Mips handling of signed integer overflows

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear Mips maintainers,

back in 2006, commit 36ccf1c0e391 ("[MIPS] Make integer overflow
exceptions in kernel mode fatal.") forced the kernel to panic on
integer overflows.

But three years later in 2009, commit 68df3755e383 ("Add '-fwrapv'
to gcc CFLAGS") ensured that integer overflows are not undefined
behavior and instead force wraparound.

I assume this means that the compiler uses non-trapping instructions
for addition/subtraction on Mips.  Consequently, calling die_if_kernel()
from do_ov() in arch/mips/kernel/traps.c should no longer be necessary
as it can never happen.

Can you confirm or deny this?

I came across this because ecdsa_get_signature_rs() in crypto/ecdsa.c
performs a subtraction which may lead to a signed integer overflow:

https://lore.kernel.org/all/Zp5b7ZQaXfGbkCVC@xxxxxxxxx/

If gcc ignores -fno-strict-overflow on Mips and raises an exception,
the kernel would panic in ecdsa_get_signature_rs() for a sufficiently
large ASN.1-encoded integer.

Thanks,

Lukas




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux