netdev - Re: [PATCH bpf-next v2] xsk: Elide base_addr comparison in xp_unaligned_validate

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date:   Wed, 12 Apr 2023 14:28:24 +0200
From:   Magnus Karlsson <magnus.karlsson@...il.com>
To:     Kal Conley <kal.conley@...tris.com>
Cc:     Björn Töpel <bjorn@...nel.org>,
        Magnus Karlsson <magnus.karlsson@...el.com>,
        Maciej Fijalkowski <maciej.fijalkowski@...el.com>,
        Jonathan Lemon <jonathan.lemon@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Jesper Dangaard Brouer <hawk@...nel.org>,
        John Fastabend <john.fastabend@...il.com>,
        netdev@...r.kernel.org, bpf@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v2] xsk: Elide base_addr comparison in xp_unaligned_validate_desc

On Tue, 11 Apr 2023 at 15:03, Kal Conley <kal.conley@...tris.com> wrote:
>
> Remove redundant (base_addr >= pool->addrs_cnt) comparison from the
> conditional.
>
> In particular, addr is computed as:
>
>     addr = base_addr + offset
>
> where base_addr and offset are stored as 48-bit and 16-bit unsigned
> integers, respectively. The above sum cannot overflow u64 since
> base_addr has a maximum value of 0x0000ffffffffffff and offset has a
> maximum value of 0xffff (implying a maximum sum of 0x000100000000fffe).
> Since overflow is impossible, it follows that addr >= base_addr.
>
> Now if (base_addr >= pool->addrs_cnt), then clearly:
>
>     addr >= base_addr
>          >= pool->addrs_cnt
>
> Thus, (base_addr >= pool->addrs_cnt) implies (addr >= pool->addrs_cnt).
> Subsequently, the former comparison is unnecessary in the conditional
> since for any boolean expressions A and B, (A || B) && (A -> B) is
> equivalent to B.

Thanks Kal! Just checking again that you ran the xsk selftests on your
change and that it passed? If so, here is my ack.

Acked-by: Magnus Karlsson <magnus.karlsson@...el.com>

> Signed-off-by: Kal Conley <kal.conley@...tris.com>
> ---
>  net/xdp/xsk_queue.h | 8 ++------
>  1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/net/xdp/xsk_queue.h b/net/xdp/xsk_queue.h
> index 66c6f57c9c44..dea4f378327d 100644
> --- a/net/xdp/xsk_queue.h
> +++ b/net/xdp/xsk_queue.h
> @@ -153,16 +153,12 @@ static inline bool xp_aligned_validate_desc(struct xsk_buff_pool *pool,
>  static inline bool xp_unaligned_validate_desc(struct xsk_buff_pool *pool,
>                                               struct xdp_desc *desc)
>  {
> -       u64 addr, base_addr;
> -
> -       base_addr = xp_unaligned_extract_addr(desc->addr);
> -       addr = xp_unaligned_add_offset_to_addr(desc->addr);
> +       u64 addr = xp_unaligned_add_offset_to_addr(desc->addr);
>
>         if (desc->len > pool->chunk_size)
>                 return false;
>
> -       if (base_addr >= pool->addrs_cnt || addr >= pool->addrs_cnt ||
> -           addr + desc->len > pool->addrs_cnt ||
> +       if (addr >= pool->addrs_cnt || addr + desc->len > pool->addrs_cnt ||
>             xp_desc_crosses_non_contig_pg(pool, addr, desc->len))
>                 return false;
>
> --
> 2.39.2
>