lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 29 Apr 2019 12:48:26 +0800
From:   Pingfan Liu <kernelfans@...il.com>
To:     Dave Young <dyoung@...hat.com>
Cc:     Matthias Brugger <mbrugger@...e.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Rich Felker <dalias@...c.org>, linux-ia64@...r.kernel.org,
        Julien Thierry <julien.thierry@....com>,
        Yangtao Li <tiny.windzz@...il.com>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Palmer Dabbelt <palmer@...ive.com>,
        Heiko Carstens <heiko.carstens@...ibm.com>, x86@...nel.org,
        linux-mips@...r.kernel.org, Paul Mackerras <paulus@...ba.org>,
        "H. Peter Anvin" <hpa@...or.com>, linux-s390@...r.kernel.org,
        Florian Fainelli <f.fainelli@...il.com>,
        Yoshinori Sato <ysato@...rs.sourceforge.jp>,
        linux-sh@...r.kernel.org, Michael Ellerman <mpe@...erman.id.au>,
        David Hildenbrand <david@...hat.com>,
        Russell King <linux@...linux.org.uk>,
        Ingo Molnar <mingo@...hat.com>,
        linux-arm-kernel@...ts.infradead.org,
        Catalin Marinas <catalin.marinas@....com>,
        James Hogan <jhogan@...nel.org>,
        Fenghua Yu <fenghua.yu@...el.com>,
        Will Deacon <will.deacon@....com>,
        linuxppc-dev@...ts.ozlabs.org,
        Ananth N Mavinakayanahalli <ananth@...ux.vnet.ibm.com>,
        Borislav Petkov <bp@...en8.de>, Stefan Agner <stefan@...er.ch>,
        Thomas Gleixner <tglx@...utronix.de>,
        Hari Bathini <hbathini@...ux.ibm.com>,
        Jens Axboe <axboe@...nel.dk>, Tony Luck <tony.luck@...el.com>,
        Baoquan He <bhe@...hat.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Robin Murphy <robin.murphy@....com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Ralf Baechle <ralf@...ux-mips.org>,
        Thomas Bogendoerfer <tbogendoerfer@...e.de>,
        Paul Burton <paul.burton@...s.com>,
        Johannes Weiner <hannes@...xchg.org>,
        Martin Schwidefsky <schwidefsky@...ibm.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Logan Gunthorpe <logang@...tatee.com>,
        Greg Hackmann <ghackmann@...roid.com>,
        kexec@...ts.infradead.org
Subject: Re: [PATCHv2] kernel/crash: make parse_crashkernel()'s return value
 more indicant

On Mon, Apr 29, 2019 at 11:04 AM Pingfan Liu <kernelfans@...il.com> wrote:
>
> On Sun, Apr 28, 2019 at 4:37 PM Dave Young <dyoung@...hat.com> wrote:
> >
> > On 04/25/19 at 04:20pm, Pingfan Liu wrote:
> > > On Wed, Apr 24, 2019 at 4:31 PM Matthias Brugger <mbrugger@...e.com> wrote:
> > > >
> > > >
> > > [...]
> > > > > @@ -139,6 +141,8 @@ static int __init parse_crashkernel_simple(char *cmdline,
> > > > >               pr_warn("crashkernel: unrecognized char: %c\n", *cur);
> > > > >               return -EINVAL;
> > > > >       }
> > > > > +     if (*crash_size == 0)
> > > > > +             return -EINVAL;
> > > >
> > > > This covers the case where I pass an argument like "crashkernel=0M" ?
> > > > Can't we fix that by using kstrtoull() in memparse and check if the return value
> > > > is < 0? In that case we could return without updating the retptr and we will be
> > > > fine.
> > > >
> > > It seems that kstrtoull() treats 0M as invalid parameter, while
> > > simple_strtoull() does not.
> > >
> > > If changed like your suggestion, then all the callers of memparse()
> > > will treats 0M as invalid parameter. This affects many components
> > > besides kexec.  Not sure this can be done or not.
> >
> > simple_strtoull is obsolete, move to kstrtoull is the right way.
> >
> > $ git grep memparse|wc
> >     158     950   10479
> >
> > Except some documentation/tools etc there are still a log of callers
> > which directly use the return value as the ull number without error
> > checking.
> >
> > So it would be good to mark memparse as obsolete as well in
> > lib/cmdline.c, and introduce a new function eg. kmemparse() to use
> > kstrtoull,  and return a real error code, and save the size in an
> > argument like &size.  Then update X86 crashkernel code to use it.
> >
> Thank for your good suggestion.
>
Go through the v5.0 kernel code, I think it will be a huge job.

The difference between unsigned long long simple_strtoull(const char
*cp, char **endp, unsigned int base) and int _kstrtoull(const char *s,
unsigned int base, unsigned long long *res) is bigger than expected,
especially the output parameter @res. Many references to
memparse(const char *ptr, char **retptr) rely on @retptr to work. A
typical example from arch/x86/kernel/e820.c
        mem_size = memparse(p, &p);
        if (p == oldp)
                return -EINVAL;

        userdef = 1;
        if (*p == '@') {  <----------- here
                start_at = memparse(p+1, &p);
                e820__range_add(start_at, mem_size, E820_TYPE_RAM);
        } else if (*p == '#') {
                start_at = memparse(p+1, &p);
                e820__range_add(start_at, mem_size, E820_TYPE_ACPI);
        } else if (*p == '$') {
                start_at = memparse(p+1, &p);
                e820__range_add(start_at, mem_size, E820_TYPE_RESERVED);
        }

So we need to resolve the prototype of kstrtoull() firstly, and maybe
kstrtouint() etc too. All of them have lots of references in kernel.

Any idea about this?

Thanks,
Pingfan

Powered by blists - more mailing lists