lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 18 Oct 2021 09:41:15 -1000
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Nathan Chancellor <nathan@...nel.org>,
        Henrique de Moraes Holschuh <hmh@....eng.br>,
        Hans de Goede <hdegoede@...hat.com>,
        Mark Gross <markgross@...nel.org>,
        ibm-acpi-devel@...ts.sourceforge.net,
        platform-driver-x86@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        llvm@...ts.linux.dev, Tor Vic <torvic9@...lbox.org>
Subject: Re: [PATCH] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning

On Mon, Oct 18, 2021 at 8:34 AM Nick Desaulniers
<ndesaulniers@...gle.com> wrote:
>
> LGTM, thanks for the patch! I guess this would be the first
> "interesting" case this warning has found in kernel sources?

The patch looks obviously correct (tm), but I'm not convinced that the
warning is actually all that interesting.

The thing is, using bitwise operators for booleans is _exactly_ the
same as using logical ones as long as there are no side effects. In
fact, any compiler worth its salt will already convert some cases
between the two as an optimization just as part of code generation.

Of course, that "as long as there are no side effects" is the big
thing - then the short-circuiting of the actual logical operations
clearly matters. But that wasn't actually the case in this situation
(or in the kvm situation elsewhere).

So in both of these cases, the difference between "|" and "||" ends up
purely being a hint to the compiler.

In this case, even if there are no side effects, it's clearly
pointless to do the second strlencmp() if the first one already
matched, and the "||" is unquestionably the right hint (and honestly,
most compilers probably wouldn't even be able to tell "no side
effects" because it's a fairly complex expression - but since it's
inlined and uses compiler intrinsics, the compiler _might_ actually be
able to see that the two are equivalent).

But no, I don't think that warning is very interesting. In fact, the
warning might be overall detrimental, in case the hints were
intentional (like the kvm case - although I'm not convinced the kvm
hinting was actually meaningful).

                 Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ