lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 9 Apr 2019 07:36:06 +0000
From:   Vadim Pasternak <vadimp@...lanox.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
CC:     "jacek.anaszewski@...il.com" <jacek.anaszewski@...il.com>,
        "pavel@....cz" <pavel@....cz>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-leds@...r.kernel.org" <linux-leds@...r.kernel.org>,
        Ido Schimmel <idosch@...lanox.com>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>
Subject: RE: [PATCH v1 bitops] bitops: Fix UBSAN undefined behavior warning
 for rotation right



> -----Original Message-----
> From: Andrew Morton <akpm@...ux-foundation.org>
> Sent: Tuesday, April 09, 2019 1:52 AM
> To: Vadim Pasternak <vadimp@...lanox.com>
> Cc: jacek.anaszewski@...il.com; pavel@....cz; linux-kernel@...r.kernel.org;
> linux-leds@...r.kernel.org; Ido Schimmel <idosch@...lanox.com>; Andrey
> Ryabinin <aryabinin@...tuozzo.com>
> Subject: Re: [PATCH v1 bitops] bitops: Fix UBSAN undefined behavior warning
> for rotation right
> 
> (resend, cc Andrey)
> 
> On Sun,  7 Apr 2019 12:53:25 +0000 Vadim Pasternak <vadimp@...lanox.com>
> wrote:
> 
> > The warning is caused by call to rorXX(), if the second parameters of
> > this function "shift" is zero. In such case UBSAN reports the warning
> > for the next expression: (word << (XX - shift), where XX is 64, 32,
> > 16, 8 for respectively ror64, ror32, ror16, ror8.
> > Fix adds validation of this parameter - in case it's equal zero, no
> > need to rotate, just original "word" is to be returned to caller.
> >
> > The UBSAN undefined behavior warning has been reported for call to
> > ror32():
> > [   11.426543] UBSAN: Undefined behaviour in ./include/linux/bitops.h:93:33
> > [   11.434045] shift exponent 32 is too large for 32-bit type 'unsigned int'
> 
> hm, do we care?

Hi Andrew,

Thank for reply.

We want to avoid UBSAN undefined behavior warning in case
"shift" parameter is not provided as a constant.

> 
> > ...
> >
> 
> > --- a/include/linux/bitops.h
> > +++ b/include/linux/bitops.h
> > @@ -70,6 +70,9 @@ static inline __u64 rol64(__u64 word, unsigned int shift)
> >   */
> >  static inline __u64 ror64(__u64 word, unsigned int shift)  {
> > +	if (!shift)
> > +		return word;
> > +
> >  	return (word >> shift) | (word << (64 - shift));  }
> 
> Is there any known architecture or compiler for which UL<<64 doesn't reliably
> produce zero?  Is there any prospect that this will become a problem in the
> future?

I don't know about such architecture.
Do you think it could be modified only for ro8, ror16, ror32?

Powered by blists - more mailing lists