lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1f090f15-eda3-90b1-2aab-ac73d9abb550@c-s.fr>
Date:   Thu, 2 Aug 2018 09:30:31 +0000
From:   Christophe Leroy <christophe.leroy@....fr>
To:     Michael Ellerman <mpe@...erman.id.au>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Paul Mackerras <paulus@...ba.org>, malat@...ian.org,
        aneesh.kumar@...ux.vnet.ibm.com
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH] powerpc/mm: fix always true/false warning in slice.c



On 06/29/2018 02:55 AM, Michael Ellerman wrote:
> Christophe Leroy <christophe.leroy@....fr> writes:
> 
>> This patch fixes the following warnings (obtained with make W=1).
>>
>> arch/powerpc/mm/slice.c: In function 'slice_range_to_mask':
>> arch/powerpc/mm/slice.c:73:12: error: comparison is always true due to limited range of data type [-Werror=type-limits]
>>    if (start < SLICE_LOW_TOP) {
> 
> Presumably only on 32-bit ?

Sure

> 
>> diff --git a/arch/powerpc/mm/slice.c b/arch/powerpc/mm/slice.c
>> index 9530c6db406a..17c57760e06c 100644
>> --- a/arch/powerpc/mm/slice.c
>> +++ b/arch/powerpc/mm/slice.c
>> @@ -79,7 +86,7 @@ static void slice_range_to_mask(unsigned long start, unsigned long len,
>>   			- (1u << GET_LOW_SLICE_INDEX(start));
>>   	}
>>   
>> -	if ((start + len) > SLICE_LOW_TOP) {
>> +	if (!slice_addr_is_low(end)) {
>>   		unsigned long start_index = GET_HIGH_SLICE_INDEX(start);
>>   		unsigned long align_end = ALIGN(end, (1UL << SLICE_HIGH_SHIFT));
>>   		unsigned long count = GET_HIGH_SLICE_INDEX(align_end) - start_index;
> 
> This worries me.

I'll change it in v2 to:
  	if (SLICE_NUM_HIGH && !slice_addr_is_low(end)) {


> 
> By casting before the comparison in the helper you squash the compiler
> warning, but the code is still broken if (start + len) overflows.
> 
> Presumably that "never happens", but it just seems fishy.
> 
> The other similar check in that file does:
> 
>    if (SLICE_NUM_HIGH && ((start + len) > SLICE_LOW_TOP)) {
> 
> Where SLICE_NUM_HIGH == 0 on 32-bit.
> 
> 
> Could we fix the less than comparisons with SLICE_LOW_TOP with something
> similar, eg:
> 
> 	if (!SLICE_NUM_HIGH || start < SLICE_LOW_TOP) {
> 
> ie. limit them to the 64-bit code?

That's not enough to make GCC happy:

arch/powerpc/mm/slice.c: In function ‘slice_range_to_mask’:
arch/powerpc/mm/slice.c:74:31: error: comparison is always true due to 
limited range of data type [-Werror=type-limits]
   if (!SLICE_NUM_HIGH || start < SLICE_LOW_TOP) {

Christophe


> 
> cheers
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ