| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Oct 2017 14:32:38 +0000
From: Aleksandar Markovic <Aleksandar.Markovic@...tec.com>
To: James Hogan <james.hogan@...s.com>
CC: Aleksandar Markovic <aleksandar.markovic@...rk.com>,
"linux-mips@...ux-mips.org" <linux-mips@...ux-mips.org>,
Douglas Leung <Douglas.Leung@...tec.com>,
Goran Ferenc <Goran.Ferenc@...tec.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Maciej Rozycki <Maciej.Rozycki@...tec.com>,
Manuel Lauss <manuel.lauss@...il.com>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Miodrag Dinic <Miodrag.Dinic@...tec.com>,
Paul Burton <Paul.Burton@...tec.com>,
"Petar Jovanovic" <Petar.Jovanovic@...tec.com>,
Raghu Gandham <Raghu.Gandham@...tec.com>,
Ralf Baechle <ralf@...ux-mips.org>
Subject: RE: [PATCH 1/2] MIPS: math-emu: Update debugfs FP exception stats
for certain instructions
(resending since the previous mail was rejected by the mailing list because of html format)
> Subject: Re: [PATCH 1/2] MIPS: math-emu: Update debugfs FP exception stats for certain instructions
> Date: Thursday, October 12, 2017 12:17 CEST
> From: James Hogan <james.hogan@...s.com>>
> > ...
> > if ((ctx->fcr31 >> 5) & ctx->fcr31 & FPU_CSR_ALL_E)
> > ...
>
> But just before that condition it does:
>
> ctx->fcr31 = (ctx->fcr31 & ~FPU_CSR_ALL_X) | rcsr;
> I.e. it clears the X bits used in the condition, and overrides them,
> based on rcsr, which is initialised to 0 and is only set after the
> copcsr label and in a couple of other cases I don't think we'd be
> hitting for MADDF.
>
The code is odd and deceiving here. Let's see the whole "copcsr label"
code segment:
copcsr:
if (ieee754_cxtest(IEEE754_INEXACT)) {
MIPS_FPU_EMU_INC_STATS(ieee754_inexact);
rcsr |= FPU_CSR_INE_X | FPU_CSR_INE_S;
}
if (ieee754_cxtest(IEEE754_UNDERFLOW)) {
MIPS_FPU_EMU_INC_STATS(ieee754_underflow);
rcsr |= FPU_CSR_UDF_X | FPU_CSR_UDF_S;
}
if (ieee754_cxtest(IEEE754_OVERFLOW)) {
MIPS_FPU_EMU_INC_STATS(ieee754_overflow);
rcsr |= FPU_CSR_OVF_X | FPU_CSR_OVF_S;
}
if (ieee754_cxtest(IEEE754_INVALID_OPERATION)) {
MIPS_FPU_EMU_INC_STATS(ieee754_invalidop);
rcsr |= FPU_CSR_INV_X | FPU_CSR_INV_S;
}
ctx->fcr31 = (ctx->fcr31 & ~FPU_CSR_ALL_X) | rcsr;
if ((ctx->fcr31 >> 5) & ctx->fcr31 & FPU_CSR_ALL_E) {
/*printk ("SIGFPE: FPU csr = %08x\n",
ctx->fcr31); */
return SIGFPE;
}
Value of rcsr will be dictated by series of invocations to ieee754_cxtest(),
which, in fact, means that exception bits will be copied from fcr31 to rcsr.
Then, fcr31 exception bits are cleared and set to the values they had just
before clearing.
Obviously, this will not do anything in our scenarios.
However, the patch is about correct setting of debugfs stats, and this code
segment correctly does this.
May I suggest that we accept my patch as is, and if anybody for any reason
wants to deal further with related code, this should be done in a separate
fix/patch?
Regards,
Aleksandar
Powered by blists - more mailing lists