lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8ae34aa0-ffcc-43c9-9192-393cf2707c38@moroto.mountain>
Date: Fri, 12 Jan 2024 15:40:34 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: David Laight <David.Laight@...lab.com>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	'Andy Shevchenko' <andriy.shevchenko@...ux.intel.com>,
	'Andrew Morton' <akpm@...ux-foundation.org>,
	"'Matthew Wilcox (Oracle)'" <willy@...radead.org>,
	'Christoph Hellwig' <hch@...radead.org>,
	"'Jason A. Donenfeld'" <Jason@...c4.com>
Subject: Re: [PATCH next v4 0/5] minmax: Relax type checks in min() and max().

On Fri, Jan 12, 2024 at 12:16:00PM +0000, David Laight wrote:
> From: Dan Carpenter
> > Sent: 12 January 2024 09:13
> > 
> > I've often wondered why so many people use min_t(int, size, limit) when
> > they really do not want negative sizes...  Is there a performance reason?
> > git grep 'min_t(int,' says there are 872 instances of this.  Probably
> > some do want negatives but it's a quite small percent.
> 
> But you really don't a negative 'size' converted to a large
> unsigned value above the limit - that would be worse.
> All the type checking is there to stop that happening.
> 

I understand your changes, it seems like a really nice API.  I was just
asking about min_t(int, in old code.  Just to take the first example
from my git grep:

arch/arm/mach-orion5x/ts78xx-setup.c
   160                  sz = min_t(int, 4 - off, len);
   161                  writesb(io_base, buf, sz);

If len is negative then we write negative bytes to writesb().  What
was the thinking here?

> Even with my changes min(int_var, sizeof()) is a compile error.
> To do otherwise would really requite the sizeof() to be converted
> to int - leaving the other type alone.
> Easiest done by using 'int' instead of 'typeof(y)' for the
> local variable inside cmp_once().

I think I would maybe like a mins() which returns signed values, and
then we would convert all the min() usages to either minu() or mins()
and delete min().

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ