| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <af5b4872-4645-2bf3-19c1-72a45fda18b1@ssi.bg>
Date: Wed, 11 Dec 2024 18:46:27 +0200 (EET)
From: Julian Anastasov <ja@....bg>
To: David Laight <David.Laight@...LAB.COM>
cc: "'Dan Carpenter'" <dan.carpenter@...aro.org>,
Simon Horman <horms@...ge.net.au>,
Pablo Neira Ayuso <pablo@...filter.org>,
Jozsef Kadlecsik <kadlec@...filter.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"lvs-devel@...r.kernel.org" <lvs-devel@...r.kernel.org>,
"netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>,
"coreteam@...filter.org" <coreteam@...filter.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Bartosz Golaszewski <brgl@...ev.pl>
Subject: RE: [PATCH net] ipvs: Fix clamp() order in ip_vs_conn_init()
Hello,
On Wed, 11 Dec 2024, David Laight wrote:
> From: Dan Carpenter
> > Sent: 11 December 2024 13:17
> >
> > We recently added some build time asserts to detect incorrect calls to
> > clamp and it detected this bug which breaks the build. The variable
> > in this clamp is "max_avail" and it should be the first argument. The
> > code currently is the equivalent to max = max(max_avail, max).
>
> The fix is correct but the description above is wrong.
> When run max_avail is always larger than min so the result is correct.
> But the compiler does some constant propagation (for something that
> can't happen) and wants to calculate the constant 'clamp(max, min, 0)'
> Both max and min are known values so the build assert trips.
>
> I posted the same patch (with a different message) last week.
I was still waiting for v2 from David Laight as
he can put more specific explanation for the bad 3rd arg
to clamp() and to add the Fixes header.
David, let me know what should we do, I prefer
to see v2 from you but if you prefer we can go with the
latest version from Dan...
> > Reported-by: Linux Kernel Functional Testing <lkft@...aro.org>
> > Closes:
> > https://lore.kernel.org/all/CA+G9fYsT34UkGFKxus63H6UVpYi5GRZkezT9MRLfAbM3f6ke0g@mail.gmail.com/
> > Fixes: 4f325e26277b ("ipvs: dynamically limit the connection hash table")
> > Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
> > ---
> > I've been trying to add stable CC's to my commits but I'm not sure the
> > netdev policy on this. Do you prefer to add them yourself?
> >
> > net/netfilter/ipvs/ip_vs_conn.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
> > index 98d7dbe3d787..9f75ac801301 100644
> > --- a/net/netfilter/ipvs/ip_vs_conn.c
> > +++ b/net/netfilter/ipvs/ip_vs_conn.c
> > @@ -1495,7 +1495,7 @@ int __init ip_vs_conn_init(void)
> > max_avail -= 2; /* ~4 in hash row */
> > max_avail -= 1; /* IPVS up to 1/2 of mem */
> > max_avail -= order_base_2(sizeof(struct ip_vs_conn));
> > - max = clamp(max, min, max_avail);
> > + max = clamp(max_avail, min, max);
> > ip_vs_conn_tab_bits = clamp_val(ip_vs_conn_tab_bits, min, max);
> > ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
> > ip_vs_conn_tab_mask = ip_vs_conn_tab_size - 1;
> > --
> > 2.45.2
Regards
--
Julian Anastasov <ja@....bg>
Powered by blists - more mailing lists