Re: [PATCH printk 1/3] printk: move printk_info into separate array

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2020-09-18, Petr Mladek <pmladek@xxxxxxxx> wrote:
>> --- a/kernel/printk/printk.c
>> +++ b/kernel/printk/printk.c
>> @@ -1097,6 +1097,7 @@ static char setup_dict_buf[CONSOLE_EXT_LOG_MAX] __initdata;
>>  
>>  void __init setup_log_buf(int early)
>>  {
>> +	struct printk_info *new_infos;
>>  	unsigned int new_descs_count;
>>  	struct prb_desc *new_descs;
>>  	struct printk_info info;
>> @@ -1156,6 +1157,17 @@ void __init setup_log_buf(int early)
>>  		return;
>>  	}
>>  
>> +	new_descs_size = new_descs_count * sizeof(struct printk_info);
>
> Must be stored into new variable, e.g.  new_infos_size.=

Ack.

>> +	new_infos = memblock_alloc(new_descs_size, LOG_ALIGN);
>> +	if (unlikely(!new_infos)) {
>> +		pr_err("log_buf_len: %zu info bytes not available\n",
>> +		       new_descs_size);
>> +		memblock_free(__pa(new_descs), new_log_buf_len);
>> +		memblock_free(__pa(new_dict_buf), new_log_buf_len);
>
> The above two calls have wrong size.
>
> The same problem is there also in the error path when new_descs
> allocation fail. It might be better to handle this using some
> goto err_* tagrets.
>
> Please, fix the old problem in a separate patch.

The "old problem" didn't exist. The problem is introduced with this
series. I will fix it with appropriate goto err_* targets for v2.

>> --- a/kernel/printk/printk_ringbuffer.c
>> +++ b/kernel/printk/printk_ringbuffer.c
>> @@ -1726,12 +1762,12 @@ static bool copy_data(struct prb_data_ring *data_ring,
>>  	/*
>>  	 * Actual cannot be less than expected. It can be more than expected
>>  	 * because of the trailing alignment padding.
>> +	 *
>> +	 * Note that invalid @len values can occur because the caller loads
>> +	 * the value during an allowed data race.
>
> I hope that this will not bite us in the future. The fact is that
> copying the entire struct printk_info in get_desc() is ugly and
> copy_data() has to be careful anyway.

It isn't an issue because the state is verified again at the end of
prb_read(). I added the comment because if all you are looking at is
copy_data(), you may not know that @len was read on a data-race. Whereas
inside of prb_read(), it is obvious that the memcpy() is a data-race.

John Ogness

_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec
[Index of Archives]     [LM Sensors]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Gimp]     [Yosemite News]     [Linux Media]
  Powered by Linux