The father of Linux was finally persuaded: the 30-year-old Linux kernel C language will be upgraded to C11

Recently there has been news. What is exciting is that the 1989 version of the C language Linux kernel that has been used has finally received a major upgrade. The pace of contemporary technology is unstoppable. Today, the Linux open source community announced a striking plan to upgrade the C language version of the kernel to the C11 standard. It is expected that this major reform will take effect after Linux version 5.18, which is the upcoming May. This important move will bring unlimited potential opportunities to the Linux kernel and help it better adapt to the needs of modern technologies.

This decision was sudden. It only took a week from initiating the question to the official statement. It is not easy to convince Linus Torvalds, the stubborn father of Linux. The reason for the matter seems to be a little accidental.

The chain reaction of a bug

The origin of the problem comes from a Linux community discussion last week.

A doctoral student named Jakob Koschel discovered such a problem while researching preventing predicted execution vulnerabilities related to kernel linked list primitives.

The Linux kernel extensively uses a doubly linked list defined by struct list_head

:

struct list_head {
    struct list_head *next, *prev;
    };

This structure is usually embedded within other structures. In this way, linked lists can be made using any relevant structure type.

In addition, the kernel also provides a large number of functions and macros that can be used to traverse and operate linked lists. list_for_each_entry () is one of them, a macro disguised as a control structure. The problem lies in this macro. Assume that the kernel contains the following structure:

struct foo {
        int fooness;
    struct list_head list;
    };

The elements in

list can be used to create a doubly linked list of the foo structure. Suppose there is a structure called foo_list declared as the head of such a linked list. This linked list can be traversed using the following code:

struct foo *iterator;

    list_for_each_entry(iterator, &foo_list, list) {
        do_something_with(iterator);
    }
    /* Should not use iterator here */

The list argument tells the macro the name of the list_head structure within the foo structure. This loop will be executed once for each element in the list, with the iterator pointing to that element. This resulted in a bug in the USB subsystem: the iterator passed to the macro could still be used after exiting the macro.

This is a dangerous thing, so Koschel submitted a fix to fix the bug by stopping using the iterator after the loop.

persuading Linus

But Linus Torvalds himself does not like this patch very much, and does not see its relationship with the predicted execution vulnerability. After Koschel explained it in detail, Linus admitted that it was just a common bug.

However, things were not that simple. Linus soon realized the real root cause: the iterator passed to the linked list traversal macro must be declared in a scope outside the loop itself. This non-predictive bug occurs because there is no "declaring variables in loops" in C89.

Macros like list_for_each_entry () essentially always leak the last HEAD entry outside the loop, simply because we can't declare iterator variables in the loop itself.

If you could write an iterator list traversal macro that could declare itself, then the iterator would not be visible outside the loop and no such problem would arise. However, since the kernel is stuck on the C89 standard, variables cannot be declared inside a loop.

Linus decided, let’s upgrade. Maybe it’s time to move to the C99 standard. While it's also over 20 years old, it's at least newer than C89 and allows you to declare variables within a loop.

Since C89 is so old, why hasn’t it changed after so many years? Linus said that it was because we encountered some strange problems in some ancient gcc compiler versions and could not be upgraded casually.

However, now the Linux kernel has raised the minimum requirement for gcc to version 5.1, so those weird bugs in the past should no longer exist.

Arnd Bergmann, another core developer, believes that we can definitely upgrade to C11 or even higher. However, upgrading to C17 or C2x will break support for gcc-5/6/7, so upgrading to C11 is easier to achieve.

In the end, Torvalds agreed with the idea: "Okay, please remind me, let's try it early in the 5.18 merge window." The next move to C11 may cause some unexpected bugs, but if all goes well, next A Linux kernel version will officially move to C11.

The above is the detailed content of The father of Linux was finally persuaded: the 30-year-old Linux kernel C language will be upgraded to C11. For more information, please follow other related articles on the PHP Chinese website!