Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp5991129pxv; Thu, 29 Jul 2021 03:48:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZx/bD3yVKznhIz4UFrIsPVNP4oWl7+Jwm3NqMmZlL1YvlRdnreDqMI0WeJU4g/bG5BCJW X-Received: by 2002:a6b:1642:: with SMTP id 63mr3727841iow.68.1627555734597; Thu, 29 Jul 2021 03:48:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627555734; cv=none; d=google.com; s=arc-20160816; b=YLB1cnHGX9+5M/CQMaCVSJ4E7IQNEqRXWZGzPsqOsdh86ZnNBETZMCGhuJeNFmqC4e f0n3EWcLLTcxgMqanFJAuqmr1+lQGZxBxeJ1LgwyaNsKYsfe600ai+Xx2qtm1gh/Ravh aCyFxMq3dVE1VVaflDm82pd5OIJ6vV4X8N2sg6vGDpC6EUMpG5PCMSwijirN9a4zqByP O753M9B86uYEvNYdigqgdns06DyHFpev+/JbcYKE/OCfRitsL92pUqb2gbzOFNhkUoE0 GS/u1TCLz+wUDH2y6R4V0HfCS/FMALjhCPjJEP13bvtDdkn2IYAfALgl7hD5hdiMCNl1 BXvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:mail-followup-to:reply-to:message-id :subject:cc:to:from:date:dkim-signature:dkim-signature; bh=Ao638iMTTjsA+VNcKLaQE/T5PYOWw6rLSmI4SdHNaOg=; b=T2ZhY3K9q+gs2qvq3sH4RErzZJuKzY2Hneig4mWe0BjlOfg3RVe5cEyAzqpi7DMukU QnkpW7tTA/dkZQjRsNEgnd2tJLZOhVW12Xm72YBpdFWqjECViG2mulqzZUoZOVeDhmrK sxcmxgkCOfeqg8NG3BX0GBUnt8P8xIJK9VvTprwhYtBh4CqwVfaA97apZ9xRcF559Nxl l0hDF8SpKSPZTXPuvFFkiOWCcj7+RzSQIul1aRnPwBcqNOe47TuTOwE3Vf5vEt4Y0Kp6 wNt1+ZDvHfAVvj0eQaVK5IjHWLzXB4VqDUW02aMCExV5y2EkPPJhJp/nC4hBdU7iVp6R K+rg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=abeCZgaO; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p16si2848776ilj.162.2021.07.29.03.48.40; Thu, 29 Jul 2021 03:48:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=abeCZgaO; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235847AbhG2Ksi (ORCPT + 99 others); Thu, 29 Jul 2021 06:48:38 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:35438 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232135AbhG2Ksi (ORCPT ); Thu, 29 Jul 2021 06:48:38 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id 6BCE0201ED; Thu, 29 Jul 2021 10:48:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1627555713; h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to: cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Ao638iMTTjsA+VNcKLaQE/T5PYOWw6rLSmI4SdHNaOg=; b=abeCZgaOXkwOt0BkzLlF/+2YTZf7UkZxXuKxwx+rarlLl6+++jGA/oSR1zP1tBBkMVXgvm GT4hGzwrHWO646FIwY3QI2qOTTdotUXq3PJvQire1Y3xdHm1pRg9mNfEdMqC4y4P0XvCJK f4ThlbSAIc4M6bC7S1y1F/1mrMoaviA= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1627555713; h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to: cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Ao638iMTTjsA+VNcKLaQE/T5PYOWw6rLSmI4SdHNaOg=; b=3jaJHiWtLRI5qqhbTkmtMyPrqt0TMeDMpnw71ZVL0gyLLlXhjwjFNZFKJAOOOEzthRehoc I6ScSOeN75vLU8Cg== Received: from ds.suse.cz (ds.suse.cz [10.100.12.205]) by relay2.suse.de (Postfix) with ESMTP id 53E3BA3B81; Thu, 29 Jul 2021 10:48:33 +0000 (UTC) Received: by ds.suse.cz (Postfix, from userid 10065) id E0A69DA7AF; Thu, 29 Jul 2021 12:45:47 +0200 (CEST) Date: Thu, 29 Jul 2021 12:45:47 +0200 From: David Sterba To: Kees Cook Cc: Dan Carpenter , linux-hardening@vger.kernel.org, "Gustavo A. R. Silva" , Keith Packard , Greg Kroah-Hartman , Andrew Morton , linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, linux-staging@lists.linux.dev, linux-block@vger.kernel.org, linux-kbuild@vger.kernel.org, clang-built-linux@googlegroups.com Subject: Re: [PATCH 02/64] mac80211: Use flex-array for radiotap header bitmap Message-ID: <20210729104547.GT5047@suse.cz> Reply-To: dsterba@suse.cz Mail-Followup-To: dsterba@suse.cz, Kees Cook , Dan Carpenter , linux-hardening@vger.kernel.org, "Gustavo A. R. Silva" , Keith Packard , Greg Kroah-Hartman , Andrew Morton , linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org, dri-devel@lists.freedesktop.org, linux-staging@lists.linux.dev, linux-block@vger.kernel.org, linux-kbuild@vger.kernel.org, clang-built-linux@googlegroups.com References: <20210727205855.411487-1-keescook@chromium.org> <20210727205855.411487-3-keescook@chromium.org> <20210728073556.GP1931@kadam> <20210728092323.GW5047@twin.jikos.cz> <202107281454.F96505E15@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202107281454.F96505E15@keescook> User-Agent: Mutt/1.5.23.1-rc1 (2014-03-12) Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Wed, Jul 28, 2021 at 02:54:52PM -0700, Kees Cook wrote: > On Wed, Jul 28, 2021 at 11:23:23AM +0200, David Sterba wrote: > > On Wed, Jul 28, 2021 at 10:35:56AM +0300, Dan Carpenter wrote: > > > @@ -372,7 +372,7 @@ ieee80211_add_rx_radiotap_header(struct ieee80211_local *local, > > > ieee80211_calculate_rx_timestamp(local, status, > > > mpdulen, 0), > > > pos); > > > - rthdr->it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_TSFT); > > > + rthdr->data.it_present |= cpu_to_le32(1 << IEEE80211_RADIOTAP_TSFT); > > > > A drive-by comment, not related to the patchset, but rather the > > ieee80211 driver itself. > > > > Shift expressions with (1 << NUMBER) can be subtly broken once the > > NUMBER is 31 and the value gets silently cast to a 64bit type. It will > > become 0xfffffffff80000000. > > > > I've checked the IEEE80211_RADIOTAP_* defintions if this is even remotely > > possible and yes, IEEE80211_RADIOTAP_EXT == 31. Fortunatelly it seems to > > be used with used with a 32bit types (eg. _bitmap_shifter) so there are > > no surprises. > > > > The recommended practice is to always use unsigned types for shifts, so > > "1U << ..." at least. > > Ah, good catch! I think just using BIT() is the right replacement here, > yes? I suppose that should be a separate patch. I found definition of BIT in vdso/bits.h, that does not sound like a standard header, besides that it shifts 1UL, that may not be necessary everywhere. IIRC there were objections against using the macro at all. Looking for all the definitions, there are a few that are wrong in the sense they're using the singed type, eg. https://elixir.bootlin.com/linux/v5.14-rc3/source/arch/arm/mach-davinci/sleep.S#L7 #define BIT(nr) (1 << (nr)) ... #define DEEPSLEEP_SLEEPENABLE_BIT BIT(31) but that's an assembly file so the C integer promotions don't apply. https://elixir.bootlin.com/linux/v5.14-rc3/source/drivers/staging/rtl8723bs/include/osdep_service.h#L18 https://elixir.bootlin.com/linux/v5.14-rc3/source/drivers/staging/rtl8723bs/include/wifi.h#L15 https://elixir.bootlin.com/linux/v5.14-rc3/source/tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c#L15 #define BIT(x) (1 << (x)) Auditing and cleaning that up is for another series, yeah, I'm just pointing it here if somebody feels like doing the work. It's IMO low hanging fruit but can reveal real bugs.