lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAH5fLgi96g-vQY-kzEZtkjgidqLy5dOSyFS=8dTE_QtQcpu4=Q@mail.gmail.com>
Date: Mon, 22 Apr 2024 10:52:57 +0200
From: Alice Ryhl <aliceryhl@...gle.com>
To: Carlos Llamas <cmllamas@...gle.com>
Cc: arve@...roid.com, brauner@...nel.org, gregkh@...uxfoundation.org, 
	joel@...lfernandes.org, kernel-team@...roid.com, linux-kernel@...r.kernel.org, 
	maco@...roid.com, surenb@...gle.com, tkjos@...roid.com
Subject: Re: [PATCH 2/4] binder: migrate ioctl to new PF_SPAM_DETECTION

On Sun, Apr 21, 2024 at 1:49 AM Carlos Llamas <cmllamas@...gle.com> wrote:
>
> On Thu, Apr 18, 2024 at 08:12:22AM +0000, Alice Ryhl wrote:
> > Carlos Llamas <cmllamas@...gle.com> writes:
> > > @@ -5553,7 +5553,8 @@ static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
> > >                     goto err;
> > >             }
> > >             binder_inner_proc_lock(proc);
> > > -           proc->oneway_spam_detection_enabled = (bool)enable;
> > > +           proc->flags &= ~PF_SPAM_DETECTION;
> > > +           proc->flags |= enable & PF_SPAM_DETECTION;
> >
> > The bitwise and in `enable & PF_SPAM_DETECTION` only works because
> > PF_SPAM_DETECTION happens to be equal to 1. This seems pretty fragile to
> > me. Would you be willing to do this instead?
> >
> > proc->flags &= ~PF_SPAM_DETECTION;
> > if (enable)
> >       proc->flags |= PF_SPAM_DETECTION;
> >
>
> I don't think it is fragile since PF_SPAM_DETECTION is fixed. However,
> I agree the code is missing context about the flag being bit 0 and your
> version addresses this problem. So I'll take it for v2, thanks!

Thanks! By fragile I mean that it could result in future mistakes,
e.g. somebody could copy this code and use it elsewhere with a
different bit flag that might not be bit 0.

> > Carlos Llamas <cmllamas@...gle.com> writes:
> > > -                   if (proc->oneway_spam_detection_enabled &&
> > > -                              w->type == BINDER_WORK_TRANSACTION_ONEWAY_SPAM_SUSPECT)
> > > +                   if (proc->flags & PF_SPAM_DETECTION &&
> > > +                       w->type == BINDER_WORK_TRANSACTION_ONEWAY_SPAM_SUSPECT)
> >
> > Maybe I am just not sufficiently familiar with C, but I had to look up
> > the operator precedence rules for this one. Could we add parenthesises
> > around `proc->flags & PF_SPAM_DETECTION`? Or even define a macro for it?
>
> I think this is fairly common in C but I can definitly add the extra
> paranthesis if it helps.

Yeah, makes sense. Thanks!

With the mentioned changes, you may add:
Reviewed-by: Alice Ryhl <aliceryhl@...gle.com>

Alice

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ