lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aQkEbZrabOzPBClg@smile.fi.intel.com>
Date: Mon, 3 Nov 2025 21:37:17 +0200
From: Andy Shevchenko <andriy.shevchenko@...el.com>
To: David Laight <david.laight.linux@...il.com>
Cc: Kuan-Wei Chiu <visitorckw@...il.com>,
	Guan-Chun Wu <409411716@....tku.edu.tw>,
	Andrew Morton <akpm@...ux-foundation.org>, ebiggers@...nel.org,
	tytso@....edu, jaegeuk@...nel.org, xiubli@...hat.com,
	idryomov@...il.com, kbusch@...nel.org, axboe@...nel.dk, hch@....de,
	sagi@...mberg.me, home7438072@...il.com,
	linux-nvme@...ts.infradead.org, linux-fscrypt@...r.kernel.org,
	ceph-devel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 0/6] lib/base64: add generic encoder/decoder, migrate
 users

On Mon, Nov 03, 2025 at 07:29:08PM +0000, David Laight wrote:
> On Mon, 3 Nov 2025 20:16:46 +0200
> Andy Shevchenko <andriy.shevchenko@...el.com> wrote:
> > On Mon, Nov 03, 2025 at 04:41:41PM +0200, Andy Shevchenko wrote:
> > > On Mon, Nov 03, 2025 at 01:22:13PM +0000, David Laight wrote:  

...

> > > Pragma will be hated.
> 
> They have been used in a few other places.
> and to disable more 'useful' warnings.

You can go with pragma, but even though it just hides the potential issues.
Not my choice.

> > > I believe there is a better way to do what you want. Let me cook a PoC.  
> > 
> > I tried locally several approaches and the best I can come up with is the pre-generated
> > (via Python script) pieces of C code that we can copy'n'paste instead of that shortened
> > form. So basically having a full 256 tables in the code is my suggestion to fix the build
> > issue. Alternatively we can generate that at run-time (on the first run) in
> > the similar way how prime_numbers.c does. The downside of such an approach is loosing
> > the const specifier, which I consider kinda important.
> > 
> > Btw, in the future here might be also the side-channel attack concerns appear, which would
> > require to reconsider the whole algo to get it constant-time execution.
> 
> The array lookup version is 'reasonably' time constant.

The array doesn't fit the cacheline.

> One option is to offset all the array entries by 1 and subtract 1 after reading the entry.

Yes, I was thinking of it, but found a bit weird.

> That means that the 'error' characters have zero in the array (not -1).
> At least the compiler won't error that!
> The extra 'subtract 1' is probably just measurable.

> But I'd consider raising a bug on gcc :-)

And clang? :-)

> One of the uses of ranged designated initialisers for arrays is to change the
> default value - as been done here.
> It shouldn't cause a warning.

This is prone to mistakes when it's not the default rewrite. I fixed already
twice such an issue in drivers/hid in the past few months.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ