lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 29 Apr 2014 18:13:29 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	behanw@...verseincode.com, viro@...iv.linux.org.uk
CC:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, dwmw2@...radead.org,
	Mark Charlebois <charlebm@...il.com>
Subject: Re: [PATCH] mbcache: LLVMLinux: Remove double calculation from mbcache

I suspect this will generate FP instructions on x86 which will corrupt user space state.  This is thus a critical bug!!

On April 29, 2014 6:10:39 PM PDT, behanw@...verseincode.com wrote:
>From: Mark Charlebois <charlebm@...il.com>
>
>The call to __builtin_log2 presumes there is a
>double log2(double x) function defined in the kernel.
>
>The call to hash_log is a call to hash_64 which is
>defined in include/linux/hash.h
>
>static __always_inline u64 hash_64(u64 val, unsigned int bits)
>
>That means that __builtin_log2(NR_BG_LOCKS) is converting
>NR_BG_LOCKS to a double and returning a double and then that
>is converted to an unsigned int.
>
>Using ilog2 is much more appropriate and efficient.
>
>Another side effect of using __builtin_log2 is that is uses
>__aeabi_* functions for ARM that require linking with libgcc.a.
>
>Author: Mark Charlebois <charlebm@...il.com>
>Signed-off-by: Mark Charlebois <charlebm@...il.com>
>Signed-off-by: Behan Webster <behanw@...verseincode.com>
>---
> fs/mbcache.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/fs/mbcache.c b/fs/mbcache.c
>index bf166e3..2c0752b 100644
>--- a/fs/mbcache.c
>+++ b/fs/mbcache.c
>@@ -93,7 +93,7 @@
> 
> #define MB_CACHE_WRITER ((unsigned short)~0U >> 1)
> 
>-#define MB_CACHE_ENTRY_LOCK_BITS	__builtin_log2(NR_BG_LOCKS)
>+#define MB_CACHE_ENTRY_LOCK_BITS	ilog2(NR_BG_LOCKS)
> #define	MB_CACHE_ENTRY_LOCK_INDEX(ce)			\
> 	(hash_long((unsigned long)ce, MB_CACHE_ENTRY_LOCK_BITS))
> 

-- 
Sent from my mobile phone.  Please pardon brevity and lack of formatting.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ