| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Mar 2009 22:23:23 +0100 (CET)
From: Jan Engelhardt <jengelh@...ozas.de>
To: David Miller <davem@...emloft.net>
cc: dada1@...mosbay.com, kaber@...sh.net, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org
Subject: Re: netfilter 07/41: arp_tables: unfold two critical loops in
arp_packet_match()
On Tuesday 2009-03-24 22:18, David Miller wrote:
>> >
>> >Arches without efficient unaligned access can still perform a loop
>> >assuming 16bit alignment in ifname_compare()
>>
>> Allow me some skepticism, but the code looks pretty much like a
>> standard memcmp.
>
>memcmp() can't make any assumptions about alignment.
>Whereas we _know_ this thing is exactly 16-bit aligned.
>
>All of the optimized memcmp() implementations look for
>32-bit alignment and punt to byte at a time comparison
>loops if things are not aligned enough.
Yes, I seem to remember glibc doing something like
if ((addr & 0x03) != 0) {
// process single bytes (increment addr as you go)
// until addr & 0x03 == 0.
}
/* optimized loop here. also increases addr */
if ((addr & 0x03) != 0)
// still bytes left after loop - process on a per-byte basis
Is the cost of testing for non-4-divisibility expensive enough
to warrant not usnig memcmp?
Irrespective of all that, I think putting the interface comparison
code should be agglomerated in a function/header so that it is
replicated across iptables, ip6tables, ebtables, arptables, etc.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists