lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251022082025.GK4067720@noisy.programming.kicks-ass.net>
Date: Wed, 22 Oct 2025 10:20:25 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Kees Cook <kees@...nel.org>
Cc: Miguel Ojeda <ojeda@...nel.org>, Nathan Chancellor <nathan@...nel.org>,
	Nick Desaulniers <nick.desaulniers+lkml@...il.com>,
	Bill Wendling <morbo@...gle.com>,
	Justin Stitt <justinstitt@...gle.com>,
	Marco Elver <elver@...gle.com>,
	Przemek Kitszel <przemyslaw.kitszel@...el.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Masahiro Yamada <masahiroy@...nel.org>,
	Christophe Leroy <christophe.leroy@...roup.eu>,
	Johannes Weiner <hannes@...xchg.org>, llvm@...ts.linux.dev,
	Al Viro <viro@...iv.linux.org.uk>, Arnd Bergmann <arnd@...db.de>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
	Nicolas Schier <nicolas.schier@...ux.dev>,
	Shuah Khan <shuah@...nel.org>,
	"Gustavo A. R. Silva" <gustavoars@...nel.org>,
	Thomas Weißschuh <thomas.weissschuh@...utronix.de>,
	Tamir Duberstein <tamird@...il.com>,
	Michael Kelley <mhklinux@...look.com>,
	kernel test robot <lkp@...el.com>,
	Heiko Carstens <hca@...ux.ibm.com>, Uros Bizjak <ubizjak@...il.com>,
	Jan Hendrik Farr <kernel@...rr.cc>,
	Yafang Shao <laoar.shao@...il.com>,
	Marc Herbert <Marc.Herbert@...ux.intel.com>,
	Christopher Ferris <cferris@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Alexander Lobakin <aleksander.lobakin@...el.com>,
	Paolo Abeni <pabeni@...hat.com>, Tejun Heo <tj@...nel.org>,
	Jeff Xu <jeffxu@...omium.org>,
	Michal Koutný <mkoutny@...e.com>,
	Shakeel Butt <shakeel.butt@...ux.dev>,
	Randy Dunlap <rdunlap@...radead.org>,
	Brian Gerst <brgerst@...il.com>, linux-kernel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, linux-kbuild@...r.kernel.org,
	linux-kselftest@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH 1/3] compiler_types: Introduce __counted_by_ptr()

On Tue, Oct 21, 2025 at 12:24:05PM -0700, Kees Cook wrote:
> On Tue, Oct 21, 2025 at 11:54:47AM +0200, Peter Zijlstra wrote:

> > So why do we need both __counted_by_ptr() and this __sized_by(), won't
> > one be good enough?
> 
> I remain extraordinarily frustrated that counted_by can't be used with
> "void *". I hit a brick wall on this, though, and don't know how to
> convince either GCC or Clang devs to fix it. It's so obviously correct
> to me: "void *" uses a 1 byte iterator for arithmetic... so asking how
> big a given allocation is should be byte sized!

Right, at least for gnu11 language variants this really should work. I
mean, disallow the usage for c11 if you're pedantic but for crying out
loud, have the GNU extensions be consistent and all that.

Feel free to use my feedback if it would help.

> Let me take another stab at it...

Thanks!

> As for avoiding __counted_by_ptr(), we could just raise the minimum
> Clang and GCC versions to require this, but that means dropping existing
> coverage (e.g GCC 15 supports only flexible array counted_by).
> 
> Maybe we could do a global __counted_by_ptr -> __counted_by replacement
> once GCC 16 is released?

That sounds like a plan! :-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ