| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Oct 2023 09:26:06 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Stephen Hemminger' <stephen@...workplumber.org>, Johannes Berg
<johannes@...solutions.net>
CC: Jakub Kicinski <kuba@...nel.org>, Nicolas Dichtel
<nicolas.dichtel@...nd.com>, "netdev@...r.kernel.org"
<netdev@...r.kernel.org>, "fw@...len.de" <fw@...len.de>,
"pablo@...filter.org" <pablo@...filter.org>, "jiri@...nulli.us"
<jiri@...nulli.us>, "mkubecek@...e.cz" <mkubecek@...e.cz>,
"aleksander.lobakin@...el.com" <aleksander.lobakin@...el.com>, Thomas Haller
<thaller@...hat.com>
Subject: RE: [RFC] netlink: add variable-length / auto integers
From: Stephen Hemminger
> Sent: 11 October 2023 17:46
>
> On Wed, 11 Oct 2023 18:01:49 +0200
> Johannes Berg <johannes@...solutions.net> wrote:
>
> > On Wed, 2023-10-11 at 08:52 -0700, Jakub Kicinski wrote:
> >
> > > > > > Even for arches which don't have good unaligned access - I'd think
> > > > > > that access aligned to 4B *is* pretty efficient, and that's all
> > > > > > we need. Plus kernel deals with unaligned input. Why can't user space?
> > > > >
> > > > > Hmm. I have a vague recollection that it was related to just not doing
> > > > > it - the kernel will do get_unaligned() or similar, but userspace if it
> > > > > just accesses it might take a trap on some architectures?
> > > > >
> > > > > But I can't find any record of this in public discussions, so ...
> > > > If I remember well, at this time, we had some (old) architectures that triggered
> > > > traps (in kernel) when a 64-bit field was accessed and unaligned. Maybe a mix
> > > > between 64-bit kernel / 32-bit userspace, I don't remember exactly. The goal was
> > > > to align u64 fields on 8 bytes.
> > >
> > > Reading the discussions I think we can chalk the alignment up
> > > to "old way of doing things". Discussion was about stats64,
> > > if someone wants to access stats directly in the message then yes,
> > > they care a lot about alignment.
> > >
> > > Today we try to steer people towards attr-per-field, rather than
> > > dumping structs. Instead of doing:
> > >
> > > struct stats *stats = nla_data(attr);
> > > print("A: %llu", stats->a);
> > >
> > > We will do:
> > >
> > > print("A: %llu", nla_get_u64(attrs[NLA_BLA_STAT_A]));
> >
> > Well, yes, although the "struct stats" part _still_ even exists in the
> > kernel, we never fixed that with the nla_put_u64_64bit() stuff, that was
> > only for something that does
> >
> > print("A: %" PRIu64, *(uint64_t *)nla_data(attrs[NLA_BLA_STAT_A]));
> >
> > > Assuming nla_get_u64() is unalign-ready the problem doesn't exist.
> >
> > Depends on the library, but at least for libnl that's true since ever.
> > Same for libmnl and libnl-tiny. So I guess it only ever hit hand-coded
> > implementations.
>
> Quick check of iproute2 shows places where stats are directly
> mapped without accessors. One example is print_mpls_stats().
You 'just' need to use the 64bit type that has __attribute__((aligned(4))).
The same is true for the code that reads/writes the value.
Better than passing by address and using memcpy();
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists