lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 31 Dec 2022 16:44:45 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Herbert Xu' <herbert@...dor.apana.org.au>,
        Uwe Kleine-König 
        <u.kleine-koenig@...gutronix.de>
CC:     Anders Roxell <anders.roxell@...aro.org>,
        Kees Cook <keescook@...omium.org>,
        Horia Geantă <horia.geanta@....com>,
        Gaurav Jain <gaurav.jain@....com>,
        Pankaj Gupta <pankaj.gupta@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "kernel@...gutronix.de" <kernel@...gutronix.de>,
        "David S. Miller" <davem@...emloft.net>,
        "kernel test robot" <lkp@...el.com>
Subject: RE: [PATCH] crypto: caam - Avoid GCC memset bug warning

From: Herbert Xu
> Sent: 29 December 2022 01:49
> 
> On Wed, Dec 28, 2022 at 12:30:35PM +0100, Uwe Kleine-König wrote:
> >
> > > -	if (len) /* avoid sparse warning: memcpy with byte count of 0 */
> > > +	/* Avoid gcc warning: memcpy with data == NULL */
> > > +	if (!IS_ENABLED(CONFIG_CRYPTO_DEV_FSL_CAAM_DEBUG) || data)
> >
> > I just tried: For me a plain
> >
> > 	if (data)
> >
> > is also enough to make both gcc and sparse happy.
> 
> Of course it is.  The point of the extra condition is to remove
> the unnecessary check on data unless we are in debugging mode
> (as it is only needed in debugging mode to work around the buggy
> compiler).

IIRC the 'problematic' case is one where 'len' and 'data'
are actually compile-time zeros - in which case you don't
want to call memcpy() at all.
In all other cases I think there is something to copy so you
don't really want the check (or the one in memcpy() will do).

Whether (builtin_constant_p(data) && !data) is good enough is
another matter.
It might need the (sizeof *(1 ? (void *)(data) : (int *)0) == 1)
test.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ