Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-27 Thread David Laight
From: Linus Torvalds > Sent: 24 April 2022 22:42 > > On Sun, Apr 24, 2022 at 2:37 PM Linus Torvalds > wrote: > > > > Finally, for the same reason - please don't use ">> 8". Because I do > > not believe that bit 8 is well-defined in your arithmetic. The *sign* > > bit will be, but I'm not

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-27 Thread David Laight
From: Mikulas Patocka > Sent: 25 April 2022 12:04 > > On Mon, 25 Apr 2022, David Laight wrote: > > > From: Linus Torvalds > > > Sent: 24 April 2022 22:42 > > > > > > On Sun, Apr 24, 2022 at 2:37 PM Linus Torvalds > > > wrote: > > > > > > > > Finally, for the same reason - please don't use ">>

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-25 Thread Mikulas Patocka
On Mon, 25 Apr 2022, David Laight wrote: > From: Mikulas Patocka > > Sent: 25 April 2022 12:04 > > > > On Mon, 25 Apr 2022, David Laight wrote: > > > > > From: Linus Torvalds > > > > Sent: 24 April 2022 22:42 > > > > > > > > On Sun, Apr 24, 2022 at 2:37 PM Linus Torvalds > > > > wrote: > >

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-25 Thread Mikulas Patocka
On Mon, 25 Apr 2022, David Laight wrote: > From: Linus Torvalds > > Sent: 24 April 2022 22:42 > > > > On Sun, Apr 24, 2022 at 2:37 PM Linus Torvalds > > wrote: > > > > > > Finally, for the same reason - please don't use ">> 8". Because I do > > > not believe that bit 8 is well-defined in

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-24 Thread Linus Torvalds
On Sun, Apr 24, 2022 at 2:37 PM Linus Torvalds wrote: > > Finally, for the same reason - please don't use ">> 8". Because I do > not believe that bit 8 is well-defined in your arithmetic. The *sign* > bit will be, but I'm not convinced bit 8 is. Hmm.. I think it's ok. It can indeed overflow in

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-24 Thread Linus Torvalds
On Sun, Apr 24, 2022 at 1:54 PM Mikulas Patocka wrote: > > + * > + * Explanation of the logic: > + * (ch - '9' - 1) is negative if ch <= '9' > + * ('0' - 1 - ch) is negative if ch >= '0' True, but... Please, just to make me happier, make the sign of 'ch' be something very explicit. Right now

Re: [dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-24 Thread Joe Perches
On Sun, 2022-04-24 at 16:54 -0400, Mikulas Patocka wrote: > This patch changes the function hex_to_bin so that it contains no branches > and no memory accesses. [] > +++ linux-2.6/lib/hexdump.c 2022-04-24 18:51:20.0 +0200 [] > + * the next line is similar to the previous one, but we need

[dm-devel] [PATCH] hex2bin: make the function hex_to_bin constant-time

2022-04-24 Thread Mikulas Patocka
The function hex2bin is used to load cryptographic keys into device mapper targets dm-crypt and dm-integrity. It should take constant time independent on the processed data, so that concurrently running unprivileged code can't infer any information about the keys via microarchitectural convert