| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 May 2023 17:31:40 -0700
From: "Chang S. Bae" <chang.seok.bae@...el.com>
To: Dave Hansen <dave.hansen@...el.com>,
Eric Biggers <ebiggers@...nel.org>
CC: <linux-kernel@...r.kernel.org>, <linux-crypto@...r.kernel.org>,
<dm-devel@...hat.com>, <gmazyland@...il.com>, <luto@...nel.org>,
<dave.hansen@...ux.intel.com>, <tglx@...utronix.de>,
<mingo@...nel.org>, <x86@...nel.org>,
<herbert@...dor.apana.org.au>, <ardb@...nel.org>,
<dan.j.williams@...el.com>, <bernie.keany@...el.com>,
<charishma1.gairuboyina@...el.com>,
<lalithambika.krishnakumar@...el.com>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH v6 07/12] x86/cpu/keylocker: Load an internal wrapping key
at boot-time
On 5/8/2023 2:56 PM, Dave Hansen wrote:
> On 5/8/23 11:18, Chang S. Bae wrote:
>> On 5/5/2023 4:05 PM, Eric Biggers wrote:
>>> On Mon, Apr 10, 2023 at 03:59:31PM -0700, Chang S. Bae wrote:
>>>> +#ifdef CONFIG_X86_KEYLOCKER
>>>> +void setup_keylocker(struct cpuinfo_x86 *c);
>>>> +void destroy_keylocker_data(void);
>>>> +#else
>>>> +#define setup_keylocker(c) do { } while (0)
>>>> +#define destroy_keylocker_data() do { } while (0)
>>>> +#endif
>>>
>>> Shouldn't the !CONFIG_X86_KEYLOCKER stubs be static inline functions
>>> instead of
>>> macros, so that type checking works?
>>
>> I think either way works here. This macro is just for nothing.
>
> Chang, I do prefer the 'static inline' as a general rule. Think of this:
>
> static inline void setup_keylocker(struct cpuinfo_x86 *c) {}
>
> versus:
>
> #define setup_keylocker(c) do { } while (0)
>
> Imagine some dope does:
>
> char c;
> ...
> setup_keylocker(c);
>
> With the macro, they'll get no type warning. The inline actually makes
> it easier to find bugs because folks will get _some_ type checking no
> matter how they compile the code.
Ah, when the prototype with one or more arguments, 'static inline'
allows the check. Then it is not an 'either-way' thing.
Looking at the x86 code, there are some seemingly related:
$ git grep "do { } while (0)" arch/x86 | grep -v "()"
arch/x86/include/asm/kprobes.h:#define flush_insn_slot(p) do { }
while (0)
arch/x86/include/asm/mc146818rtc.h:#define lock_cmos(reg) do { } while (0)
arch/x86/include/asm/pgtable.h:#define flush_tlb_fix_spurious_fault(vma,
address, ptep) do { } while (0)
arch/x86/include/asm/preempt.h:#define init_task_preempt_count(p) do { }
while (0)
arch/x86/kvm/ioapic.h:#define ASSERT(x) do { } while (0)
arch/x86/kvm/mmu/mmu_internal.h:#define pgprintk(x...) do { } while (0)
arch/x86/kvm/mmu/mmu_internal.h:#define rmap_printk(x...) do { } while (0)
arch/x86/kvm/mmu/mmu_internal.h:#define MMU_WARN_ON(x) do { } while (0)
Now I feel owed for some potential cleanup work.
Thanks,
Chang
Powered by blists - more mailing lists