Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 13 Oct 2015 14:56:22 -0400
From: Rich Felker <dalias@...c.org>
To: Denys Vlasenko <vda.linux@...glemail.com>
Cc: musl <musl@...ts.openwall.com>,
	Aboriginal Linux <aboriginal@...ts.landley.net>
Subject: Re: Re: musl and kernel headers [was Re: system-images 1.4.2:
 od is broken; bzip2 is missing]

On Tue, Oct 13, 2015 at 08:02:47PM +0200, Denys Vlasenko wrote:
> On Tue, Oct 13, 2015 at 5:05 PM, Rich Felker <dalias@...ifal.cx> wrote:
> >> > > This would address the case where the kernel header is included first,
> >> > > but it's not a case I or most of the musl community wants to support,
> >> > > because there's no guarantee that the kernel's definitions of these
> >> > > structures will actually be compatible with use elsewhere in the libc
> >> > > headers, etc.
> >> >
> >> > If kernel's definition does not match yours, there is a much
> >> > bigger problem than "includes do not compile":
> >> > kernel and userspace definitions of these structs *must* match
> >> > (modulo harmless things like different typedef names for field types).
> >> >
> >> > So in this case either kernel or libc would need to be fixed.
> >>
> >> why?
> >>
> >> in practice most types are c abi compatible with the kernel
> >> because translating the types at the syscall boundary is
> >> painful/impossible.
> >>
> >> but even with compatible binary representation there is
> >> plenty space for disagreement between kernel and libc on
> >> the source level. (of course code that includes both libc
> >> and kernel headers might not care about posix namespace
> >> violations or undefined behaviour in kernel headers..)
> >>
> >> and libc-compat does not cover all conflicting cases
> >> (i assume they just add workarouds when somebody hits
> >> a conflict), e.g. sys/inotify.h and linux/inotify.h are
> >> in conflict (and linux/inotify.h is not even standard c).
> >
> > Indeed the problem here is source compatibility, not binary
> > compatibility. Issues like names of types, choice of distinct types
> > that have the same size and representation but which are not
> > compatible types (which make problems if you take the address of the
> > member, including possibly aliasing problems which are real-world
> > bugs), etc.
> 
> It's not that bad in practice.
> 
> In C, typedefs are not new types. uint16_t, u16 and __u16
> are all just aliases to "unsigned short".
> 
> You won't get a conflict because different typedefs
> were used to declare a struct member whose address you are
> taking and passing to some function.
> If signedness and width match, then it will work without casts
> or compiler errors.

The problem is that u32 might be unsigned int or unsigned long (either
possible on ILP32), u64 might be unsigned long or unsigned long long
(either possible on LP64), etc. Also structs with different tags are
distinct types. These are not ABI issues for machine-code object files
but they are source-level compatibility issues and linking (arguably
ABI) issues for LTO object files. They're also C++ issues; for
instance it's possible that one translation unit declares a function
taking a pointer to some network function without including the kernel
header, and another defines it while including the kernel header, and
the struct names or types mismatch (even in a layout-compatible way),
the name mangling will be different and the code won't link.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.