lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20141215102227.GA26178@redhat.com>
Date:	Mon, 15 Dec 2014 12:22:27 +0200
From:	"Michael S. Tsirkin" <mst@...hat.com>
To:	Michael Ellerman <mpe@...erman.id.au>
Cc:	linux-kernel@...r.kernel.org, Arnd Bergmann <arnd@...db.de>,
	linux-arch@...r.kernel.org
Subject: Re: [PATCH 00/18] uaccess: fix sparse warning on get_user for
 bitwise types

On Mon, Dec 15, 2014 at 11:40:52AM +1100, Michael Ellerman wrote:
> On Sun, 2014-12-14 at 18:51 +0200, Michael S. Tsirkin wrote:
> > At the moment, if p and x are both tagged as bitwise types,
> > get_user(x, p) produces a sparse warning on many architectures.
> > This is because *p on these architectures is loaded into long
> > (typically using asm), then cast back to typeof(*p).
> > 
> > When typeof(*p) is a bitwise type (which is uncommon), such a cast needs
> > __force, otherwise sparse produces a warning.
> 
> What does __force actually mean? Force the cast even though it's a bitfield? Or
> does it mean more than that?

It's not a bitfield = it's a bitwise integer.
Once you tag a typedef as bitwise, casts to and from
an untypedefed integer cause sparse warnings.

> ie. are we loosing the ability to detect any actual errors by adding force?
> 
> cheers

I think we aren't:
get_user(x, p) should be equivalent to x = *p except it
validates the pointer is to userspace memory,
and can handle pagefaults.

Sparse warnings are triggered because these macros use
an untyped integer internally.

Note that we are casting to typeof(*p) not typeof(x).
Even with the cast, if x and *p are of different types we should get the
warning, so I think we are not loosing the ability to detect any actual
errors.


-- 
MST
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ