Re: [PATCH 1/2] wordpart.h: Helpers for making u16/u32/u64 values
From: Kees Cook
Date: Wed Feb 14 2024 - 17:09:43 EST
On Wed, Feb 14, 2024 at 10:46:53PM +0100, Michal Wajdeczko wrote:
> It is quite common practice to make u16, u32 or u64 values from
> smaller words. Add simple helpers for that.
>
> Signed-off-by: Michal Wajdeczko <michal.wajdeczko@xxxxxxxxx>
> ---
> v2: new macro names due to conflict with crypto/aria.h
> explicit cast and truncation everywhere (Alexey)
> moved to wordpart.h (Andy)
> ---
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
> Cc: Alexey Dobriyan <adobriyan@xxxxxxxxx>
> Cc: Jani Nikula <jani.nikula@xxxxxxxxx>
> ---
> include/linux/wordpart.h | 32 ++++++++++++++++++++++++++++++++
> 1 file changed, 32 insertions(+)
>
> diff --git a/include/linux/wordpart.h b/include/linux/wordpart.h
> index f6f8f83b15b0..8c75a5355112 100644
> --- a/include/linux/wordpart.h
> +++ b/include/linux/wordpart.h
> @@ -31,6 +31,38 @@
> */
> #define lower_16_bits(n) ((u16)((n) & 0xffff))
>
> +/**
> + * make_u16_from_u8 - make u16 value from two u8 values
> + * @hi: value representing upper 8 bits
> + * @lo: value representing lower 8 bits
> + */
> +#define make_u16_from_u8(hi, lo) ((u16)((u16)(u8)(hi) << 8 | (u8)(lo)))
Do we want to actually do type validation here? Right now it's just
cast/truncating, which based on the version log is by design. Is silent
truncation the right thing to do?
--
Kees Cook