lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 23 Apr 2018 16:26:13 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Mark Rutland <mark.rutland@....com>
Cc:     linux-kernel@...r.kernel.org,
        Peter Zijlstra <peterz@...radead.org>,
        "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Subject: Re: Smatch check for Spectre stuff

On Mon, Apr 23, 2018 at 02:22:43PM +0100, Mark Rutland wrote:
> On Mon, Apr 23, 2018 at 03:53:07PM +0300, Dan Carpenter wrote:
> > On Fri, Apr 20, 2018 at 01:47:51PM +0100, Mark Rutland wrote:
> > > > What the test does is it looks at array accesses where the user controls
> > > > the offset.  It asks "is this a read?" and have we used the
> > > > array_index_nospec() macro?  If the answers are yes, and no respectively
> > > > then print a warning.
> > > > 
> > > > http://repo.or.cz/smatch.git/blob/HEAD:/check_spectre.c
> > > 
> > > I just built this and threw it at v4.17-rc1, but I'm having problems
> > > with the build_kernel_data.sh step.
> > > 
> > > I get an error:
> > > 
> > > DBD::SQLite::db do failed: unrecognized token: "'end + strlen("
> > > " at ../smatch/smatch_scripts/../smatch_data/db/fill_db_sql.pl line 32, <WARNS> line 294127.
> > > 
> > > ... in my smatch_warns.txt I see that I have the lines:
> > > 
> > > net/netfilter/nf_conntrack_sip.c:1524 sip_help_tcp() SQL: insert or ignore into constraints (str) values('end + strlen("^M
> > > ^M
> > > ")');
> > > 
> > > ... and the corresponding line in that file is:
> > > 
> > > for (; end + strlen("\r\n\r\n") <= dptr + datalen; end++) {
> > > 
> > > ... so I guess there's some dodgy escaping somewhere?
> > > 
> > > I only see a small number of potential spectre issues reported:
> > 
> > Yeah...  Sorry.  I will fix that.  It doesn't affect anything unless
> > someone starts to add SQL injection strings to the kernel but it's not
> > the right thing.
> 
> Good to know! As long as that's not affecting the results, I'll ignore
> that for now.
> 
> As an aside, it looks like smatch_data/db/constraints_required.schema is
> missing a trailing semicolon, as the other schema files have. On one of
> my machines, the distro's sqlite doesn't seem happy without it.
> 

Oops!  I'll fix that.

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ