lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Mar 2021 02:56:01 +0530 From: Shreeya Patel <shreeya.patel@...labora.com> To: Eric Biggers <ebiggers@...nel.org> Cc: tytso@....edu, adilger.kernel@...ger.ca, jaegeuk@...nel.org, chao@...nel.org, krisman@...labora.com, drosen@...gle.com, yuchao0@...wei.com, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, linux-fsdevel@...r.kernel.org, kernel@...labora.com, andre.almeida@...labora.com Subject: Re: [PATCH v4 5/5] fs: unicode: Add utf8 module and a unicode layer On 26/03/21 1:56 am, Shreeya Patel wrote: > > On 26/03/21 1:10 am, Eric Biggers wrote: >> On Thu, Mar 25, 2021 at 05:38:11AM +0530, Shreeya Patel wrote: >>> Also, indirect calls using function pointers are easily exploitable by >>> speculative execution attacks, hence use static_call() in unicode.h and >>> unicode-core.c files inorder to prevent these attacks by making direct >>> calls and also to improve the performance of function pointers. >> I don't think you need to worry about avoiding indirect calls to prevent >> speculative execution attacks. That's what the mitigations like >> Retpoline are >> for. Instead my concern was just that indirect calls are *slow*, >> especially >> when those mitigations are enabled. Some of the casefolding >> operations are >> called a lot (e.g., repeatedly during path resolution), and it would be >> desirable to avoid adding more overhead there. >> >>> diff --git a/fs/unicode/Kconfig b/fs/unicode/Kconfig >>> index 2c27b9a5cd6c..2961b0206b4d 100644 >>> --- a/fs/unicode/Kconfig >>> +++ b/fs/unicode/Kconfig >>> @@ -8,7 +8,16 @@ config UNICODE >>> Say Y here to enable UTF-8 NFD normalization and NFD+CF >>> casefolding >>> support. >>> +# UTF-8 encoding can be compiled as a module using UNICODE_UTF8 >>> option. >>> +# Having UTF-8 encoding as a module will avoid carrying large >>> +# database table present in utf8data.h_shipped into the kernel >>> +# by being able to load it only when it is required by the filesystem. >>> +config UNICODE_UTF8 >>> + tristate "UTF-8 module" >>> + depends on UNICODE >>> + default m >>> + >> The help for UNICODE still says that it enables UTF-8 support. But >> now there is >> a separate option that people will need to remember to enable. >> >> Please document each of these options properly. >> >> Perhaps EXT4_FS and F2FS_FS just should select UNICODE_UTF8 if >> UNICODE, so that >> UNICODE_UTF8 doesn't have to be a user-selectable symbol? > > > It is not a user-selectable symbol. It depends on UNICODE and if > someone enables it, > by default UNICODE_UTF8 will be enabled as a module. > > Sorry, I think I misunderstood when you said EXT4_FS and F2FS_FS should select UNICODE_UTF8 if UNICODE is enabled. I now get it that you don't want them to be deselectable. I'll make this change. Thanks >>> +DEFINE_STATIC_CALL(validate, unicode_validate_static_call); >>> +EXPORT_STATIC_CALL(validate); >> Global symbols can't have generic names like "validate". Please add an >> appropriate prefix like "unicode_". >> >> Also, the thing called "unicode_validate_static_call" isn't actually >> a static >> call as the name suggests, but rather the default function used by >> the static >> call. It should be called something like unicode_validate_default. >> >> Likewise for all the others. > > > Thanks for your reviews, I'll make the change suggested by you in v5. > > >> >> - Eric >>
Powered by blists - more mailing lists