| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Apr 2007 20:55:49 -0400 (EDT) From: "John Anthony Kazos Jr." <jakj@...-k-j.com> To: Andrew Morton <akpm@...ux-foundation.org> cc: James Bottomley <James.Bottomley@...elEye.com>, "Cameron, Steve" <Steve.Cameron@...com>, "Miller, Mike (OS Dev)" <Mike.Miller@...com>, Hisashi Hifumi <hifumi.hisashi@....ntt.co.jp>, jens.axboe@...cle.com, linux-kernel@...r.kernel.org, linux-scsi@...r.kernel.org, trivial@...nel.org Subject: [PATCH] utilities: add helper functions for safe 64-bit integer operations as 32-bit halves From: John Anthony Kazos Jr. <jakj@...-k-j.com> Add helper functions "upper_32_bits" and "lower_32_bits" to <include/linux/kernel.h> to allow 64-bit integers to be separated into their 32-bit upper and lower halves without promoting integers, without stretching sign bits, and without generating compiler warnings when used with any integer not greater than 64 bits wide. High-order bits are assumed to be zero for integers with fewer than 64 of them. Signed-off-by: John Anthony Kazos Jr. <jakj@...-k-j.com> --- Using these functions with signed quantities is an error, especially if you read a 32-bit quantity from disk that happens to have the high bit set into an int on a 32-bit machine, then use it with a function taking a u64 which screws your data. When switching to using these functions, it's a good opportunity to check for these signedness errors. (Haven't we learned anything over the past decades of computing about assuming that one little bit doesn't matter?) Not sure exactly whom the maintainer is for this, so I added trivial@...nel.org. It's certainly not limited to one subsystem anymore, and converting the whole kernel to this could be a good step for readability and correctness across architectures of any word size. --- linux-2.6.21-rc7-git4.orig/include/linux/kernel.h 2007-04-20 20:22:13.000000000 -0400 +++ linux-2.6.21-rc7-git4.mod/include/linux/kernel.h 2007-04-20 20:37:41.000000000 -0400 @@ -40,6 +40,23 @@ extern const char linux_proc_banner[]; #define DIV_ROUND_UP(n,d) (((n) + (d) - 1) / (d)) #define roundup(x, y) ((((x) + ((y) - 1)) / (y)) * (y)) +/** + * lower_32_bits, upper_32_bits - separate the halves of a 64-bit integer + * @n: the integer to separate + * + * Separate a 64-bit integer into its upper and lower 32-bit halves. + * Designed to avoid integer promotions and compiler warnings when used + * with smaller integers, in which case the missing bits are assumed to + * be zero. Designed to treat integers as unsigned whether or not they + * really are. (If you are using these with signed integers, your code + * is almost certainly wrong. The cast is good for people too lazy to + * type "unsigned" in their code, since breaking things is bad.) + * + * These assume the integer used is NOT greater than 64 bits wide. + */ +#define upper_32_bits(n) (sizeof(n) == 8 ? (u64)(n) >> 32 : 0) +#define lower_32_bits(n) (sizeof(n) == 8 ? (u32)(n) : (n)) + #define KERN_EMERG "<0>" /* system is unusable */ #define KERN_ALERT "<1>" /* action must be taken immediately */ #define KERN_CRIT "<2>" /* critical conditions */ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists