lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wgfeAjTNomdTU3gx308O+k5+3STqwBMSqrM7=D8CyEydQ@mail.gmail.com>
Date: Tue, 30 Sep 2025 08:48:07 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Paul Moore <paul@...l-moore.com>
Cc: selinux@...r.kernel.org, linux-security-module@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] selinux/selinux-pr-20250926

On Fri, 26 Sept 2025 at 20:07, Paul Moore <paul@...l-moore.com> wrote:
>
> - Remove our use of get_zeroed_page() in sel_read_bool()
>
>   Update sel_read_bool() to use a four byte stack buffer instead of a
>   memory page fetched via get_zeroed_page(), and fix a memory in the
>   process.
>
>   Needless to say we should have done this a long time ago, but it was
>   in a very old chunk of code that "just worked" and I don't think
>   anyone had taken a real look at it in many years.

Lol.

... and when I looked at this, I went "scnprintf for a 4-byte buffer?"

It uses

        len = scnprintf(buffer, sizeof(buffer), "%d %d", ..

and I went "printing two numbers and just four bytes" before I noticed
that they are just booleans and so 'len' always is just 3.

It literally could have done

        char buffer[] = { '0' + !a, ' ', '0' + !!b, 0 };

instead, and I guess a compiler could do that transformation in a perfect world.

But this isn't exactly performance-crticial, so nobody cares.

                Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ