lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAGG=3QWMrs0j59Zt1BEh=8YOx_yeJA4n6v2yJFoxuHBq3COPRg@mail.gmail.com>
Date: Mon, 24 Nov 2025 12:05:03 -0800
From: Bill Wendling <morbo@...gle.com>
To: Kees Cook <kees@...nel.org>
Cc: linux-kernel@...r.kernel.org, 
	"Gustavo A. R. Silva" <gustavoars@...nel.org>, Nathan Chancellor <nathan@...nel.org>, 
	Nick Desaulniers <nick.desaulniers+lkml@...il.com>, Justin Stitt <justinstitt@...gle.com>, 
	linux-hardening@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH 0/2] Add __counted_by_ptr macro

On Fri, Nov 21, 2025 at 3:25 PM Kees Cook <kees@...nel.org> wrote:
> On Fri, Nov 21, 2025 at 07:39:42PM +0000, Bill Wendling wrote:
> > These patches add the __counted_by_ptr macro and then uses it in
> > mm/memblock.h. The name of the __counted_by_ptr attribute is the same as
> > __counted_by, but two different macros are needed, because of feature
> > skew in GCC and clang. Once the minmum versions of the compilers support
> > 'counted_by' on both flexible array members and pointers in structs,
> > this macro will become obsolete.
> >
> > Bill Wendling (2):
> >   Compiler Attributes: Add __counted_by_ptr macro
> >   memblock: annotate struct memblock_type with __counted_by_ptr
>
> Based on this[1] thread, I think we'll need to wait for GCC and Clang to
> release with the "void *" support first, and then push the counted_by up
> to that version to cover flexible arrays, pointers, and void *.
>
> [1] https://lore.kernel.org/lkml/20251021095447.GL3245006@noisy.programming.kicks-ass.net/
>
Would it make sense to add it with the expected compiler version
releases so that (1) we'll be ready when the compilers are released,
and (2) people could test the new features with compiler RCs?

-bw

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ