lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2a9391a3546d487ca937c4e523690ea9@AcuMS.aculab.com> Date: Thu, 24 Feb 2022 23:15:01 +0000 From: David Laight <David.Laight@...LAB.COM> To: 'Andy Shevchenko' <andy.shevchenko@...il.com>, Claudio Imbrenda <imbrenda@...ux.ibm.com> CC: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, Christian Borntraeger <borntraeger@...ux.ibm.com>, "open list:VFIO DRIVER" <kvm@...r.kernel.org>, "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>, "Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>, Janosch Frank <frankja@...ux.ibm.com>, David Hildenbrand <david@...hat.com>, Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>, Alexander Gordeev <agordeev@...ux.ibm.com>, Sven Schnelle <svens@...ux.ibm.com> Subject: RE: [PATCH v1 1/1] KVM: s390: Don't cast parameter in bit operations From: Andy Shevchenko > Sent: 24 February 2022 19:51 > > On Thu, Feb 24, 2022 at 2:51 PM Claudio Imbrenda <imbrenda@...ux.ibm.com> wrote: > > > > On Wed, 23 Feb 2022 18:44:20 +0200 > > Andy Shevchenko <andriy.shevchenko@...ux.intel.com> wrote: > > > > > While in this particular case it would not be a (critical) issue, > > > the pattern itself is bad and error prone in case somebody blindly > > > copies to their code. > > > > > > Don't cast parameter to unsigned long pointer in the bit operations. > > > Instead copy to a local variable on stack of a proper type and use. > > ... > > > > + struct { /* as a 256-bit bitmap */ > > > + DECLARE_BITMAP(b, 256); > > > + } bitmap; > > > + struct { /* as a set of 64-bit words */ > > > u64 word[4]; > > > } u64; > > > > - set_bit_inv(IPM_BIT_OFFSET + gisc, (unsigned long *) gisa); > > > + set_bit_inv(IPM_BIT_OFFSET + gisc, gisa->bitmap.b); > > > > wouldn't it be enough to pass gisa->u64.word here? > > then no cast would be necessary > > No, it will have the same hidden bugs. As I stated in the commit > message, the pattern is quite bad even if in particular code it would > work. > > Thanks, Michael, for pointing out other places. They all need to be fixed. It may even be worth writing some alternate bitmap functions that use u64[] and unlocked operations? Although I think I'd still want to encapsulate the actual array (somehow) so that what is defined has to be the bitmap type. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
Powered by blists - more mailing lists