rust-for-linux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
To: Wedson Almeida Filho <wedsonaf@google.com>
Cc: rust-for-linux@vger.kernel.org
Subject: Re: File operations
Date: Fri, 18 Dec 2020 04:58:46 +0100	[thread overview]
Message-ID: <CANiq72kHf8m2BGcj+znWnoLzfy_1kP3BQuRAmGTZXnW3tdtnhA@mail.gmail.com> (raw)
In-Reply-To: <CAMKQLNJBdaT_UrJCEAB3OP8usOz+F2QgEyFdtoFWP2-f3OTeQw@mail.gmail.com>

On Mon, Dec 14, 2020 at 3:03 AM Wedson Almeida Filho
<wedsonaf@google.com> wrote:
>
> But one potential issue that comes immediately to mind is that with a
> builder pattern, the value is created at run time. In our case, this
> is undesirable because this table contains function pointers: if we
> leave them in writable memory, they will become easy targets when
> attackers have write-vulnerabilities that they want to elevate to
> arbitrary execution; leaving the vtable in rdata (i.e., in read-only
> pages) is much preferable. This means that we need const functions,
> but we cannot have them in traits.

That's true, I was assuming the optimizer would realize it is a
compile-time value anyway, so that we could do it that way even
without using `const` etc.

> If we are ok with repeating function names, I have a solution with a
> much simpler macro. Of course, it is simple enough that clients can
> just ignore it and define the const themselves if they want to avoid
> macros at all costs. What do you think of
> https://github.com/Rust-for-Linux/linux/commit/13b2f2c47e62ad5bf824f7e15e14090c90a4ba9e
> ?

That looks quite good to me! It seems easy to use, and the
implementation is also easier to understand.

Cheers,
Miguel

      reply	other threads:[~2020-12-18  3:59 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-09 21:47 File operations Wedson Almeida Filho
2020-12-09 23:18 ` Miguel Ojeda
2020-12-13  0:01   ` Wedson Almeida Filho
2020-12-13  0:50     ` Miguel Ojeda
2020-12-13  2:12       ` Wedson Almeida Filho
2020-12-13  3:33         ` Miguel Ojeda
2020-12-14  2:02           ` Wedson Almeida Filho
2020-12-18  3:58             ` Miguel Ojeda [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CANiq72kHf8m2BGcj+znWnoLzfy_1kP3BQuRAmGTZXnW3tdtnhA@mail.gmail.com \
    --to=miguel.ojeda.sandonis@gmail.com \
    --cc=rust-for-linux@vger.kernel.org \
    --cc=wedsonaf@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).