| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Oct 2013 09:40:40 +0800 From: Chen Gang <gang.chen@...anux.com> To: paulmck@...ux.vnet.ibm.com CC: josh@...edesktop.org, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [Suggestion] kernel/rcutorture.c: about using scnprintf() instead of sprintf(). On 10/14/2013 07:24 PM, Paul E. McKenney wrote: > On Mon, Oct 14, 2013 at 10:22:20AM +0800, Chen Gang wrote: >>> - intend to shrink maximized buffer (PAGE_SIZE -> 64, 256 ..) for test. > > This is a good start! However, you should also test the original kernel > to be sure that it really fails. You should of course start by asking > yourself how you would expect it to fail. > When shrink size, for scnprintf() we already got truncation, that means if we still use sprintf(), it will cause memory overflow. For memory overflow, it does not means OS will stop quickly, one of the worst condition is "it may still seems going 'well' but sometimes may/will show some amazing things which is not easy to find root cause". So for this kind of memory overflow, "shrinking size and letting scnprintf() instead of sprintf() to see whether truncation" is well enough. > What other change should you make to test this in order to be sure that > it will really work when someone tries it on 1024 CPUs? (I am asking > rather than telling because you really need to have this stuff worked > out on your initial submission.) > Hmm... Can it really work on 1024 CPUs? sorry I don't know. But in fact, that is not about this patch (it is just one of case which may cause issues). This patch is only about "use truncation instead of memory overflow, and make sure the modification without negative effect". So in my opinion, current test case is enough for this requirement. Maybe you want to let this module get additional test to find additional issues? (If so, I will try when my time resource is possible). > Another way of thinking about this is to ask yourself the question "If > someone ran rcutorture with torture_type=srcu on a system with 1024 CPUs > (to say nothing of 4096 CPUs), what would they want to happen?" Then: > "How would I test for that on a smaller system?" > We have to face the efficiency: it is only a test module, if the tester (assume he/she is a programmer, too) notices about the truncation, they can simply extend the maximize length to avoid truncation. At least for me, "rcutorture.c" is really easy enough for a programmer to test rcu (and also, it is really a useful tool for test rcu). And for "1024 CPUs", I think one of efficient way is: "when some members use it under 1024 CPUs, if they find something can be improvement, they can report/send related patch". Hmm... maybe the comment "it is ... additional test or consideration" need be removed: 'additional' and 'consideration' are not suitable words to be appeared in comments (they are not precise word). Thanks. -- Chen Gang -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists