lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1492441116.10587.96.camel@edumazet-glaptop3.roam.corp.google.com>
Date:   Mon, 17 Apr 2017 07:58:36 -0700
From:   Eric Dumazet <eric.dumazet@...il.com>
To:     Jamal Hadi Salim <jhs@...atatu.com>
Cc:     Jiri Pirko <jiri@...nulli.us>, davem@...emloft.net,
        netdev@...r.kernel.org, xiyou.wangcong@...il.com
Subject: Re: [PATCH net-next 1/1] net sched actions: dump more than
 TCA_ACT_MAX_PRIO actions per batch

On Mon, 2017-04-17 at 10:02 -0400, Jamal Hadi Salim wrote:
> On 17-04-17 09:10 AM, Eric Dumazet wrote:
> 
> [..]
> >
> > We can not assume user programs properly cleared the paddings anyway.
> >
> > Using them for 'new features' is risky, since it might break programs.
> >
> > So the safe way is using new attributes really.
> 
> Since we agreed to have longer discussions on uapis
> when we met I'd like to digress:
> Can we talk about what it means to define pads in data
> structures and then never using them?
> As an example, no-one is setting these fields anywhere on any
> app i know of. Would a union not be good enough for new name
> vs old name? old binaries should continue to work.
> Breakage with any app during compile should be fixable
> within the breaking app (since whoever it is would have source).
> Maybe by breaking some weird app we can experiment on finding
> out.
> 
> My contention is that it is not nice to continue to define uapi
> pads and  then say they cant be used ever.

Very often, pads are there because of ABI constraints.

We 'name' them to make clear to developers that they are there,
and avoid security issues, because of say few bytes from kernel stack
are copied to user space.

struct foo {
  __u32 a;
  __u16 b;
};


Note that the 16bit padding is there, even if you do not name it.

Once this structure had been exported to some include file and in a
kernel, there is little point trying to 'reuse' the padding, unless for
very specific cases.

If you name paddings, then developers might think about it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ