lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8b280523cf98294bee897615de84546e241b4e11.camel@linux.ibm.com>
Date:   Thu, 15 Jul 2021 14:09:31 +0200
From:   Ilya Leoshkevich <iii@...ux.ibm.com>
To:     Colin Ian King <colin.king@...onical.com>,
        Michael Holzheu <holzheu@...ux.vnet.ibm.com>,
        Martin Schwidefsky <schwidefsky@...ibm.com>
Cc:     Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        linux-s390@...r.kernel.org,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        bpf@...r.kernel.org,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: Range checking on r1 in function reg_set_seen in
 arch/s390/net/bpf_jit_comp.c

On Thu, 2021-07-15 at 13:02 +0100, Colin Ian King wrote:
> Hi
> 
> Static analysis with cppcheck picked up an interesting issue with the
> following inline helper function in arch/s390/net/bpf_jit_comp.c :
> 
> static inline void reg_set_seen(struct bpf_jit *jit, u32 b1)
> {
>         u32 r1 = reg2hex[b1];
> 
>         if (!jit->seen_reg[r1] && r1 >= 6 && r1 <= 15)
>                 jit->seen_reg[r1] = 1;
> }
> 
> Although I believe r1 is always within range, the range check on r1
> is
> being performed before the more cache/memory expensive lookup on
> jit->seen_reg[r1].  I can't see why the range change is being
> performed
> after the access of jit->seen_reg[r1]. The following seems more
> correct:
> 
>         if (r1 >= 6 && r1 <= 15 && !jit->seen_reg[r1])
>                 jit->seen_reg[r1] = 1;
> 
> ..since the check on r1 are less expensive than !jit->seen_reg[r1]
> and
> also the range check ensures the array access is not out of bounds. I
> was just wondering if I'm missing something deeper to why the order
> is
> the way it is.
> 
> Colin

Hi,

I think your analysis is correct, thanks for spotting this!
Even though I don't think the performance difference would be 
measurable here, not confusing future readers is a good reason
to make a change that you suggest.
Do you plan to send a patch?

Best regards,
Ilya

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ