lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 Oct 2022 12:11:33 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     John Ogness <john.ogness@...utronix.de>
Cc:     Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH printk 16/18] printk: Use struct cons_text_buf

On Sat 2022-09-24 02:10:52, John Ogness wrote:
> From: Thomas Gleixner <tglx@...utronix.de>
> 
> Replace the separately allocated output buffers with a single instance of
> struct cons_text_buf.
> 
> Note that the buffer size of devkmsg_user.text_buf, when replaced with
> cons_text_buf.text, reduces from CONSOLE_EXT_LOG_MAX to CONSOLE_LOG_MAX.
> However, the buffer is only used to read ringbuffer records, which have
> a maximum size of LOG_LINE_MAX (CONSOLE_LOG_MAX - PREFIX_MAX).
> 
> Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
> Signed-off-by: John Ogness <john.ogness@...utronix.de>
> ---
>  kernel/printk/printk.c | 50 ++++++++++++++++++------------------------
>  1 file changed, 21 insertions(+), 29 deletions(-)
> 
> diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
> index 65e9903d066f..9cbd44e9fc45 100644
> --- a/kernel/printk/printk.c
> +++ b/kernel/printk/printk.c
> @@ -671,11 +671,9 @@ struct devkmsg_user {
>  	atomic64_t seq;
>  	struct ratelimit_state rs;
>  	struct mutex lock;
> -	char buf[CONSOLE_EXT_LOG_MAX];
> -
>  	struct printk_info info;
> -	char text_buf[CONSOLE_EXT_LOG_MAX];
>  	struct printk_record record;
> +	struct cons_text_buf txtbuf;

I think about how to make it more clear that @txtbuf is not a simple
text buffer. It would help to better follow the code.

What about renaming "struct cons_text_buf", for example:

	struct con_text_bufs;
	struct con_bufs;
	struct console_text_buffers;
	struct console_buffers;

and use the variables, for example:

	ctbufs, cbufs, ct_bufs, c_bufs, con_bufs

>  };
>  
>  static __printf(3, 4) __cold
> @@ -758,6 +756,8 @@ static ssize_t devkmsg_read(struct file *file, char __user *buf,
>  {
>  	struct devkmsg_user *user = file->private_data;
>  	struct printk_record *r = &user->record;
> +	char *outbuf = user->txtbuf.ext_text;

Please, use either "ext_text" or "ext_text_buf". 

> +	const int maxlen = sizeof(user->txtbuf.ext_text);

and "ext_text_size" or "ext_text_buf_size"

to follow the existing style, for example:

	info_print_ext_header(buf, size, info).
	prb_rec_init_rd(r, info, text_buf, text_buf_size).

>  	size_t len;
>  	ssize_t ret;
>  
> @@ -2741,13 +2742,13 @@ static bool console_emit_next_record(struct console *con, char *text, char *ext_
>  		goto skip;
>  	}
>  
> -	if (ext_text) {
> -		write_text = ext_text;
> -		len = info_print_ext_header(ext_text, CONSOLE_EXT_LOG_MAX, r.info);
> -		len += msg_print_ext_body(ext_text + len, CONSOLE_EXT_LOG_MAX - len,
> +	if (extmsg) {

We could get this from the console flags:

	if (con->flags & CON_EXTENDED) {

> +		write_text = txtbuf->ext_text;
> +		len = info_print_ext_header(write_text, CONSOLE_EXT_LOG_MAX, r.info);
> +		len += msg_print_ext_body(write_text + len, CONSOLE_EXT_LOG_MAX - len,
>  					  &r.text_buf[0], r.info->text_len, &r.info->dev_info);

I would use this opportunity and get rid of the hardcoded *_LOG_MAX
lengts and something like:

		write_text = txtbuf->ext_text;
		write_text_size = sizeof(txtbuf->ext_text);
		len = info_print_ext_header(write_text, write_text_size, r.info);
		len += msg_print_ext_body(write_text + len, write_text_size - len,
					  &r.text_buf[0], r.info->text_len, &r.info->dev_info);


Using the hard coded size is error prone. It makes the review
complicated especially when we are going to pass the buffers
via some structures or generic pointers. I always have to check
if it is still the same buffer.

The only sane way is to use either sizeof(buf) or pass/store
@buf_size.


In addition, I would set here:

		dropped_text = txtbuf->ext_text;
		dropped_text_size = sizeof(txtbuf->ext_text);

As a result, we could define as:

struct con_text_bufs {
	char	ext_text[CONSOLE_EXT_LOG_MAX];
	char	text[CONSOLE_LOG_MAX];
} __no_randomize_layout;

and remove DROPPED_TEXT_MAX. I see that it is actually done later
anyway. Adding the union is just a temporary twist that complicates
the review.

>  	} else {
> -		write_text = text;
> +		write_text = txtbuf->text;
>  		len = record_print_text(&r, console_msg_format & MSG_FORMAT_SYSLOG, printk_time);

		write_text = txtbuf->text;
		write_text_size = sizeof(txtbuf->text);
		len = record_print_text(&r, console_msg_format & MSG_FORMAT_SYSLOG, printk_time);

		dropped_text = NULL;
		dropped_text_size = 0;

>  	}
>  
> @@ -2765,7 +2766,7 @@ static bool console_emit_next_record(struct console *con, char *text, char *ext_
>  	console_lock_spinning_enable();
>  
>  	stop_critical_timings();	/* don't trace print latency */
> -	call_console_driver(con, write_text, len, dropped_text);
> +	call_console_driver(con, write_text, len, extmsg ? NULL : txtbuf->dropped_text);

	call_console_driver(con, write_text, len, dropped_text, dropped_text_size);

>  	start_critical_timings();
>  
>  	con->seq++;

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ