From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-177.mta1.migadu.com (out-177.mta1.migadu.com [95.215.58.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DED6F25D8EC for ; Wed, 26 Feb 2025 22:27:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.177 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740608846; cv=none; b=WsimkGIsDzI8Bu1eh3PD2zfexY5oqfxCQIIuEo5RsM5ACyhd/nK6pA+LRWCWqfCx0yvgcJ6y23iGt7jHuHmtLwhBXtU6hSn5wpo3vLDdRoEU16OlLASdzc98AtFI8Zwftzw7znsX6cICZZdfzio6IV2hDcQpha5JYWY+RtYFURs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740608846; c=relaxed/simple; bh=v39E0R4AR+cZCJCGCEgcbxdf6ghtRUvyWUT78pRLjWw=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=A6xpusu3tgsGwqmparzFNgkyKVV/Aw57d0h5uSX5bOFughHV9MYUuzkzgLQNbO3x3vNMRIFNWBeZ02C26z4GBLLoDDVXG/A+tDwInpQ3G1C5eesUmlCPl+zatPv2nyt90yKj6MrPI73lBwAi9bBv3H88zrO5I84bEhw5hnXXbIM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=Zg50MHul; arc=none smtp.client-ip=95.215.58.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="Zg50MHul" Date: Wed, 26 Feb 2025 17:27:05 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1740608831; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=v39E0R4AR+cZCJCGCEgcbxdf6ghtRUvyWUT78pRLjWw=; b=Zg50MHulpGnDgbMLZ96L3KI3LdkD9zTlFNoaHNYpZ2qYAPYCiED4V5ERON48lEwttUYIo0 /regeojOtiYukLegiK6hiQdJIG9soB5o/MDzOqYhW+jC6AKe5M26D1RejeIaJnz/u1m0SD 2oEcLkRt0R5YW03tffE4BuvmYF1FaSo= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Kent Overstreet To: Linus Torvalds Cc: Martin Uecker , Ralf Jung , "Paul E. McKenney" , Alice Ryhl , Ventura Jack , Gary Guo , airlied@gmail.com, boqun.feng@gmail.com, david.laight.linux@gmail.com, ej@inai.de, gregkh@linuxfoundation.org, hch@infradead.org, hpa@zytor.com, ksummit@lists.linux.dev, linux-kernel@vger.kernel.org, miguel.ojeda.sandonis@gmail.com, rust-for-linux@vger.kernel.org Subject: Re: C aggregate passing (Rust kernel policy) Message-ID: References: <6pwjvkejyw2wjxobu6ffeyolkk2fppuuvyrzqpigchqzhclnhm@v5zhfpmirk2c> <5d7363b0-785c-4101-8047-27cb7afb0364@ralfj.de> Precedence: bulk X-Mailing-List: ksummit@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Migadu-Flow: FLOW_OUT On Wed, Feb 26, 2025 at 01:14:30PM -0800, Linus Torvalds wrote: > But dammit, doing things like "read the same variable twice even > though the programmer only read it once" *IS* observable! It's > observable as an actual security issue when it causes TOCTOU behavior > that was introduced into the program by the compiler. This is another one that's entirely eliminated due to W^X references. IOW: if you're writing code where rematerializing reads is even a _concern_ in Rust, then you had to drop to unsafe {} to do it - and your code is broken, and yes it will have UB.