lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 9 May 2020 10:13:22 +0200
From:   Stephen Kitt <steve@....org>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     "David S . Miller" <davem@...emloft.net>,
        Joe Perches <joe@...ches.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net: Protect INET_ADDR_COOKIE on 32-bit
 architectures

Hi,

Thanks for taking the time to review my patch.

On Fri, 8 May 2020 20:50:25 -0700, Jakub Kicinski <kuba@...nel.org> wrote:
> On Fri,  8 May 2020 14:04:57 +0200 Stephen Kitt wrote:
> > Commit c7228317441f ("net: Use a more standard macro for
> > INET_ADDR_COOKIE") added a __deprecated marker to the cookie name on
> > 32-bit architectures, with the intent that the compiler would flag
> > uses of the name. However since commit 771c035372a0 ("deprecate the
> > '__deprecated' attribute warnings entirely and for good"),
> > __deprecated doesn't do anything and should be avoided.
> > 
> > This patch changes INET_ADDR_COOKIE to declare a dummy struct so that
> > any subsequent use of the cookie's name will in all likelihood break
> > the build. It also removes the __deprecated marker.
> 
> I think the macro is supposed to cause a warning when the variable
> itself is accessed. And I don't think that happens with your patch
> applied.

Yes, the warning is what was lost when __deprecated lost its meaning. I was
trying to preserve that, or rather extend it so that the build would break if
the cookie was used on 32-bit architectures, and my patch ensures it does if
the cookie is used in a comparison or assignment, but ...

> +       kfree(&acookie);

I hadn’t thought of taking a pointer to it.

If we want to preserve the use of the macro with a semi-colon, which is what
Joe’s patch introduced (along with the deprecation warning), we still need
some sort of declaration which can’t be used. Perhaps

#define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
	struct __name {} __attribute__((unused))

would be better — it declares the cookie as a struct, not a variable, so then
the build fails if the cookie is used as anything other than a struct. If
anyone does try to use it as a struct, the build will fail on 64-bit
architectures...

  CC      net/ipv4/inet_hashtables.o
net/ipv4/inet_hashtables.c: In function ‘__inet_lookup_established’:
net/ipv4/inet_hashtables.c:362:9: error: ‘acookie’ undeclared (first use in this function)
  kfree(&acookie);
         ^~~~~~~
net/ipv4/inet_hashtables.c:362:9: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [scripts/Makefile.build:267: net/ipv4/inet_hashtables.o] Error 1
make[1]: *** [scripts/Makefile.build:488: net/ipv4] Error 2
make: *** Makefile:1722: net] Error 2

Regards,

Stephen

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists