Jeremie Courreges-Anglas <[email protected]> wrote: > On Wed, Dec 03, 2025 at 12:04:41PM +0000, Miod Vallat wrote: > > > > The definition of PAGE_SHIFT should not be limited to defined(_KERNEL); > > > > this > > > > prevents userland from getting a valid PAGE_SIZE definition by including > > > > <machine/param.h>. > > > > > > Except ugh, noone should be pulling from sys/param.h for this. > > > > > > That's not a portable interface at all, it should find the page size at > > > runtime by asking one of the layers on top of system calls. > > > > Agreed, but at the moment none of the other platforms prevented this to > > work, so it's good from a consistency point of view. > > More on that: the code includes sys/param.h only if available,
But sys/param.h is always available, and it ALWAYS corrupts the namespace in machine/operatingsystem/version dangerous ways. > and uses PAGE_SIZE only if defined, as a default value ; when > _sodium_alloc_init() is called, the value from "sysconf(_SC_PAGESIZE)" > is used. While a non-portable interface, its use looks careful in > libsodium seems careful and should Do The Right Thing. No way. I disagree strongly. It is intentionally preferring a non-portable interface which comes without the promise it expects. For example, the return value of sysconf(_SC_PAGESIZE) does not need to be the same as PAGE_SIZE, NBPG. There are an increasing number of systems where the "portable" pagesize is a larger power-of-2 than the actual hardware pagesize. There were systems where PAGE_SIZE was different in userland versus the kernel (where it followed a boot-time calculated variable). If programmers get used to using PAGE_SIZE interchangeably with sysconf(_SC_PAGESIZE) / getpagesize(), shit will break, because the first might be 16K and the latter might be 4K. The answer to that potential (and it has been a real in the past) problem is to stop exporting a non-standard public #define, and make poeple use a runtime call. Even Apple recently made this transition.
