[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXu5j+A4jXuf_TO0UF0zp-7kHUEFP8FZY=+mat96CaQ-a87LQ@mail.gmail.com>
Date: Wed, 20 Jun 2018 11:16:11 -0700
From: Kees Cook <keescook@...omium.org>
To: Boris Brezillon <boris.brezillon@...tlin.com>
Cc: Ivan Djelic <ivan.djelic@...rot.com>,
Brian Norris <computersforpeace@...il.com>,
David Woodhouse <dwmw2@...radead.org>,
Marek Vasut <marek.vasut@...il.com>,
Richard Weinberger <richard@....at>,
Linux mtd <linux-mtd@...ts.infradead.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3] lib/bch: Remove VLA usage
On Wed, Jun 20, 2018 at 12:38 AM, Boris Brezillon
<boris.brezillon@...tlin.com> wrote:
> Hi Kees,
>
> On Tue, 19 Jun 2018 16:48:17 -0700
> Kees Cook <keescook@...omium.org> wrote:
>
>> On Fri, Jun 1, 2018 at 4:09 AM, Ivan Djelic <ivan.djelic@...rot.com> wrote:
>> > On Thu, May 31, 2018 at 11:45:25AM -0700, Kees Cook wrote:
>> >> In the quest to remove all stack VLA usage from the kernel[1], this
>> >> allocates a fixed size stack array to cover the range needed for
>> >> bch. This was done instead of a preallocation on the SLAB due to
>> >> performance reasons, shown by Ivan Djelic:
>> >>
>> >> little-endian, type sizes: int=4 long=8 longlong=8
>> >> cpu: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
>> >> calibration: iter=4.9143µs niter=2034 nsamples=200 m=13 t=4
>> >>
>> >> Buffer allocation | Encoding throughput (Mbit/s)
>> >> ---------------------------------------------------
>> >> on-stack, VLA | 3988
>> >> on-stack, fixed | 4494
>> >> kmalloc | 1967
>> >>
>> >> So this change actually improves performance too, it seems.
>> >>
>> >> The resulting stack allocation can get rather large; without
>> >> CONFIG_BCH_CONST_PARAMS, it will allocate 4096 bytes, which
>> >> trips the stack size checking:
>> >>
>> >> lib/bch.c: In function ‘encode_bch’:
>> >> lib/bch.c:261:1: warning: the frame size of 4432 bytes is larger than 2048 bytes [-Wframe-larger-than=]
>> >>
>> >> Even the default case for "allmodconfig" (with CONFIG_BCH_CONST_M=14 and
>> >> CONFIG_BCH_CONST_T=4) would have started throwing a warning:
>> >>
>> >> lib/bch.c: In function ‘encode_bch’:
>> >> lib/bch.c:261:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=]
>> >>
>> >> But this is how large it's always been; it was just hidden from
>> >> the checker because it was a VLA. So the Makefile has been adjusted to
>> >> silence this warning for anything smaller than 4500 bytes, which should
>> >> provide room for normal cases, but still low enough to catch any future
>> >> pathological situations.
>> >>
>> >> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
>> >>
>> >> Signed-off-by: Kees Cook <keescook@...omium.org>
>> >> ---
>> >> v3: fix r_bytes to whole-word size
>> >> v2: switch to fixed-size stack array
>> >> ---
>> >> lib/Makefile | 1 +
>> >> lib/bch.c | 23 +++++++++++++++--------
>> >> 2 files changed, 16 insertions(+), 8 deletions(-)
>> >
>> >
>> > The patch looks good to me. It also passed my regression tests.
>> >
>> > Reviewed-by: Ivan Djelic <ivan.djelic@...rot.com>
>> > Tested-by: Ivan Djelic <ivan.djelic@...rot.com>
>>
>> Thanks for the review and testing!
>>
>> Who's the best person to carry this patch?
>
> Looks like all users of this lib are in drivers/mtd, so I can take the
> patches if you want, but I can also let you take them if you prefer.
I'd love it if you could take it; thank you!
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists