lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260119114526-a15e7172-fc4c-40d0-a651-7c4a21acb1c8@linutronix.de>
Date: Mon, 19 Jan 2026 11:56:33 +0100
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: David Laight <david.laight.linux@...il.com>
Cc: "David S. Miller" <davem@...emloft.net>, 
	Andreas Larsson <andreas@...sler.com>, Andy Lutomirski <luto@...nel.org>, 
	Thomas Gleixner <tglx@...nel.org>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, 
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>, 
	Arnd Bergmann <arnd@...db.de>, Heiko Carstens <hca@...ux.ibm.com>, 
	Vasily Gorbik <gor@...ux.ibm.com>, Alexander Gordeev <agordeev@...ux.ibm.com>, 
	Christian Borntraeger <borntraeger@...ux.ibm.com>, Sven Schnelle <svens@...ux.ibm.com>, sparclinux@...r.kernel.org, 
	linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org, linux-s390@...r.kernel.org
Subject: Re: [PATCH 4/4] asm-generic/bitsperlong.h: Add sanity checks for
 __BITS_PER_LONG

On Mon, Jan 19, 2026 at 10:37:58AM +0000, David Laight wrote:
> On Mon, 19 Jan 2026 11:13:08 +0100
> Thomas Weißschuh <thomas.weissschuh@...utronix.de> wrote:
> 
> > On Mon, Jan 19, 2026 at 10:06:19AM +0000, David Laight wrote:
> > > On Fri, 16 Jan 2026 08:40:27 +0100
> > > Thomas Weißschuh <thomas.weissschuh@...utronix.de> wrote:
> > >   
> > > > The value of __BITS_PER_LONG from architecture-specific logic should
> > > > always match the generic one if that is available. It should also match
> > > > the actual C type 'long'.
> > > > 
> > > > Mismatches can happen for example when building the compat vDSO. Either
> > > > during the compilation, see commit 9a6d3ff10f7f ("arm64: uapi: Provide
> > > > correct __BITS_PER_LONG for the compat vDSO"), or when running sparse
> > > > when mismatched CHECKFLAGS are inherited from the kernel build.
> > > > 
> > > > Add some consistency checks which detect such issues early and clearly.
> > > > The tests are added to the UAPI header to make sure it is also used when
> > > > building the vDSO as that is not supposed to use regular kernel headers.
> > > > 
> > > > The kernel-interal BITS_PER_LONG is not checked as it is derived from
> > > > CONFIG_64BIT and therefore breaks for the compat vDSO. See the similar,
> > > > deactivated check in include/asm-generic/bitsperlong.h.
> > > > 
> > > > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
> > > > ---
> > > >  include/uapi/asm-generic/bitsperlong.h | 14 ++++++++++++++
> > > >  1 file changed, 14 insertions(+)
> > > > 
> > > > diff --git a/include/uapi/asm-generic/bitsperlong.h b/include/uapi/asm-generic/bitsperlong.h
> > > > index fadb3f857f28..9d762097ae0c 100644
> > > > --- a/include/uapi/asm-generic/bitsperlong.h
> > > > +++ b/include/uapi/asm-generic/bitsperlong.h
> > > > @@ -28,4 +28,18 @@
> > > >  #define __BITS_PER_LONG_LONG 64
> > > >  #endif
> > > >  
> > > > +/* Consistency checks */
> > > > +#ifdef __KERNEL__
> > > > +#if defined(__CHAR_BIT__) && defined(__SIZEOF_LONG__)
> > > > +#if __BITS_PER_LONG != (__CHAR_BIT__ * __SIZEOF_LONG__)
> > > > +#error Inconsistent word size. Check uapi/asm/bitsperlong.h
> > > > +#endif
> > > > +#endif
> > > > +
> > > > +#ifndef __ASSEMBLER__
> > > > +_Static_assert(sizeof(long) * 8 == __BITS_PER_LONG,
> > > > +	       "Inconsistent word size. Check uapi/asm/bitsperlong.h");  
> > > 
> > > nak...
> > > 
> > > You can't assume the compiler has _Static_assert().
> > > All the ones that do probably define __SIZEOF_LONG__.
> > > You could use something 'old-school' like:
> > > typedef char __inconsistent_long_size[1 - 2 * (sizeof(long) * 8 != __BITS_PER_LONG))];  
> > 
> > This is only used when building the kernel, it never actually reaches
> > userspace. And all supported compilers for the kernel do have _Static_assert().
> > As indicated by other users of _Static_assert() we have elsewhere in the tree.
> 
> Don't you need a check that it isn't wrong on a user system?
> Which is what I thought it was doing.

Not really. The overrides defined by arch/*/include/uapi/asm/bitsperlong.h are
being tested here. If they work in the kernel build I assume they also work
in userspace.

> The earlier check can also just be:
> 
> #if defined(__SIZEOF_LONG__) && __BITS_PER_LONG != 8 * __SIZEOF_LONG__
> #error Inconsistent word size. Check uapi/asm/bitsperlong.h
> #endif

The if defined(__SIZEOF_LONG__) is also unnecessary as that is always present
with the supported kernel compilers.  So we can drop one level of ifdeffery.

Testing __CHAR_BIT__ == 8 would again test the compiler implementation and not
the UAPI headers, so I'd rather not do it. Using __CHAR_BIT__ in the test is
done for consistency with the generic implementation.


Thomas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ