lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 12 May 2022 14:10:40 +0200
From:   Rasmus Villemoes <linux@...musvillemoes.dk>
To:     Kees Cook <keescook@...omium.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     kernel test robot <lkp@...el.com>,
        Vitor Massaru Iha <vitor@...saru.org>,
        "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        Daniel Latypov <dlatypov@...gle.com>,
        linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] lib: overflow: Always build 64-bit test cases

On 11/05/2022 19.45, Kees Cook wrote:
> There shouldn't be a reason to not build the 64-bit test cases on 32-bit
> systems; the types exist there too. Remove the #ifdefs.
> 
> Reported-by: kernel test robot <lkp@...el.com>
> Link: https://lore.kernel.org/lkml/202205110324.7GrtxG8u-lkp@intel.com
> Fixes: 455a35a6cdb6 ("lib: add runtime test of check_*_overflow functions")

The patch is fine, but I disagree with that Fixes tag. Back then, i.e.
when the overflow checkers were implemented via macros on old enough
compilers, they simply didn't work for 64 bit types (because of the
usual 64 bit division problems) - so anybody trying to use the multiply
overflow checker, including of course the test suite, would get a build
error on old compilers. You yourself did that: "[kees: add output to
commit log, drop u64 tests on 32-bit]"

Nowadays, where they are always merely thin wrappers around the compiler
builtin because we assume gcc >= 5.1 and whatever new enough clang,
sure, I think the 64 bit ones always work (though I don't think I want
to know what horrible code the compiler must generate to do the multiply
overflow checks).

So please fix the commit message so that it instead says that this
restriction is no longer necessary because such and such history.

Rasmus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ