| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+55aFzZVL=WVuhJAQDazj59jwnmhUrRRwNgzXS+c-q5yva0iw@mail.gmail.com>
Date: Tue, 6 Feb 2018 12:42:24 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Dan Williams <dan.j.williams@...el.com>
Cc: Luis Henriques <lhenriques@...e.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-arch <linux-arch@...r.kernel.org>,
Kernel Hardening <kernel-hardening@...ts.openwall.com>,
Greg KH <gregkh@...uxfoundation.org>, X86 ML <x86@...nel.org>,
Ingo Molnar <mingo@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Morton <akpm@...ux-foundation.org>,
Alan Cox <alan@...ux.intel.com>
Subject: Re: [PATCH v4 07/10] x86: narrow out of bounds syscalls to sys_read
under speculation
On Tue, Feb 6, 2018 at 12:37 PM, Dan Williams <dan.j.williams@...el.com> wrote:
>
> Are there any compilers that would miscompile:
>
> mask = 0 - (index < size);
>
> That might be a way to improve the assembly.
Sadly, that is *very* easy to miscompile. In fact, I'd be very
surprised indeed if any compiler worth its name wouldn't combine the
comparison with the conditional branch it accompanies, and just turn
that into a constant. IOW, you'd get
mask = 0 - (index < size);
if (index <= size) {
... use mask ..
and the compiler would just turn that into
if (index <= size) {
mask = -1;
and be done with it.
Linus
Powered by blists - more mailing lists