lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Oct 2022 19:08:10 -0700 From: Kees Cook <keescook@...omium.org> To: Ard Biesheuvel <ardb@...nel.org> Cc: Kees Cook <keescook@...omium.org>, Tony Luck <tony.luck@...el.com>, "Guilherme G. Piccoli" <gpiccoli@...lia.com>, Nick Terrell <terrelln@...com>, linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH 2/5] pstore: Allow for arbitrary compression algorithm Since there is no longer a need for figuring out worst-case compression size, there is no reason to limit the compression algorithm choice. Greatly simplifies Kconfig. Cc: Tony Luck <tony.luck@...el.com> Cc: "Guilherme G. Piccoli" <gpiccoli@...lia.com> Cc: Nick Terrell <terrelln@...com> Cc: linux-hardening@...r.kernel.org Signed-off-by: Kees Cook <keescook@...omium.org> --- fs/pstore/Kconfig | 122 ++++++++++++------------------------------- fs/pstore/platform.c | 39 ++++++-------- 2 files changed, 47 insertions(+), 114 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index 8adabde685f1..a95b3981cb0e 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -22,99 +22,41 @@ config PSTORE_DEFAULT_KMSG_BYTES Defines default size of pstore kernel log storage. Can be enlarged if needed, not recommended to shrink it. -config PSTORE_DEFLATE_COMPRESS - tristate "DEFLATE (ZLIB) compression" - default y - depends on PSTORE - select CRYPTO_DEFLATE - help - This option enables DEFLATE (also known as ZLIB) compression - algorithm support. - -config PSTORE_LZO_COMPRESS - tristate "LZO compression" - depends on PSTORE - select CRYPTO_LZO - help - This option enables LZO compression algorithm support. - -config PSTORE_LZ4_COMPRESS - tristate "LZ4 compression" - depends on PSTORE - select CRYPTO_LZ4 - help - This option enables LZ4 compression algorithm support. - -config PSTORE_LZ4HC_COMPRESS - tristate "LZ4HC compression" - depends on PSTORE - select CRYPTO_LZ4HC - help - This option enables LZ4HC (high compression) mode algorithm. - -config PSTORE_842_COMPRESS - bool "842 compression" - depends on PSTORE - select CRYPTO_842 - help - This option enables 842 compression algorithm support. - -config PSTORE_ZSTD_COMPRESS - bool "zstd compression" - depends on PSTORE - select CRYPTO_ZSTD - help - This option enables zstd compression algorithm support. - -config PSTORE_COMPRESS - def_bool y - depends on PSTORE - depends on PSTORE_DEFLATE_COMPRESS || PSTORE_LZO_COMPRESS || \ - PSTORE_LZ4_COMPRESS || PSTORE_LZ4HC_COMPRESS || \ - PSTORE_842_COMPRESS || PSTORE_ZSTD_COMPRESS - choice - prompt "Default pstore compression algorithm" - depends on PSTORE_COMPRESS - help - This option chooses the default active compression algorithm. - This change be changed at boot with "pstore.compress=..." on - the kernel command line. - - Currently, pstore has support for 6 compression algorithms: - deflate, lzo, lz4, lz4hc, 842 and zstd. - - The default compression algorithm is deflate. - - config PSTORE_DEFLATE_COMPRESS_DEFAULT - bool "deflate" if PSTORE_DEFLATE_COMPRESS - - config PSTORE_LZO_COMPRESS_DEFAULT - bool "lzo" if PSTORE_LZO_COMPRESS - - config PSTORE_LZ4_COMPRESS_DEFAULT - bool "lz4" if PSTORE_LZ4_COMPRESS - - config PSTORE_LZ4HC_COMPRESS_DEFAULT - bool "lz4hc" if PSTORE_LZ4HC_COMPRESS - - config PSTORE_842_COMPRESS_DEFAULT - bool "842" if PSTORE_842_COMPRESS - - config PSTORE_ZSTD_COMPRESS_DEFAULT - bool "zstd" if PSTORE_ZSTD_COMPRESS - + prompt "Panic dump compression" + depends on PSTORE + default PSTORE_COMPRESS_CRYPTO + help + Choose whether and how to compress the panic dump output. This + is usually only needed for very storage-constrained backends. + + config PSTORE_COMPRESS_CRYPTO + bool "Use an arbitrary compression algorithm via the Crypto API" + help + If the default compression algorithm from PSTORE_COMPRESS + is not desired, an arbitrary one can be chosen if it is + available to from the Crypto API. Note that this may reserve + non-trivial amounts of per-CPU memory. + + config PSTORE_COMPRESS_NONE + bool "Do not compress panic dumps" + help + Do not compress the panic dump output. This leave the + output easily readable in memory, if non-pstore forensics + tools want to examine the contents easily. endchoice -config PSTORE_COMPRESS_DEFAULT - string - depends on PSTORE_COMPRESS - default "deflate" if PSTORE_DEFLATE_COMPRESS_DEFAULT - default "lzo" if PSTORE_LZO_COMPRESS_DEFAULT - default "lz4" if PSTORE_LZ4_COMPRESS_DEFAULT - default "lz4hc" if PSTORE_LZ4HC_COMPRESS_DEFAULT - default "842" if PSTORE_842_COMPRESS_DEFAULT - default "zstd" if PSTORE_ZSTD_COMPRESS_DEFAULT +config PSTORE_COMPRESS_CRYPTO_DEFAULT + string "Crypto API compression algorithm" + depends on PSTORE_COMPRESS_CRYPTO + default "zstd" + help + This option chooses the default active compression algorithm, + and can be changed at boot with "pstore.compress=..." on the + kernel command line. The chosen compression algorithm needs to + be available to the crypto subsystem for it to be usable by + pstore. For example, "zstd" needs CONFIG_CRYPTO_ZSTD, "deflate" + needs CONFIG_CRYPTO_DEFLATE, etc. config PSTORE_CONSOLE bool "Log kernel console messages" diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index ef0bc3ae161b..1f01c4b904fc 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -16,15 +16,6 @@ #include <linux/console.h> #include <linux/module.h> #include <linux/pstore.h> -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -#include <linux/lzo.h> -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) -#include <linux/lz4.h> -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -#include <linux/zstd.h> -#endif #include <linux/crypto.h> #include <linux/string.h> #include <linux/timer.h> @@ -80,9 +71,9 @@ static char *backend; module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); -static char *compress = -#ifdef CONFIG_PSTORE_COMPRESS_DEFAULT - CONFIG_PSTORE_COMPRESS_DEFAULT; +static char *compress __ro_after_init = +#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; #else NULL; #endif @@ -166,18 +157,18 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { - int ret; + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + int ret; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS)) - return -EINVAL; - - ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); - if (ret) { - pr_err("crypto_comp_compress failed, ret = %d!\n", ret); - return ret; + ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (ret) { + pr_err("crypto_comp_compress failed, ret = %d!\n", ret); + return ret; + } + return outlen; } - return outlen; + return -EINVAL; } static void allocate_buf_for_compression(void) @@ -187,7 +178,7 @@ static void allocate_buf_for_compression(void) char *buf; /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) return; /* Skip if no pstore backend yet or compression init already done. */ @@ -226,7 +217,7 @@ static void allocate_buf_for_compression(void) static void free_buf_for_compression(void) { - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && tfm) { + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm = NULL; } @@ -578,7 +569,7 @@ static void decompress_record(struct pstore_record *record) int unzipped_len; char *unzipped, *workspace; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !record->compressed) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; /* Only PSTORE_TYPE_DMESG support compression. */ -- 2.34.1
Powered by blists - more mailing lists