lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191121171752.GA3001@twin.jikos.cz>
Date:   Thu, 21 Nov 2019 18:17:52 +0100
From:   David Sterba <dsterba@...e.cz>
To:     Kees Cook <keescook@...omium.org>
Cc:     dsterba@...e.cz, Will Deacon <will@...nel.org>,
        linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...nel.org>,
        Elena Reshetova <elena.reshetova@...el.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Hanjun Guo <guohanjun@...wei.com>
Subject: Re: [RESEND PATCH v4 03/10] lib/refcount: Remove unused
 refcount_*_checked() variants

On Thu, Nov 21, 2019 at 09:11:58AM -0800, Kees Cook wrote:
> On Thu, Nov 21, 2019 at 03:55:33PM +0100, David Sterba wrote:
> > On Thu, Nov 21, 2019 at 11:58:55AM +0000, Will Deacon wrote:
> > > The full-fat refcount implementation is exposed via a set of functions
> > > suffixed with "_checked()", the idea being that code can choose to use
> > > the more expensive, yet more secure implementation on a case-by-case
> > > basis.
> > > 
> > > In reality, this hasn't happened, so with a grand total of zero users,
> > > let's remove the checked variants for now by simply dropping the suffix
> > > and predicating the out-of-line functions on CONFIG_REFCOUNT_FULL=y.
> > 
> > I am still interested in the _checked versions and have a WIP patch that
> > adds that to btrfs (that was my original plan) but haven't had enough
> > time to finalize it. The patch itself is simple, the missing part is to
> > understand and document what the saturated counters would do with the
> > structures.
> 
> The good news is that this series removes the case of refcount_t _not_
> being checked, so there's no need for _checked helpers.
> CONFIG_REFCOUNT_FULL gets removed because all refcount_t ends up being
> checked on all architectures. No extra work needed! :) (See patch 8)

Oh I see, that's great. Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ