| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160108162351.GD26058@breakpoint.cc>
Date: Fri, 8 Jan 2016 17:23:51 +0100
From: Florian Westphal <fw@...len.de>
To: David Laight <David.Laight@...LAB.COM>
Cc: 'Pablo Neira Ayuso' <pablo@...filter.org>,
"netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>,
"davem@...emloft.net" <davem@...emloft.net>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: Re: [PATCH 16/17] netfilter: nft_byteorder: provide 64bit le/be
conversion
David Laight <David.Laight@...LAB.COM> wrote:
> From: Pablo Neira Ayuso
> > Sent: 08 January 2016 14:02
> > From: Florian Westphal <fw@...len.de>
> >
> > Needed to convert the (64bit) conntrack counters to BE ordering.
> >
> ...
> > switch (priv->size) {
> > + case 8: {
> > + u64 src64;
> > +
> > + switch (priv->op) {
> > + case NFT_BYTEORDER_NTOH:
> > + for (i = 0; i < priv->len / 8; i++) {
> > + src64 = get_unaligned_be64(&src[i]);
> > + src64 = be64_to_cpu((__force __be64)src64);
> > + put_unaligned_be64(src64, &dst[i]);
> > + }
> > + break;
> > + case NFT_BYTEORDER_HTON:
> > + for (i = 0; i < priv->len / 8; i++) {
> > + src64 = get_unaligned_be64(&src[i]);
> > + src64 = (__force u64)cpu_to_be64(src64);
> > + put_unaligned_be64(src64, &dst[i]);
> > + }
> > + break;
> > + }
> > + break;
>
> That is horrid.
Yes, sorry for this, however ...
> On a little-endian system you are byteswapping the data 3 times.
> Image the code on a cpu that doesn't support misaligned transfers
> and doesn't have a byteswap instruction.
diff --git a/net/netfilter/nft_byteorder.c b/net/netfilter/nft_byteorder.c
--- a/net/netfilter/nft_byteorder.c
+++ b/net/netfilter/nft_byteorder.c
@@ -46,16 +46,16 @@ static void nft_byteorder_eval(const struct nft_expr *expr,
switch (priv->op) {
case NFT_BYTEORDER_NTOH:
for (i = 0; i < priv->len / 8; i++) {
- src64 = get_unaligned_be64(&src[i]);
+ src64 = get_unaligned((u64 *)&src[i]);
src64 = be64_to_cpu((__force __be64)src64);
- put_unaligned_be64(src64, &dst[i]);
+ put_unaligned(src64, (u64 *)&dst[i]);
}
break;
case NFT_BYTEORDER_HTON:
for (i = 0; i < priv->len / 8; i++) {
- src64 = get_unaligned_be64(&src[i]);
+ src64 = get_unaligned((u64 *)&src[i]);
src64 = (__force u64)cpu_to_be64(src64);
- put_unaligned_be64(src64, &dst[i]);
+ put_unaligned(src64, (u64 *)&dst[i]);
}
break;
}
Results in identical object code.
Powered by blists - more mailing lists