lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AANLkTi=ZjR3bWtZ2x9wRzpzBb1K8Wst3Xg_K4mGX-b6o@mail.gmail.com>
Date:	Thu, 14 Oct 2010 08:03:17 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Borislav Petkov <bp@...64.org>
Cc:	Randy Dunlap <randy.dunlap@...cle.com>,
	lkml <linux-kernel@...r.kernel.org>,
	Doug Thompson <dougthompson@...ssion.com>,
	akpm <akpm@...ux-foundation.org>, linux-arch@...r.kernel.org
Subject: Re: [PATCH] bitops.h: Widen BIT macro to support 64-bit types

On Thu, Oct 14, 2010 at 3:58 AM, Borislav Petkov <bp@...64.org> wrote:
>>
>> Ok, so BIT() should be fixed to work with the largest type available,
>> IMHO. Let me cook up something.
>
> Maybe something like the following. Build-tested with the crosstool
> (http://www.kernel.org/pub/tools/crosstool) on the following arches:
> alpha blackfin cris hppa64 ia64 mips64 sparc.
>
> Any objections?

Yeah. I object. I have no idea what this will change for everything
else that expects bitops to work on unsigned long values.

I really think that the bug is not in the BIT() definition, but in the
use. If somebody wants a non-unsigned-long bit field, they had better
not use bitops.h.

And no, just changing the BIT() macro to return a 64-bit value is
_not_ trivially safe. Due to C type rules, now all arithmetic using
BIT() will suddenly be 64-bit, which is often *much* slower, and can
introduce real bugs.

On many architectures, a 64-bit non-constant shift will even end up
being a function call. And if the thing is used in a varargs function,
the argument layout will be totally different. We've also had several
issues with 64-bit types and switch() statements, for example. And a
quick grep for '\<BIT(' shows that non-constant cases are not unheard
of, and there's a lot of random use where it is not at all obvious
that it's safe (because it's used for defining other defines).

So no. I do not think BIT() should be 64-bit. It's "unsigned long".
Look at all the other things around it, and look at all the historical
uses.

                                    Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ