lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aPtLtEJJ3jV12FNJ@smile.fi.intel.com>
Date: Fri, 24 Oct 2025 12:49:40 +0300
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: Giovanni Cabiddu <giovanni.cabiddu@...el.com>
Cc: Thorsten Blum <thorsten.blum@...ux.dev>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	"David S. Miller" <davem@...emloft.net>,
	Jack Xu <jack.xu@...el.com>,
	Suman Kumar Chakraborty <suman.kumar.chakraborty@...el.com>,
	Qianfeng Rong <rongqianfeng@...o.com>, qat-linux@...el.com,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] crypto: qat - use strscpy_pad to simplify buffer
 initialization

On Fri, Oct 24, 2025 at 09:50:11AM +0100, Giovanni Cabiddu wrote:
> On Thu, Oct 23, 2025 at 09:44:01PM +0300, Andy Shevchenko wrote:
> > On Thu, Oct 23, 2025 at 05:35:00PM +0200, Thorsten Blum wrote:
> > > On 22. Oct 2025, at 20:17, Andy Shevchenko wrote:
> > > > On Wed, Oct 22, 2025 at 02:36:19PM +0200, Thorsten Blum wrote:

...

> > > How about this?
> > 
> > LGTM, and that's what I had in mind, but please double check the behaviour of
> > kstrtox() on an empty strings.
> 
> LGTM as well.
> 
> I checked the behaviour of kstrtoul() when given an empty string. It
> returns -EINVAL (-22). The result variable (the third parameter) is only
> modified if the conversion is succesful.

Thanks for confirming!

> Anyway, the caller will not provide a NULL string to this function [1].
> 
> > > +	unsigned long long ae;
> > > +	char *end;
> > >  
> > > +	ae = simple_strtoull(str, &end, 10);
> > > +	if (ae > UINT_MAX || str == end || (end - str) > 20)
> > 
> > I would go with >= 20, the 64-bit value is approx. 1 * 10^19.
> 
> Just an insight into the type of strings being parsed here. If they are
> well-formed, the format looks like:
> 
>     <AE_NUMBER>!<...>
> 
> Example:
> 
>     11!l0000!lm_thread_ctrl_struct_base
> 
> This function just extract the first number. Currently, that is 2 digits [2],
> and I believe it is unlikely to exceed 3 in future gens.

Yep, but it is better to make code more robust (and esp. in case somebody
copies'n'pastes to somewhere else).

> [1] https://elixir.bootlin.com/linux/v6.17.4/source/drivers/crypto/intel/qat/qat_common/qat_uclo.c#L237
> [2] https://elixir.bootlin.com/linux/v6.17.4/source/drivers/crypto/intel/qat/qat_common/icp_qat_uclo.h#L11

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ