lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 15 Jun 2007 16:50:53 -0400
From:	Robin Getz <rgetz@...ckfin.uclinux.org>
To:	"Andi Kleen" <ak@...e.de>
Cc:	"Alan Cox" <alan@...rguk.ukuu.org.uk>,
	"David Howells" <dhowells@...hat.com>,
	"Arnd Bergmann" <arnd@...db.de>,
	"Benjamin Herrenschmidt" <benh@...nel.crashing.org>,
	"David Woodhouse" <dwmw2@...radead.org>,
	"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
	"Dave Airlie" <airlied@...ux.ie>, linux-arch@...r.kernel.org,
	"Andrew Morton" <akpm@...ux-foundation.org>,
	Bernd Schmidt <bernds_cb1@...nline.de>
Subject: Re: [PATCH] Introduce compat_u64 and compat_s64 types

On Fri 15 Jun 2007 08:54, Andi Kleen pondered:
> On Friday 15 June 2007 14:54:20 Alan Cox wrote:
> 
> > > > > The network code requires unaligned accesses to work anyways so if 
your
> > > > > architecture doesn't support them it is already remotely crashable.
> > > >
> > > > I thought we'd fixed all that.
> > > 
> > > Did you audit the complete network stack?
> > 
> > For the parts used by the processors in question yes 
> 
> That means? They're expected to run only a subset of the network stack?
> Is that expressed in Kconfig? Is it documented that the rest is dangerous?

For the architecture we use (Blackfin), it does not support unaligned 
accesses, and we purposely never put in the trap/fixup code - we trap, and 
printk("fix your source");

We have run into a few kernel issues (never networking) this way - but a fixup 
of the source is normally the best solution - since it doesn't impose a 
hidden performance issue by trapping everything all the time.

> > people have done 
> > that work so using the types without unaligned.
> 
> Very brave; we're talking about around half a million lines
> of non trivial source code here.

Is there something specific that you can think of that we should be testing?

We have done alot of testing, and people have shipped alot of systems 
connected to a varity of networks, and have run all kinds of protocols on 
them.

-Robin
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ