lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250210180005.GE1264@sol.localdomain>
Date: Mon, 10 Feb 2025 10:00:05 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: Leon Romanovsky <leon@...nel.org>
Cc: Mustafa Ismail <mustafa.ismail@...el.com>,
	Tatyana Nikolova <tatyana.e.nikolova@...el.com>,
	Jason Gunthorpe <jgg@...pe.ca>, linux-rdma@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] RDMA/irdma: switch to using the crc32c library

On Sun, Feb 09, 2025 at 07:44:18AM -0800, Eric Biggers wrote:
> On Sun, Feb 09, 2025 at 11:12:55AM +0200, Leon Romanovsky wrote:
> > On Thu, Feb 06, 2025 at 07:57:50PM -0800, Eric Biggers wrote:
> > > On Thu, Feb 06, 2025 at 07:36:43PM -0800, Eric Biggers wrote:
> > > > +int irdma_ieq_check_mpacrc(const void *addr, u32 len, u32 val)
> > > >  {
> > > > -	u32 crc = 0;
> > > > -
> > > > -	crypto_shash_digest(desc, addr, len, (u8 *)&crc);
> > > > -	if (crc != val)
> > > > +	if (~crc32c(~0, addr, len) != val)
> > > >  		return -EINVAL;
> > > >  
> > > >  	return 0;
> > > >  }
> > > 
> > > Sorry, I just realized this isn't actually equivalent on big endian CPUs, since
> > > the byte array produced by crypto_shash_digest() used little endian byte order,
> > > whereas crc32c() just returns a CPU endian value.
> > > 
> > > And of course this broken subsystem uses u32 for the little endian values
> > > instead of __le32 like the result of the kernel.
> > > 
> > > Not sure it's worth my time to continue to try to fix this subsystem properly.
> > 
> > There is no need to be such dramatic. You are not fixing anything by
> > switch to new APIs
> 
> Exactly.  That's because I dropped the patches that actually did fix real
> endianness bugs, because of the pointless pushback I received -- see
> https://lore.kernel.org/linux-rdma/20250127223840.67280-1-ebiggers@kernel.org/T/#u

Anyway, I already sent v3 of this patch that keeps the cpu_to_le32() to maintain
the exact same behavior as the old code, so please consider that if you are
interested.  Note that I had to add '(__force u32)' to be compatible with this
driver's incorrect types, but that was effectively already there before, just
hidden by writing bytes into a u32.

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ