| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Feb 2024 12:01:43 +0000 From: Dave Martin <Dave.Martin@....com> To: Mark Brown <broonie@...nel.org> Cc: Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org>, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] arm64/sve: Document that __SVE_VQ_MAX is much larger than needed On Tue, Feb 06, 2024 at 04:27:01PM +0000, Mark Brown wrote: > __SVE_VQ_MAX is defined without comment as 512 but the actual > architectural maximum is 16, a substantial difference which might not > be obvious to readers especially given the several different units used > for specifying vector sizes in various contexts and the fact that it's > often used via macros. In an effort to minimise surprises for users who > might assume the value is the architectural maximum and use it to do > things like size allocations add a comment noting the difference. Well, the value 512 was semi-deliberately chosen to be surprising. But the point about units is valid: to the casual reader, "512" does look suspiciously like a bit count when it really really isn't... > > Signed-off-by: Mark Brown <broonie@...nel.org> > --- > arch/arm64/include/uapi/asm/sve_context.h | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/arm64/include/uapi/asm/sve_context.h b/arch/arm64/include/uapi/asm/sve_context.h > index 754ab751b523..59f283f373a6 100644 > --- a/arch/arm64/include/uapi/asm/sve_context.h > +++ b/arch/arm64/include/uapi/asm/sve_context.h > @@ -13,6 +13,10 @@ > > #define __SVE_VQ_BYTES 16 /* number of bytes per quadword */ > > +/* > + * Note that for future proofing __SVE_VQ_MAX is defined much larger > + * than the actual architecture maximum of 16. > + */ I think that putting shadow #defines in comments in UAPI headers is a really bad idea... is this a normative statement about the user API, or what? My concern is that if we muddy the waters here different bits of software will do different things and we will get a mess with no advantages. Portability issues may ensue if userspace software feels it can substitute some other value for this constant, since we can't control what userspace uses it for. > #define __SVE_VQ_MIN 1 Would it be sufficient to say something like: /* * Yes, this is 512 QUADWORDS. * Never allocate memory or size structures based on the value of this * constant. */ > #define __SVE_VQ_MAX 512 Though comments might be better placed alongsize SVE_VQ_MAX at al., in ptrace.h and sigcontext.h rather than here. The leading __ should at least be a hint that __SVE_VQ_MAX shouldn't be used directly by anyone... Cheers ---Dave
Powered by blists - more mailing lists