Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use AtomicPtr instead of AtomicUsize for Weak #263

Merged
merged 4 commits into from
Jun 13, 2022
Merged

Use AtomicPtr instead of AtomicUsize for Weak #263

merged 4 commits into from
Jun 13, 2022

Conversation

josephlr
Copy link
Member

@josephlr josephlr commented Jun 7, 2022

Fixes #262

This allows Strict Provenance to work properly. It also now matches what libstd does:
https://github.com/rust-lang/rust/blob/9f7e997c8bc3cacd2ab4eb75e63cb5fa9279c7b0/library/std/src/sys/unix/weak.rs#L85-L141

Also, while reading the libstd code, I noticed that they use an Acquire fence and Release store as the returned pointer should have "consume" semantics. I changed our code to do something slightly stronger (Acquire load and Release store) as it's simpler and definitely correct.

Signed-off-by: Joe Richey joerichey@google.com

@josephlr
Use AtomicPtr instead of AtomicUsize for Weak
0498e88 
This allows Strict Provenance to work properly, fixing #262. It also
now matches what `libstd` does:
https://github.com/rust-lang/rust/blob/9f7e997c8bc3cacd2ab4eb75e63cb5fa9279c7b0/library/std/src/sys/unix/weak.rs#L85-L141

Also, while reading the `libstd` code, I noticed that they use an
`Acquire` fence and `Release` store as the returned pointer should
have "consume" semantics. I changed our code to do something
slightly stronger (Acquire load and Release store) for consistancy.

Signed-off-by: Joe Richey <joerichey@google.com>
@josephlr josephlr requested a review from newpavlov June 7, 2022 07:41
@josephlr
Copy link
Member Author

josephlr commented Jun 7, 2022

CC @nvzqz if you want to take a look.

@josephlr josephlr force-pushed the strict_prov branch 2 times, most recently from 214a4a2 to 0498e88 Compare June 7, 2022 07:53
@josephlr
Explictly link to libstd documentation.
62da7e7 
Signed-off-by: Joe Richey <joerichey@google.com>
nvzqz
nvzqz approved these changes Jun 7, 2022
View reviewed changes
Copy link

@nvzqz nvzqz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! Using [patch.crates-io] in my Cargo.toml, I was able to verify that this makes my code's tests now pass under strict provenance.

src/util_libc.rs Outdated Show resolved Hide resolved
@josephlr josephlr mentioned this pull request Jun 7, 2022
Closed
fbstj
fbstj reviewed Jun 7, 2022
View reviewed changes
src/util_libc.rs Outdated Show resolved Hide resolved
newpavlov
newpavlov approved these changes Jun 7, 2022
View reviewed changes
src/util_libc.rs Outdated Show resolved Hide resolved
josephlr and others added 2 commits June 8, 2022 20:54
@josephlr @fbstj
Fix comment for Weak::ptr()
66b9089 
Co-authored-by: Joe ST <joe@fbstj.net>
@josephlr
Do exactly what libstd does
0b03f3d 
This means:
  - Relaxed Load
  - Release Store
  - Acquire fence when returning pointer

Signed-off-by: Joe Richey <joerichey@google.com>
@josephlr josephlr force-pushed the strict_prov branch 2 times, most recently from 2085d7d to 0b03f3d Compare June 9, 2022 05:31
@josephlr josephlr merged commit c82a522 into master Jun 13, 2022
@josephlr josephlr deleted the strict_prov branch June 13, 2022 19:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fbstj fbstj fbstj left review comments

@newpavlov newpavlov newpavlov approved these changes

@thomcc thomcc thomcc left review comments

@nvzqz nvzqz nvzqz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Weak Bindings Violate Strict Provenance in MIRI
5 participants
@josephlr @fbstj @newpavlov @thomcc @nvzqz