the conditional locking these two also do another thing that is nasty to the analysis, the locked state can be attached to a transaction and unlocked at transaction commit. Not sure how to best model that. > [1] https://github.com/llvm/llvm-project/pull/159921 Thanks for all the work!
Powered by blists - more mailing lists