lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <DA66NJXU86M4.1HU12P6E79JLO@kernel.org>
Date: Mon, 26 May 2025 17:04:26 +0200
From: "Benno Lossin" <lossin@...nel.org>
To: "Tamir Duberstein" <tamird@...il.com>, "Michal Rostecki"
 <vadorovsky@...tonmail.com>, "Miguel Ojeda" <ojeda@...nel.org>, "Alex
 Gaynor" <alex.gaynor@...il.com>, "Boqun Feng" <boqun.feng@...il.com>, "Gary
 Guo" <gary@...yguo.net>, Björn Roy Baron
 <bjorn3_gh@...tonmail.com>, "Andreas Hindborg" <a.hindborg@...nel.org>,
 "Alice Ryhl" <aliceryhl@...gle.com>, "Trevor Gross" <tmgross@...ch.edu>,
 "Brendan Higgins" <brendan.higgins@...ux.dev>, "David Gow"
 <davidgow@...gle.com>, "Rae Moar" <rmoar@...gle.com>, "Danilo Krummrich"
 <dakr@...nel.org>, "Maarten Lankhorst" <maarten.lankhorst@...ux.intel.com>,
 "Maxime Ripard" <mripard@...nel.org>, "Thomas Zimmermann"
 <tzimmermann@...e.de>, "David Airlie" <airlied@...il.com>, "Simona Vetter"
 <simona@...ll.ch>, "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
 "Rafael J. Wysocki" <rafael@...nel.org>, "Luis Chamberlain"
 <mcgrof@...nel.org>, "Russ Weight" <russ.weight@...ux.dev>, "FUJITA
 Tomonori" <fujita.tomonori@...il.com>, "Rob Herring" <robh@...nel.org>,
 "Saravana Kannan" <saravanak@...gle.com>, "Peter Zijlstra"
 <peterz@...radead.org>, "Ingo Molnar" <mingo@...hat.com>, "Will Deacon"
 <will@...nel.org>, "Waiman Long" <longman@...hat.com>, "Nathan Chancellor"
 <nathan@...nel.org>, "Nick Desaulniers" <nick.desaulniers+lkml@...il.com>,
 "Bill Wendling" <morbo@...gle.com>, "Justin Stitt"
 <justinstitt@...gle.com>, "Andrew Lunn" <andrew@...n.ch>, "Heiner Kallweit"
 <hkallweit1@...il.com>, "Russell King" <linux@...linux.org.uk>, "David S.
 Miller" <davem@...emloft.net>, "Eric Dumazet" <edumazet@...gle.com>, "Jakub
 Kicinski" <kuba@...nel.org>, "Paolo Abeni" <pabeni@...hat.com>, "Bjorn
 Helgaas" <bhelgaas@...gle.com>, "Arnd Bergmann" <arnd@...db.de>, "Jens
 Axboe" <axboe@...nel.dk>, Krzysztof Wilczyński
 <kwilczynski@...nel.org>
Cc: <rust-for-linux@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
 <linux-kselftest@...r.kernel.org>, <kunit-dev@...glegroups.com>,
 <dri-devel@...ts.freedesktop.org>, <netdev@...r.kernel.org>,
 <devicetree@...r.kernel.org>, <llvm@...ts.linux.dev>,
 <linux-pci@...r.kernel.org>, <nouveau@...ts.freedesktop.org>,
 <linux-block@...r.kernel.org>
Subject: Re: [PATCH v10 4/5] rust: replace `kernel::c_str!` with C-Strings

On Sat May 24, 2025 at 10:33 PM CEST, Tamir Duberstein wrote:
> -/// Creates a new [`CStr`] from a string literal.
> +/// Creates a static C string wrapper at compile time.
>  ///
> -/// The string literal should not contain any `NUL` bytes.
> +/// Rust supports C string literals since Rust 1.77, and they should be used instead of this macro
> +/// where possible. This macro exists to allow static *non-literal* C strings to be created at
> +/// compile time. This is most often used in other macros.
> +///
> +/// # Panics
> +///
> +/// This macro panics if the operand contains an interior `NUL` byte.
>  ///
>  /// # Examples
>  ///
>  /// ```
> -/// # use kernel::c_str;
> +/// # use kernel::c_str_avoid_literals;
>  /// # use kernel::str::CStr;
> -/// const MY_CSTR: &CStr = c_str!("My awesome CStr!");
> +/// const MY_CSTR: &CStr = c_str_avoid_literals!(concat!(file!(), ":", line!(), ": My CStr!"));
>  /// ```
>  #[macro_export]
> -macro_rules! c_str {
> +macro_rules! c_str_avoid_literals {

I don't like this name, how about `concat_to_c_str` or
`concat_with_nul`?

This macro also is useful from macros that have a normal string literal,
but can't turn it into a `c""` one.

> +    // NB: we could write `($str:lit) => compile_error!("use a C string literal instead");` here but
> +    // that would trigger when the literal is at the top of several macro expansions. That would be
> +    // too limiting to macro authors, so we rely on the name as a hint instead.
>      ($str:expr) => {{
> -        const S: &str = concat!($str, "\0");
> -        const C: &$crate::str::CStr = match $crate::str::CStr::from_bytes_with_nul(S.as_bytes()) {
> -            Ok(v) => v,
> -            Err(_) => panic!("string contains interior NUL"),
> -        };
> +        const S: &'static str = concat!($str, "\0");
> +        const C: &'static $crate::str::CStr =
> +            match $crate::str::CStr::from_bytes_with_nul(S.as_bytes()) {

Why is this still our CStr?

> +                Ok(v) => v,
> +                Err(err) => {
> +                    let _: core::ffi::FromBytesWithNulError = err;

Is this really necessary?

---
Cheers,
Benno

> +                    panic!("string contains interior NUL")
> +                }
> +            };
>          C
>      }};
>  }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ