| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Jan 2018 11:37:00 +0100
From: Stefano Brivio <sbrivio@...hat.com>
To: Nicolai Stange <nstange@...e.de>
Cc: "David S. Miller" <davem@...emloft.net>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
Mohamed Ghannam <simo.ghannam@...il.com>,
Michal Kubecek <mkubecek@...e.cz>,
Miroslav Benes <mbenes@...e.cz>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field
in raw_sendmsg()
Hi Nicolai,
On Wed, 03 Jan 2018 10:28:20 +0100
Nicolai Stange <nstange@...e.de> wrote:
> Hi Stefano,
>
> Stefano Brivio <sbrivio@...hat.com> writes:
>
> > On Tue, 2 Jan 2018 17:30:20 +0100
> > Nicolai Stange <nstange@...e.de> wrote:
> >
> >> [...]
> >>
> >> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> >> index 5b9bd5c33d9d..e84290c28c0c 100644
> >> --- a/net/ipv4/raw.c
> >> +++ b/net/ipv4/raw.c
> >> @@ -513,16 +513,18 @@ static int raw_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
> >> int err;
> >> struct ip_options_data opt_copy;
> >> struct raw_frag_vec rfv;
> >> - int hdrincl;
> >> + int hdrincl, __hdrincl;
> >>
> >> err = -EMSGSIZE;
> >> if (len > 0xFFFF)
> >> goto out;
> >>
> >> /* hdrincl should be READ_ONCE(inet->hdrincl)
> >> - * but READ_ONCE() doesn't work with bit fields
> >> + * but READ_ONCE() doesn't work with bit fields.
> >> + * Emulate it by doing the READ_ONCE() from an intermediate int.
> >> */
> >> - hdrincl = inet->hdrincl;
> >> + __hdrincl = inet->hdrincl;
> >> + hdrincl = READ_ONCE(__hdrincl);
> >
> > I guess you don't actually need to use a third variable. What about
> > doing READ_ONCE() on hdrincl itself after the first assignment?
> >
> > Perhaps something like the patch below -- applies to net.git, yields
> > same binary output as your version with gcc 6, looks IMHO more
> > straightforward:
> >
> > diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> > index 125c1eab3eaa..8c2f783a95fc 100644
> > --- a/net/ipv4/raw.c
> > +++ b/net/ipv4/raw.c
> > @@ -519,10 +519,12 @@ static int raw_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
> > if (len > 0xFFFF)
> > goto out;
> >
> > - /* hdrincl should be READ_ONCE(inet->hdrincl)
> > - * but READ_ONCE() doesn't work with bit fields
> > + /* hdrincl should be READ_ONCE(inet->hdrincl) but READ_ONCE() doesn't
> > + * work with bit fields. Emulate it by adding a further sequence point.
> > */
> > hdrincl = inet->hdrincl;
> > + hdrincl = READ_ONCE(hdrincl);
> > +
>
> Yes, this does also work. In fact, after having been lowered into SSA
> form, it should be equivalent to what I posted.
>
> So, it's a matter of preference/style and I'd leave the decision on
> this to the maintainers -- for me, either way is fine.
>
> I don't like the "sequence point" wording in the comment above though:
> AFAICS, if taken in the meaning of C99, it's not any sequence point but
> the volatile access in READ_ONCE() which ensures that there won't be any
> reloads from ->hdrincl. If you don't mind, I'll adjust that comment if
> asked to resend with your solution.
Well, by "by adding a further sequence point" I refer to what we have
to do to emulate READ_ONCE(), not to the reason why we need READ_ONCE().
However, this is a likely sign that my comment isn't that clear either.
So unless you have better ideas, I would go with:
+ /* hdrincl should be READ_ONCE(inet->hdrincl) but READ_ONCE() doesn't
+ * work with bit fields. Doing this indirectly yields the same result.
but I really hope you have a better idea. :)
--
Stefano
Powered by blists - more mailing lists