lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 21 Aug 2009 20:49:57 +0400
From:	Cyrill Gorcunov <gorcunov@...il.com>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH -tip] x86: smp_scan_config - use signed long as scan
	area size

[Ingo Molnar - Fri, Aug 21, 2009 at 06:04:26PM +0200]
| 
| * Cyrill Gorcunov <gorcunov@...nvz.org> wrote:
| 
| > Unsigned value potentially could be overlapped
| > if length parameter is that: length % 16 != 0.
| > 
| > This is not a problem at moment since all values
| > we pass now are 16 divisible (0x400 and 0x10000).
| > 
| > Though there is no need unsigned value anyway.
| > Max range pointed out by MP specification is
| > in kilobytes so plain "signed long" is enough.
| > 
| > This allow us to be on a safe side.
| > 
| > Signed-off-by: Cyrill Gorcunov <gorcunov@...nvz.org>
| > ---
| > 
...
| 
| Hm, does a BUILD_BUG_ON((length & 15) != 0) line catch incorrectly 
| aligned length parameters?
| 
| 	Ingo
| 

For my gcc it doesn't (gcc (Ubuntu 4.3.3-5ubuntu4) 4.3.3). Perhaps
some clever future gcc version would be able to note that constant is passed as argument
and catch it. But at moment it doesn't. (Or maybe there is some cmd option
which force compiler to inspect calls more precisely?)

We could use BUG_ON as well here but I think it doesn't worth it.
0xefffffff is enough to scan 1G of physical memory which we hard
to believe ever do (note 16 byte step size here). And code is not
getting bigger.

Ingo, current situation is not a problem since we know which
values we're passing so I thought about possible (if ever) errors
only.

Also we could introduce inline helper to check the size alignment
(in this case gcc will recognize constants I believe and catch
 nits on build time). But I really doubt it is worth thing to do.

	-- Cyrill
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ