| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 May 2020 16:15:24 -0700
From: Kees Cook <keescook@...omium.org>
To: Pavel Tatashin <pasha.tatashin@...een.com>
Cc: jmorris@...ei.org, sashal@...nel.org, linux-kernel@...r.kernel.org,
pmladek@...e.com, sergey.senozhatsky@...il.com,
rostedt@...dmis.org, anton@...msg.org, ccross@...roid.com,
tony.luck@...el.com, robh+dt@...nel.org, devicetree@...r.kernel.org
Subject: Re: [PATCH v2 3/5] pstore/ram: in ramoops_platform_data convert
dump_oops to max_reason
On Tue, May 05, 2020 at 11:45:08AM -0400, Pavel Tatashin wrote:
> Now, that pstore_register() can correctly pass max_reason to kmesg dump
> facility, use it instead of dump_oops boolean.
>
> Replace in ramoops_platform_data dump_oops with max_reason. When dump_oops
> was enabled set max_reason to KMSG_DUMP_OOPS, otherwise set it to
> KMSG_DUMP_PANIC.
>
> Remove filtering logic from ramoops_pstore_write(), as that is not needed
> anymore, only dmesges specified by max_reason are passed to
> ramoops_pstore_write(). Also, because of this, we can remove
> cxt->dump_oops.
This is all looking good. I think I'd like to see patch 3 and 4 merged,
though. I'd like to make the dump_oops/max_reason conversion in one
patch. Noted below...
>
> Signed-off-by: Pavel Tatashin <pasha.tatashin@...een.com>
> ---
> Documentation/admin-guide/ramoops.rst | 11 ++++++----
> drivers/platform/chrome/chromeos_pstore.c | 2 +-
> fs/pstore/ram.c | 26 +++++++----------------
> include/linux/pstore_ram.h | 2 +-
> 4 files changed, 17 insertions(+), 24 deletions(-)
>
> diff --git a/Documentation/admin-guide/ramoops.rst b/Documentation/admin-guide/ramoops.rst
> index 6dbcc5481000..a296e1aa1617 100644
> --- a/Documentation/admin-guide/ramoops.rst
> +++ b/Documentation/admin-guide/ramoops.rst
> @@ -32,11 +32,14 @@ memory to be mapped strongly ordered, and atomic operations on strongly ordered
> memory are implementation defined, and won't work on many ARMs such as omaps.
>
> The memory area is divided into ``record_size`` chunks (also rounded down to
> -power of two) and each oops/panic writes a ``record_size`` chunk of
> +power of two) and each kmesg dump writes a ``record_size`` chunk of
> information.
>
> -Dumping both oopses and panics can be done by setting 1 in the ``dump_oops``
> -variable while setting 0 in that variable dumps only the panics.
> +Dumping reasons can be set via max_reason value, as defined in
> +include/linux/kmsg_dump.h: kmsg_dump_reason. For example, to
> +dump for both oopses and panics reasons, max_reason should be set to 2
> +(KMSG_DUMP_OOPS), to dump panics only max_reason should be set to 1
> +(KMSG_DUMP_PANIC).
>
> The module uses a counter to record multiple dumps but the counter gets reset
> on restart (i.e. new dumps after the restart will overwrite old ones).
> @@ -90,7 +93,7 @@ Setting the ramoops parameters can be done in several different manners:
> .mem_address = <...>,
> .mem_type = <...>,
> .record_size = <...>,
> - .dump_oops = <...>,
> + .max_reason = <...>,
> .ecc = <...>,
> };
Good, yes, dump_oops should be removed from the platform data structure
since that's an entirely internal API.
>
> diff --git a/drivers/platform/chrome/chromeos_pstore.c b/drivers/platform/chrome/chromeos_pstore.c
> index d13770785fb5..fa51153688b4 100644
> --- a/drivers/platform/chrome/chromeos_pstore.c
> +++ b/drivers/platform/chrome/chromeos_pstore.c
> @@ -57,7 +57,7 @@ static struct ramoops_platform_data chromeos_ramoops_data = {
> .record_size = 0x40000,
> .console_size = 0x20000,
> .ftrace_size = 0x20000,
> - .dump_oops = 1,
> + .max_reason = KMSG_DUMP_OOPS,
> };
>
> static struct platform_device chromeos_ramoops = {
> diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c
> index 795622190c01..223581aeea96 100644
> --- a/fs/pstore/ram.c
> +++ b/fs/pstore/ram.c
> @@ -81,7 +81,6 @@ struct ramoops_context {
> size_t console_size;
> size_t ftrace_size;
> size_t pmsg_size;
> - int dump_oops;
> u32 flags;
> struct persistent_ram_ecc_info ecc_info;
> unsigned int max_dump_cnt;
> @@ -381,18 +380,6 @@ static int notrace ramoops_pstore_write(struct pstore_record *record)
> if (record->type != PSTORE_TYPE_DMESG)
> return -EINVAL;
>
> - /*
> - * Out of the various dmesg dump types, ramoops is currently designed
> - * to only store crash logs, rather than storing general kernel logs.
> - */
> - if (record->reason != KMSG_DUMP_OOPS &&
> - record->reason != KMSG_DUMP_PANIC)
> - return -EINVAL;
> -
> - /* Skip Oopes when configured to do so. */
> - if (record->reason == KMSG_DUMP_OOPS && !cxt->dump_oops)
> - return -EINVAL;
> -
> /*
> * Explicitly only take the first part of any new crash.
> * If our buffer is larger than kmsg_bytes, this can never happen,
> @@ -687,7 +674,7 @@ static int ramoops_parse_dt(struct platform_device *pdev,
> pdata->mem_size = resource_size(res);
> pdata->mem_address = res->start;
> pdata->mem_type = of_property_read_bool(of_node, "unbuffered");
> - pdata->dump_oops = !of_property_read_bool(of_node, "no-dump-oops");
> + dump_oops = !of_property_read_bool(of_node, "no-dump-oops");
:
Is this setting the module param variable? That shouldn't happen here --
we may fail the DT and overwrite the user-configured setting for a
different backend. This should be a local variable and the "final"
max_reason should be calculated in this function, I think.
>
> #define parse_size(name, field) { \
> ret = ramoops_parse_dt_size(pdev, name, &value); \
> @@ -785,7 +772,6 @@ static int ramoops_probe(struct platform_device *pdev)
> cxt->console_size = pdata->console_size;
> cxt->ftrace_size = pdata->ftrace_size;
> cxt->pmsg_size = pdata->pmsg_size;
> - cxt->dump_oops = pdata->dump_oops;
> cxt->flags = pdata->flags;
> cxt->ecc_info = pdata->ecc_info;
>
> @@ -828,8 +814,14 @@ static int ramoops_probe(struct platform_device *pdev)
> * the single region size is how to check.
> */
> cxt->pstore.flags = 0;
> - if (cxt->max_dump_cnt)
> + if (cxt->max_dump_cnt) {
> cxt->pstore.flags |= PSTORE_FLAGS_DMESG;
> + if (pdata->max_reason <= 0) {
> + pdata->max_reason = dump_oops ? KMSG_DUMP_OOPS :
> + KMSG_DUMP_PANIC;
> + }
> + cxt->pstore.max_reason = pdata->max_reason;
> + }
I'm going to take a stab at reorganizing the DT, platform data, and
module args to have default handling done in a way that I like. I'm
having a hard time making specific suggestions here. :)
> if (cxt->console_size)
> cxt->pstore.flags |= PSTORE_FLAGS_CONSOLE;
> if (cxt->max_ftrace_cnt)
> @@ -865,7 +857,6 @@ static int ramoops_probe(struct platform_device *pdev)
> mem_size = pdata->mem_size;
> mem_address = pdata->mem_address;
> record_size = pdata->record_size;
> - dump_oops = pdata->dump_oops;
> ramoops_console_size = pdata->console_size;
> ramoops_pmsg_size = pdata->pmsg_size;
> ramoops_ftrace_size = pdata->ftrace_size;
> @@ -948,7 +939,6 @@ static void __init ramoops_register_dummy(void)
> pdata.console_size = ramoops_console_size;
> pdata.ftrace_size = ramoops_ftrace_size;
> pdata.pmsg_size = ramoops_pmsg_size;
> - pdata.dump_oops = dump_oops;
> pdata.flags = RAMOOPS_FLAG_FTRACE_PER_CPU;
>
> /*
> diff --git a/include/linux/pstore_ram.h b/include/linux/pstore_ram.h
> index 9cb9b9067298..9f16afec7290 100644
> --- a/include/linux/pstore_ram.h
> +++ b/include/linux/pstore_ram.h
> @@ -133,7 +133,7 @@ struct ramoops_platform_data {
> unsigned long console_size;
> unsigned long ftrace_size;
> unsigned long pmsg_size;
> - int dump_oops;
> + int max_reason;
> u32 flags;
> struct persistent_ram_ecc_info ecc_info;
> };
> --
> 2.25.1
>
So, hold off on a v3, and I'll send a series tomorrow, based on what
you've got here for v2. I like the refactoring; it's much cleaner to
have max_reason than dump_oops! :)
--
Kees Cook
Powered by blists - more mailing lists