lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ba4668725f944d12843529f0b0d4a8a2@AcuMS.aculab.com>
Date:   Wed, 25 Aug 2021 09:13:44 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Larry Finger' <Larry.Finger@...inger.net>,
        Aakash Hemadri <aakashhemadri123@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Phillip Potter <phil@...lpotter.co.uk>
CC:     "linux-staging@...ts.linux.dev" <linux-staging@...ts.linux.dev>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v3 2/5] staging: r8188eu: cast to restricted __be32

From: Larry Finger
> Sent: 23 August 2021 15:24
> 
> On 8/23/21 3:44 AM, Aakash Hemadri wrote:
> > On 21/08/21 09:48PM, Aakash Hemadri wrote:
> >> Fix sparse warning:
> >>> rtw_br_ext.c:836:54: warning: cast to restricted __be32
> >>
> >> dhpch->cookie is be32, change it's type.
...
> >> diff --git a/drivers/staging/r8188eu/core/rtw_br_ext.c b/drivers/staging/r8188eu/core/rtw_br_ext.c
> >> index f6d1f6029ec3..f65d94bfa286 100644
> >> --- a/drivers/staging/r8188eu/core/rtw_br_ext.c
> >> +++ b/drivers/staging/r8188eu/core/rtw_br_ext.c
...
> >> @@ -671,7 +671,7 @@ void dhcp_flag_bcast(struct adapter *priv, struct sk_buff *skb)
> >>   				    (udph->dest == __constant_htons(SERVER_PORT))) { /*  DHCP request */
> >>   					struct dhcpMessage *dhcph =
> >>   						(struct dhcpMessage *)((size_t)udph + sizeof(struct udphdr));

This assignment looks dubious at best - WTF is (size_t) for?
I don't seem to have a source tree with this driver in it (probably only in 'next'?).
I suspect it should be:
	struct dhcp_message *dhcph = (void *)(udph + 1);

> >> -					u32 cookie = be32_to_cpu((__be32)dhcph->cookie);
> >> +					u32 cookie = be32_to_cpu(dhcph->cookie);
> >>
> >>   					if (cookie == DHCP_MAGIC) { /*  match magic word */
> >>   						if (!(dhcph->flags & htons(BROADCAST_FLAG))) {
> >> --
> >> 2.32.0
> >>
> >
> > David Laight suggested to use get_unaligned_be32, I am not sure if it's
> > the right thing to do because as far as I understand get_unaligned_be32
> > byteshifts the argument.
> >
> > Can someone please confirm if this change is okay?
> >
> 
> It is not needed. variable dhcph->cookie is 4-byte aligned. Usind the unaligned
> version would just add cpu cycles and arrivw at the same point!

It rather depends on whether the input buffer is aligned.
Although if it might not be then then the structure(s) that map
it need to be marked 'packed'.
Which would also mean the get_unaligned_be32() isn't the correct
way to handle a misaligned buffer.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ