lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANiq72nXcyig=FYY5NEP1RYADArk86XJEUxsoA5R2gGe7O3uLg@mail.gmail.com>
Date: Tue, 17 Oct 2023 17:03:56 +0200
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: Benno Lossin <benno.lossin@...ton.me>, Andrew Lunn <andrew@...n.ch>, 
	FUJITA Tomonori <fujita.tomonori@...il.com>, netdev@...r.kernel.org, 
	rust-for-linux@...r.kernel.org, tmgross@...ch.edu, boqun.feng@...il.com, 
	wedsonaf@...il.com
Subject: Re: [PATCH net-next v4 1/4] rust: core abstractions for network PHY drivers

On Tue, Oct 17, 2023 at 4:21 PM Greg KH <gregkh@...uxfoundation.org> wrote:
>
> Again, no, deal with what we have today, kernel code is NOT
> future-proof, that's not how we write this stuff.

That would make the abstractions "unsound", i.e. UB could be
introduced from safe Rust code, which is what Rust aims to prevent.

It is not so much that we care about "unwritten code" (or out-of-tree
code), but rather that it prevents having UB in users of the
abstractions.

Put another way, there may be no code today that triggers UB, but
there could be, tomorrow, with a new driver. Or when somebody modifies
a module. The goal is to simply not allow broken users to compile to
begin with.

So if we allow unsound abstractions to be merged, then we are
essentially losing that "layer" of protection that Rust gives, and
thus one of its key advantages. Instead, if we manage to keep the
abstractions sound, then we can review Rust modules that do not use
`unsafe` and statically know that they are not introducing UB.

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ