| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAP-5=fU-QxfdkQoHP=Ksqeb9gPTE4xYcgEcp9Ej6trZpkCDvPA@mail.gmail.com>
Date: Fri, 8 May 2020 00:21:16 -0700
From: Ian Rogers <irogers@...gle.com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andriin@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...omium.org>,
Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] libbpf hashmap: fix undefined behavior in hash_bits
On Fri, May 8, 2020 at 12:12 AM Andrii Nakryiko
<andrii.nakryiko@...il.com> wrote:
>
> On Thu, May 7, 2020 at 11:40 PM Ian Rogers <irogers@...gle.com> wrote:
> >
> > If bits is 0, the case when the map is empty, then the >> is the size of
> > the register which is undefined behavior - on x86 it is the same as a
> > shift by 0. Fix by handling the 0 case explicitly.
> >
> > Signed-off-by: Ian Rogers <irogers@...gle.com>
> > ---
>
> No need. The only case when bits can be 0 is when hashmap is
> completely empty (no elements have ever been added yet). In that case,
> it doesn't matter what value hash_bits() returns,
> hashmap__for_each_key_entry/hashmap__for_each_key_entry_safe will
> behave correctly, because map->buckets will be NULL.
Agreed. Unfortunately the LLVM undefined behavior sanitizer (I've not
tested with GCC to the same extent) will cause an exit when it sees >>
64 regardless of whether the value is used or not. It'd be possible to
#ifdef this code on whether a sanitizer was present.
Thanks,
Ian
> > tools/lib/bpf/hashmap.h | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/tools/lib/bpf/hashmap.h b/tools/lib/bpf/hashmap.h
> > index d5ef212a55ba..781db653d16c 100644
> > --- a/tools/lib/bpf/hashmap.h
> > +++ b/tools/lib/bpf/hashmap.h
> > @@ -19,6 +19,8 @@
> > static inline size_t hash_bits(size_t h, int bits)
> > {
> > /* shuffle bits and return requested number of upper bits */
> > + if (bits == 0)
> > + return 0;
> > return (h * 11400714819323198485llu) >> (__WORDSIZE - bits);
> > }
> >
> > --
> > 2.26.2.645.ge9eca65c58-goog
> >
Powered by blists - more mailing lists