lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6cba215c-127e-f3eb-b525-773b6aed0eb7@c-s.fr>
Date:   Mon, 26 Feb 2018 07:50:26 +0100
From:   Christophe LEROY <christophe.leroy@....fr>
To:     Mathieu Malaterre <malat@...ian.org>,
        Michael Ellerman <mpe@...erman.id.au>
Cc:     linux-kernel@...r.kernel.org, Paul Mackerras <paulus@...ba.org>,
        Jiri Slaby <jslaby@...e.com>, linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH 06/21] powerpc: Avoid comparison of unsigned long >= 0 in
 __access_ok



Le 26/02/2018 à 07:34, Christophe LEROY a écrit :
> 
> 
> Le 25/02/2018 à 18:22, Mathieu Malaterre a écrit :
>> Rewrite check size - 1 <= Y as size < Y since `size` is unsigned value.
>> Fix warning (treated as error in W=1):
>>
>>    CC      arch/powerpc/kernel/signal_32.o
>> In file included from ./include/linux/uaccess.h:14:0,
>>                   from ./include/asm-generic/termios-base.h:8,
>>                   from ./arch/powerpc/include/asm/termios.h:20,
>>                   from ./include/uapi/linux/termios.h:6,
>>                   from ./include/linux/tty.h:7,
>>                   from arch/powerpc/kernel/signal_32.c:36:
>> ./include/asm-generic/termios-base.h: In function 
>> ‘user_termio_to_kernel_termios’:
>> ./arch/powerpc/include/asm/uaccess.h:52:35: error: comparison of 
>> unsigned expression >= 0 is always true [-Werror=type-limits]
>>     (((size) == 0) || (((size) - 1) <= ((segment).seg - (addr)))))
>>                                     ^
>> ./arch/powerpc/include/asm/uaccess.h:58:3: note: in expansion of macro 
>> ‘__access_ok’
>>     __access_ok((__force unsigned long)(addr), (size), get_fs()))
>>     ^~~~~~~~~~~
>> ./arch/powerpc/include/asm/uaccess.h:262:6: note: in expansion of 
>> macro ‘access_ok’
>>    if (access_ok(VERIFY_READ, __gu_addr, (size)))   \
>>        ^~~~~~~~~
>> ./arch/powerpc/include/asm/uaccess.h:80:2: note: in expansion of macro 
>> ‘__get_user_check’
>>    __get_user_check((x), (ptr), sizeof(*(ptr)))
>>    ^~~~~~~~~~~~~~~~
>> ./include/asm-generic/termios-base.h:36:6: note: in expansion of macro 
>> ‘get_user’
>>    if (get_user(termios->c_line, &termio->c_line) < 0)
>>        ^~~~~~~~
>> [...]
>> cc1: all warnings being treated as errors
>>
>> Signed-off-by: Mathieu Malaterre <malat@...ian.org>
>> ---
>>   arch/powerpc/include/asm/uaccess.h | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/powerpc/include/asm/uaccess.h 
>> b/arch/powerpc/include/asm/uaccess.h
>> index 51bfeb8777f0..fadc406bd39d 100644
>> --- a/arch/powerpc/include/asm/uaccess.h
>> +++ b/arch/powerpc/include/asm/uaccess.h
>> @@ -49,7 +49,7 @@
>>   #define __access_ok(addr, size, segment)    \
>>       (((addr) <= (segment).seg) &&        \
>> -     (((size) == 0) || (((size) - 1) <= ((segment).seg - (addr)))))
>> +     (((size) == 0) || ((size) < ((segment).seg - (addr)))))
> 
> IIUC, ((2 - 1) <= 1) is the same as (2 < 1) ?????


Note that I already try to submit a fix for this warning 3 years ago 
(https://patchwork.ozlabs.org/patch/418075/) and it was rejected with 
the following comment:

Again, I don't think Linux enables this warning.  What did you do to
produce this?  In any case, it's a bad warning that doesn't take macros
into account, and the answer is not to make the code less clear by hiding
the fact that zero is a special case.

Christophe


> 
> Christophe
> 
>>   #endif
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ