[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 26 Oct 2016 17:48:20 -0400
From: David Windsor <dwindsor@...il.com>
To: Kees Cook <keescook@...omium.org>
Cc: "Reshetova, Elena" <elena.reshetova@...el.com>, AKASHI Takahiro <takahiro.akashi@...aro.org>,
"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>,
Hans Liljestrand <ishkamiel@...il.com>
Subject: Re: [RFC v2 PATCH 12/13] x86: implementation for HARDENED_ATOMIC
On Wed, Oct 26, 2016 at 4:51 PM, Kees Cook <keescook@...omium.org> wrote:
> On Wed, Oct 26, 2016 at 4:15 AM, Reshetova, Elena
> <elena.reshetova@...el.com> wrote:
>>>> +static __always_inline int __atomic_add_unless_wrap(atomic_wrap_t *v,
>>>> + int a, int u)
>>>> +{
>>>> + int c, old, new;
>>>> + c = atomic_read_wrap(v);
>>>> + for (;;) {
>>>> + if (unlikely(c == (u)))
>>>> + break;
>>>> +
>>>> + asm volatile("addl %2,%0\n"
>>>> +
>>>> +#ifdef CONFIG_HARDENED_ATOMIC
>>>> + "jno 0f\n"
>>>> + "subl %2,%0\n"
>>>> + "int $4\n0:\n"
>>>> + _ASM_EXTABLE(0b, 0b)
>>>> +#endif
>>>
>>> Is this a mistake? We don't need a check here.
>>
>>>Yes, this appears to be a mistake.
>>
>> Clear copy paste mistake. Fixed now. Thanks again!
>
> What was the mistake here?
>
It's an function that allows wrapping to occur: overflow protection
shouldn't happen here.
> -Kees
>
> --
> Kees Cook
> Nexus Security
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
