Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp700667pxb;
        Fri, 22 Apr 2022 09:27:31 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwOBgQAM9yF0PHGhEDQvX0JUK3N3nxR3X+pz50m6HxjnYHmfJTTDWJfIiBABqfSqLY5gJkx
X-Received: by 2002:a17:907:168a:b0:6df:ad44:3009 with SMTP id hc10-20020a170907168a00b006dfad443009mr5029693ejc.176.1650644851392;
        Fri, 22 Apr 2022 09:27:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1650644851; cv=none;
        d=google.com; s=arc-20160816;
        b=HpJ/NrMst+mfyLnZeGfSdVydoqsYIoirGfP1UQcbFfF2qArC7U5rbAfUFWkOh9IcOJ
         gvg3Qm7NpoGGHbLFZk2UfV2HRcMqWd8YODbVfb6pl+woDbXRoa3WDwO0SY5F/i/Mtgrh
         uBEWXgxPiQfUnVySj6bnSoYBTQN1PIfNGaVqi5fK03CUkZW/oQ+zO2d+OfPZcHXurXN2
         1fzf4qOaNdmLcEdgLvuvE/KI9FX+QYByihgH4JaBJKQJ//QUZPBIKcH7mPFIsR+XzY3Y
         X+368HU2yMfddbsTeQv5ZEJrtFt46Ln9QZpj/CSKSuhlqhgF2My0Wi3ZrdSybtvzrX+r
         dxGA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:subject
         :from:references:cc:to:content-language:user-agent:mime-version:date
         :message-id:dkim-signature;
        bh=FqPNr7Yxin7u3Q9unL1CBuJHvHIuEOmvPE+0xMdNeTU=;
        b=j4HJIDRhMZA3j9wTEPngnbPfSP4ZZ29KnQYc9gmsS/oumC/JexcIZGggEi84w8jY7h
         Er/phkgKs0BfVfKuS4F8nXNQ/aDNYOL/tPUlKdlg9a4f8OZkG/sZL9/gj1NKpfFDVCNO
         Wpohvbwo2WojiESc6V8OkLWJNAB9bo1DHmR6j2Gp0P/8xe+tZXNVsv5xeppjYsTizcNH
         ibl7zBnok/OwMsZJLDNN3y7+wWSErmftbMZPNHZCjEa8WpyxjIAKxUY+LXDUEHS5RvMQ
         6Oa6LNRR/5vwNnhZJalpagu3l5g6dTT8VX5ZO/C4bWnGZwei6xmfi2HiDsiGRJU+A2oj
         e8uQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@digikod.net header.s=20191114 header.b="z/OZ9pMP";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id o9-20020a056402438900b0041d650cda3asi7482501edc.577.2022.04.22.09.27.06;
        Fri, 22 Apr 2022 09:27:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@digikod.net header.s=20191114 header.b="z/OZ9pMP";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1390772AbiDURby (ORCPT <rfc822;phruse7@gmail.com> + 99 others);
        Thu, 21 Apr 2022 13:31:54 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59770 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230494AbiDURbx (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 21 Apr 2022 13:31:53 -0400
Received: from smtp-bc08.mail.infomaniak.ch (smtp-bc08.mail.infomaniak.ch [IPv6:2001:1600:4:17::bc08])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E618446B1E
        for <linux-crypto@vger.kernel.org>; Thu, 21 Apr 2022 10:29:02 -0700 (PDT)
Received: from smtp-2-0001.mail.infomaniak.ch (unknown [10.5.36.108])
        by smtp-3-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4Kkkzd1GFJzMq0wj;
        Thu, 21 Apr 2022 19:29:01 +0200 (CEST)
Received: from ns3096276.ip-94-23-54.eu (unknown [23.97.221.149])
        by smtp-2-0001.mail.infomaniak.ch (Postfix) with ESMTPA id 4KkkzZ4twRzljsTN;
        Thu, 21 Apr 2022 19:28:58 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=digikod.net;
        s=20191114; t=1650562141;
        bh=AWCSMTsYxeqMfpT4j3/IgWzaiuTFvDGAFKxBu/PEs7A=;
        h=Date:To:Cc:References:From:Subject:In-Reply-To:From;
        b=z/OZ9pMPUnN5igC3T/CamIvR4CIXw3gz6R7fedUtl/VSHSza2ngjhZy0EATPOaHDm
         agAxEYfJstLZ6XqTARPrKMFOzlTvA9/IQvygJjWfIK3xUJfZKaSnsL7Vk5jCIofP9l
         RzFPfwpm0yireL020AbdYTSvdNbgMY7Uw0+hj3fw=
Message-ID: <329a078d-29e3-e41e-3118-cd8f3e00b003@digikod.net>
Date:   Thu, 21 Apr 2022 19:29:10 +0200
MIME-Version: 1.0
User-Agent: 
Content-Language: en-US
To:     Jarkko Sakkinen <jarkko@kernel.org>
Cc:     David Howells <dhowells@redhat.com>,
        David Woodhouse <dwmw2@infradead.org>,
        "David S . Miller" <davem@davemloft.net>,
        Eric Snowberg <eric.snowberg@oracle.com>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        James Morris <jmorris@namei.org>,
        =?UTF-8?Q?Micka=c3=abl_Sala=c3=bcn?= <mic@linux.microsoft.com>,
        Mimi Zohar <zohar@linux.ibm.com>,
        "Serge E . Hallyn" <serge@hallyn.com>,
        Tyler Hicks <tyhicks@linux.microsoft.com>,
        keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
        linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-security-module@vger.kernel.org
References: <20210312171232.2681989-4-mic@digikod.net>
 <20210312171232.2681989-1-mic@digikod.net>
 <648218.1650450548@warthog.procyon.org.uk> <YmF0eAh7dYmtLDVx@kernel.org>
 <01ec2ce7-986d-451a-4a36-f627263ef826@digikod.net>
 <YmF+4ZZCZxH9OrS+@kernel.org>
From:   =?UTF-8?Q?Micka=c3=abl_Sala=c3=bcn?= <mic@digikod.net>
Subject: Re: [PATCH v7 3/5] certs: Make blacklist_vet_description() more
 strict
In-Reply-To: <YmF+4ZZCZxH9OrS+@kernel.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org


On 21/04/2022 17:57, Jarkko Sakkinen wrote:
> On Thu, Apr 21, 2022 at 05:27:42PM +0200, Mickaël Salaün wrote:
>>
>> On 21/04/2022 17:12, Jarkko Sakkinen wrote:
>>> On Wed, Apr 20, 2022 at 11:29:08AM +0100, David Howells wrote:
>>>> Mickaël Salaün <mic@digikod.net> wrote:
>>>>
>>>>> +	/* The following algorithm only works if prefix lengths match. */
>>>>> +	BUILD_BUG_ON(sizeof(tbs_prefix) != sizeof(bin_prefix));
>>>>> +	prefix_len = sizeof(tbs_prefix) - 1;
>>>>> +	for (i = 0; *desc; desc++, i++) {
>>>>> +		if (*desc == ':') {
>>>>> +			if (tbs_step == prefix_len)
>>>>> +				goto found_colon;
>>>>> +			if (bin_step == prefix_len)
>>>>> +				goto found_colon;
>>>>> +			return -EINVAL;
>>>>> +		}
>>>>> +		if (i >= prefix_len)
>>>>> +			return -EINVAL;
>>>>> +		if (*desc == tbs_prefix[i])
>>>>> +			tbs_step++;
>>>>> +		if (*desc == bin_prefix[i])
>>>>> +			bin_step++;
>>>>> +	}
>>>>
>>>> I wonder if:
>>>>
>>>> 	static const char tbs_prefix[] = "tbs:";
>>>> 	static const char bin_prefix[] = "bin:";
>>>>
>>>> 	if (strncmp(desc, tbs_prefix, sizeof(tbs_prefix) - 1) == 0 ||
>>>> 	    strncmp(desc, bin_prefix, sizeof(bin_prefix) - 1) == 0)
>>>> 		goto found_colon;
>>>>
>>>> might be better.
>>>>
>>>> David
>>>
>>> I think it'd be.
>>>
>>> BR, Jarkko
>>
>> I'm confused. Didn't you plan to send this patch series before v5.18-rc2?
>> It's been a while since I started working on this.
> 
> That was my original plan but due to some other things, I've sent
> a PR for rc4. I CC'd you to the PR.

OK, I missed it. My micro-optimization isn't worth it, strncmp is much 
simple indeed.