lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20161213091912.GA6347@osadl.at>
Date:   Tue, 13 Dec 2016 09:19:12 +0000
From:   Nicholas Mc Guire <der.herr@...r.at>
To:     Jani Nikula <jani.nikula@...ux.intel.com>
Cc:     Nicholas Mc Guire <hofrat@...dl.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Jonathan Corbet <corbet@....net>, linux-kernel@...r.kernel.org,
        linux-doc@...r.kernel.org,
        Dan Carpenter <dan.carpenter@...cle.com>,
        Julia Lawall <julia.lawall@...6.fr>
Subject: Re: [PATCH] doc: add note on usleep_range range

On Tue, Dec 13, 2016 at 11:10:50AM +0200, Jani Nikula wrote:
> On Tue, 13 Dec 2016, Nicholas Mc Guire <hofrat@...dl.org> wrote:
> > useleep_range() with a delta of 0 makes no sense and only prevents the
> > timer subsystem from optimizing interrupts. As any user of usleep_range()
> > is in non-atomic context the timer jitter is in the range of 10s of 
> > microseconds anyway.
> >
> > This adds a note making it clear that a range of 0 is a bad idea.
> 
> So I don't really have anything to do with the timer subsystem, I'm just
> their "consumer", so take this with a grain of salt.
> 
> Documentation is good, but I don't think this will be enough.
> 
> I think the only thing that will work is to detect and complain about
> things like this automatically. Some ideas:
> 
> * WARN_ON(min == max) or WARN_ON_ONCE(min == max) in usleep_range()
>   might be drastic, but it would get the job done eventually.
> 
> * If you want to avoid the runtime overhead (and complaints about the
>   backtraces), you could wrap usleep_range() in a macro that does
>   BUILD_BUG_ON(min == max) if the parameters are build time constants
>   (they usually are). But you'd have to fix all the problem cases first.
> 
> * You could try (to persuade Julia or Dan) to come up with a
>   cocci/smatch check for usleep_range() calls where min == max, so we
>   could get bug reports for this. This probably works on expressions, so
>   this would catch also cases where the parameters aren't built time
>   constants.
>

I fully agree - without automation it is almost usless
the coccinelle spatch is a seperate patch and it is tested butnot yet
submitted. 

the spatch for this iss actually trivial

@nulldelta@
constant C;
position p;
@@

* usleep_range@p(C,C)

thx!
hofrat

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ