From: Wedson Almeida Filho <wedsonaf@google.com>
To: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Cc: rust-for-linux@vger.kernel.org
Subject: Re: File operations
Date: Mon, 14 Dec 2020 02:02:50 +0000 [thread overview]
Message-ID: <CAMKQLNJBdaT_UrJCEAB3OP8usOz+F2QgEyFdtoFWP2-f3OTeQw@mail.gmail.com> (raw)
In-Reply-To: <CANiq72nqTv=py=rXaJM7=YfC0EZozqqjZpp3HYCjw7EfhhRreQ@mail.gmail.com>
On Sun, 13 Dec 2020 at 03:33, Miguel Ojeda
<miguel.ojeda.sandonis@gmail.com> wrote:
> For instance, could the user define a type with only the methods they
> need and then construct the `file_operations` struct (perhaps
> abstracted the builder pattern)? The codegen/performance should be OK,
> since all the values would be known. The downside is that you need to
> actually repeat your functions in the builder, but the positive side
> is that the code is way more straightforward, no macros, etc.
Hmm, I hadn't thought of using the builder pattern. I need to think
about it some more.
But one potential issue that comes immediately to mind is that with a
builder pattern, the value is created at run time. In our case, this
is undesirable because this table contains function pointers: if we
leave them in writable memory, they will become easy targets when
attackers have write-vulnerabilities that they want to elevate to
arbitrary execution; leaving the vtable in rdata (i.e., in read-only
pages) is much preferable. This means that we need const functions,
but we cannot have them in traits.
If we are ok with repeating function names, I have a solution with a
much simpler macro. Of course, it is simple enough that clients can
just ignore it and define the const themselves if they want to avoid
macros at all costs. What do you think of
https://github.com/Rust-for-Linux/linux/commit/13b2f2c47e62ad5bf824f7e15e14090c90a4ba9e
?
Cheers,
-Wedson
next prev parent reply other threads:[~2020-12-14 2:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-09 21:47 File operations Wedson Almeida Filho
2020-12-09 23:18 ` Miguel Ojeda
2020-12-13 0:01 ` Wedson Almeida Filho
2020-12-13 0:50 ` Miguel Ojeda
2020-12-13 2:12 ` Wedson Almeida Filho
2020-12-13 3:33 ` Miguel Ojeda
2020-12-14 2:02 ` Wedson Almeida Filho [this message]
2020-12-18 3:58 ` Miguel Ojeda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMKQLNJBdaT_UrJCEAB3OP8usOz+F2QgEyFdtoFWP2-f3OTeQw@mail.gmail.com \
--to=wedsonaf@google.com \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=rust-for-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).