lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Aug 2021 11:13:38 +0200
From:   Peter Rosin <peda@...ntia.se>
To:     Liam Beguin <liambeguin@...il.com>, jic23@...nel.org,
        lars@...afoo.de
Cc:     linux-kernel@...r.kernel.org, linux-iio@...r.kernel.org,
        devicetree@...r.kernel.org, robh+dt@...nel.org
Subject: Re: [PATCH v8 08/14] iio: afe: rescale: reduce risk of integer
 overflow

On 2021-08-20 21:17, Liam Beguin wrote:
> From: Liam Beguin <lvb@...hos.com>
> 
> Reduce the risk of integer overflow by doing the scale calculation on
> a 64-bit integer. Since the rescaling is only performed on *val, reuse
> the IIO_VAL_FRACTIONAL_LOG2 case.

While this patch certainly helps with overflow problems, it also
potentially kills precision in some cases where there currently are
no overflow issues.

E.g. this patch transforms 5/32768 scaled by 3/10000 from the exact

15 / 327680000 (0.0000000457763671875)

to the heavily truncated plain old sorry "zero".

Sure, 9/14 improves the situation, but patch 9/14 simply cannot
make this example any better than returning 2 significant digits
since the value is so small.

Side note, there is also the same type of risk of overflow for
IIO_VAL_INT. Why does that case not get the same treatment as
IIO_VAL_FRACTIONAL?

But again, I see no elegant solution. The best I can think of is the
inelegant solution to provide extra info on the input range, the
exact desired scaling method, the desired output type, some mix of
all of the above or something else that helps determining the
appropriate scaling method w/o looking at the individual number.

Cheers,
Peter

> Signed-off-by: Liam Beguin <lvb@...hos.com>
> ---
>  drivers/iio/afe/iio-rescale.c | 5 +----
>  1 file changed, 1 insertion(+), 4 deletions(-)
> 
> diff --git a/drivers/iio/afe/iio-rescale.c b/drivers/iio/afe/iio-rescale.c
> index 809e966f7058..c408c4057c08 100644
> --- a/drivers/iio/afe/iio-rescale.c
> +++ b/drivers/iio/afe/iio-rescale.c
> @@ -27,16 +27,13 @@ int rescale_process_scale(struct rescale *rescale, int scale_type,
>  	u32 neg;
>  
>  	switch (scale_type) {
> -	case IIO_VAL_FRACTIONAL:
> -		*val *= rescale->numerator;
> -		*val2 *= rescale->denominator;
> -		return scale_type;
>  	case IIO_VAL_INT:
>  		*val *= rescale->numerator;
>  		if (rescale->denominator == 1)
>  			return scale_type;
>  		*val2 = rescale->denominator;
>  		return IIO_VAL_FRACTIONAL;
> +	case IIO_VAL_FRACTIONAL:
>  	case IIO_VAL_FRACTIONAL_LOG2:
>  		tmp = (s64)*val * 1000000000LL;
>  		tmp = div_s64(tmp, rescale->denominator);
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ