lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Jun 2020 19:52:51 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Peter Zijlstra <peterz@...radead.org>, Eric Dumazet <edumazet@...gle.com>, "David S. Miller" <davem@...emloft.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, Jakub Kicinski <kuba@...nel.org>, Jiri Pirko <jiri@...nulli.us>, Arvind Sankar <nivedita@...m.mit.edu>, Jiong Wang <jiongwang@...wei.com>, Yuqi Jin <jinyuqi@...wei.com>, Shaokun Zhang <zhangshaokun@...ilicon.com> Subject: [PATCH 5.4 013/142] net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" From: Yuqi Jin <jinyuqi@...wei.com> [ Upstream commit a6211caa634da39d861a47437ffcda8b38ef421b ] Commit adb03115f459 ("net: get rid of an signed integer overflow in ip_idents_reserve()") used atomic_cmpxchg to replace "atomic_add_return" inside the function "ip_idents_reserve". The reason was to avoid UBSAN warning. However, this change has caused performance degrade and in GCC-8, fno-strict-overflow is now mapped to -fwrapv -fwrapv-pointer and signed integer overflow is now undefined by default at all optimization levels[1]. Moreover, it was a bug in UBSAN vs -fwrapv /-fno-strict-overflow, so Let's revert it safely. [1] https://gcc.gnu.org/gcc-8/changes.html Suggested-by: Peter Zijlstra <peterz@...radead.org> Suggested-by: Eric Dumazet <edumazet@...gle.com> Cc: "David S. Miller" <davem@...emloft.net> Cc: Alexey Kuznetsov <kuznet@....inr.ac.ru> Cc: Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org> Cc: Jakub Kicinski <kuba@...nel.org> Cc: Jiri Pirko <jiri@...nulli.us> Cc: Arvind Sankar <nivedita@...m.mit.edu> Cc: Peter Zijlstra <peterz@...radead.org> Cc: Eric Dumazet <edumazet@...gle.com> Cc: Jiong Wang <jiongwang@...wei.com> Signed-off-by: Yuqi Jin <jinyuqi@...wei.com> Signed-off-by: Shaokun Zhang <zhangshaokun@...ilicon.com> Signed-off-by: David S. Miller <davem@...emloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- net/ipv4/route.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -490,18 +490,16 @@ u32 ip_idents_reserve(u32 hash, int segs atomic_t *p_id = ip_idents + hash % IP_IDENTS_SZ; u32 old = READ_ONCE(*p_tstamp); u32 now = (u32)jiffies; - u32 new, delta = 0; + u32 delta = 0; if (old != now && cmpxchg(p_tstamp, old, now) == old) delta = prandom_u32_max(now - old); - /* Do not use atomic_add_return() as it makes UBSAN unhappy */ - do { - old = (u32)atomic_read(p_id); - new = old + delta + segs; - } while (atomic_cmpxchg(p_id, old, new) != old); - - return new - segs; + /* If UBSAN reports an error there, please make sure your compiler + * supports -fno-strict-overflow before reporting it that was a bug + * in UBSAN, and it has been fixed in GCC-8. + */ + return atomic_add_return(segs + delta, p_id) - segs; } EXPORT_SYMBOL(ip_idents_reserve);
Powered by blists - more mailing lists