lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20210529200029.205306-23-jim.cromie@gmail.com>
Date:   Sat, 29 May 2021 14:00:17 -0600
From:   Jim Cromie <jim.cromie@...il.com>
To:     jbaron@...mai.com, gregkh@...uxfoundation.org,
        linux-kernel@...r.kernel.org
Cc:     Jim Cromie <jim.cromie@...il.com>
Subject: [RFC PATCH v6 22/34] dyndbg: validate ddebug_site_get invariants

This commit adds several BUG_ONs to assert all the invariants needed
to support the reliance on the "back-N-to-header-overto-site-out-N"
use of the 2 __dyndbg* vectors (with their included headers).

RFC: I don't think we want this permanently; BUG_ON/panic seems kinda
overkill, but its useful to know if it survives lkp auto-testing.

- dp is (struct _ddebug*) to the callsite, passed in.
- dh is (struct _ddebug*) to the header. derived from dp & _index.
  known by BUG_ON(!is_dyndbg_header(dh))
  this is the "up-N-to-header" from dp.
- dh has good site pointer, to __dyndbg_sites[]
  by BUG_ON(!is_dyndbg_header_pair())

There are 2 main cases to validate: builtin and loadable modules.

For loadable modules, we will depend upon the headers presence, and
its site pointer to the vector of _ddebug_sites[], expressed as:

  BUG_ON(&dh->site[dp->_index] != dp->site);

Builtin pr-debugs have the additional property:

  !!(&__start___dyndbg <= dp < __stop___dyndbg),

We could use this property directly to return site, but since builtin
modules also have a header record, we can use that instead.  So the
1st BUG_ON is hoisted out of the !builtin branch, and asserted just
before return.  Also hoist dh derivation, making it a declaration +
initialization + BUG_ON instead.

NB: grep -- '->site' will confirm that site is now used just for
BUG_ON assertions, so we are close to the drop.

NEXT

To drop site pointer from struct _ddebug, we need:

- recast header as a different struct, unionized with _ddebug.
- preserve site pointer there.
- drop from struct _ddebug.
- fix and fold back any fallout from size reduction.

OR defer that, and proceed with compressing __dyndbg_sites[], then
replacing ddebug_site_get's guts (with all the BUG_ONs) with a
decompress and _index.

Signed-off-by: Jim Cromie <jim.cromie@...il.com>
---
 lib/dynamic_debug.c | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/lib/dynamic_debug.c b/lib/dynamic_debug.c
index ad9971ded09a..014e3a79d8e9 100644
--- a/lib/dynamic_debug.c
+++ b/lib/dynamic_debug.c
@@ -123,6 +123,8 @@ do {								\
 #define vpr_info(fmt, ...)	vnpr_info(1, fmt, ##__VA_ARGS__)
 #define v2pr_info(fmt, ...)	vnpr_info(2, fmt, ##__VA_ARGS__)
 #define v3pr_info(fmt, ...)	vnpr_info(3, fmt, ##__VA_ARGS__)
+#define v4pr_info(fmt, ...)	vnpr_info(4, fmt, ##__VA_ARGS__)
+#define v5pr_info(fmt, ...)	vnpr_info(5, fmt, ##__VA_ARGS__)
 
 static void vpr_info_dq(const struct ddebug_query *query, const char *msg)
 {
@@ -146,7 +148,34 @@ static void vpr_info_dq(const struct ddebug_query *query, const char *msg)
 
 static struct _ddebug_site *ddebug_site_get(struct _ddebug *dp)
 {
-	return dp->site; /* passthru abstraction */
+	struct _ddebug *dh = dp - (dp->_index);
+
+	WARN_ON(!is_dyndbg_header_pair(dh, dh->site));
+
+	if (dp >= __start___dyndbg && dp < __stop___dyndbg) {
+
+		v5pr_info("get: %s is builtin: %d %d %s:%s:%d\n",
+			  dp->site->modname, dp->_index, (int)(dp - dh),
+			  dh->site[dp->_index].filename,
+			  dh->site[dp->_index].function, dp->lineno);
+
+		WARN_ON(dp != &__start___dyndbg[dp->_index]);
+
+		WARN_ON(!(dp->_index == (dp - dh) &&
+			 dp->_index == (dp - __start___dyndbg) &&
+			 dp->_index == (&__start___dyndbg_sites[dp->_index]
+					- &__start___dyndbg_sites[0])));
+
+		WARN_ON(&__start___dyndbg_sites[dp->_index] != dp->site);
+	} else {
+		v4pr_info("get: %s is loaded: %d %s:%s:%d\n",
+			  dp->site->modname, dp->_index,
+			  dh->site[dp->_index].filename,
+			  dh->site[dp->_index].function, dp->lineno);
+	}
+	WARN_ON(&dh->site[dp->_index] != dp->site);
+
+	return dp->site;
 }
 static inline void ddebug_site_put(struct _ddebug *dp)
 {
-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ