lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 4 Mar 2024 21:18:13 -0500
From: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
 Linux Trace Kernel <linux-trace-kernel@...r.kernel.org>,
 Masami Hiramatsu <mhiramat@...nel.org>,
 Linus Torvalds <torvalds@...ux-foundation.org>,
 Sachin Sant <sachinp@...ux.ibm.com>
Subject: Re: [PATCH] tracing: Have trace_marker writes be just half of
 TRACE_SEQ_SIZE

On 2024-03-04 20:59, Steven Rostedt wrote:
> On Mon, 4 Mar 2024 20:42:39 -0500
> Mathieu Desnoyers <mathieu.desnoyers@...icios.com> wrote:
> 
>> #define TRACE_OUTPUT_META_DATA_MAX_LEN		80
>>
>> and a runtime check in the code generating this header.
>>
>> This would avoid adding an unchecked upper limit.
> 
> That would be a lot of complex code that is for debugging something that
> has never happened in the past 16 years and Linus has already reprimanded
> me on doing such things.

Is it more complex than remembering the iterator position in
print_trace_fmt() right before:

         if (tr->trace_flags & TRACE_ITER_CONTEXT_INFO) {
                 if (iter->iter_flags & TRACE_FILE_LAT_FMT)
                         trace_print_lat_context(iter);
                 else
                         trace_print_context(iter);
         }

and then checking just after that the offset is not beyond 128
bytes ? Perhaps there is even something internal to "iter"
that already knows about this offset (?).

This would catch any context going beyond its planned upper
limit early. Failing early and not just in rare corner cases
is good.

And it's not for debugging, it's for validation of assumptions
made about an upper bound limit defined for a compile-time
check, so as the code evolves issues are caught early.

Thanks,

Mathieu

-- 
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ