From patchwork Sat Mar 2 15:55:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steven Rostedt X-Patchwork-Id: 209229 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:fa17:b0:10a:f01:a869 with SMTP id ju23csp535241dyc; Sat, 2 Mar 2024 07:53:32 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUs/qnZFl1RQUYjUaBwi3t2xmEVD0ljBdAe+UrDMTaozcvcxmMduERNocTnaYJ32q89DZWBXx8bITcesZV6HaQPcoJc6Q== X-Google-Smtp-Source: AGHT+IF7H8mL59kvvWHvaO9ba8JoK43QPHhJo15AyhH+SFO9ME4HZpP+M09l28Yxeyz18JrhuZsA X-Received: by 2002:a17:906:4099:b0:a45:720:b60b with SMTP id u25-20020a170906409900b00a450720b60bmr60400ejj.12.1709394811812; Sat, 02 Mar 2024 07:53:31 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709394811; cv=pass; d=google.com; s=arc-20160816; b=dvAnymOANl73E/JOnUBZab1EX0As4R8M4fh4oPc+Dbj/EfwHTPh3yinRtFogYhto0x hMU2+ZPWou/Q2P0hGmbGjqRJKmq1v3ECOuLmcPaZI754e21K7cXzhYP/QD0UNaCqNnZk Et7cls6H+Lcx3iMDpzOdJTEKFt8RvSq+1cUWswck2RnZMibDTYAiXt9Y6/0zO0Oh6R3R 6tljLEXdm1UctlorS18RT1s5a9fCqszo8x5Tc4HDOtZ8T6ezQyK3CCAsmcPJTLWNj6zp JJ6k72NN6vtrYlKVapReSp4/knFrnzZxDgxwEpGvvYEWIJZCf3dQbm7Taq3yE8xhc9B5 Jn5w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:subject:cc:to:from :date; bh=FmYsrH6xZOtJj8XNCVOyVJkv5y6aDU085iTocNUO1VU=; fh=4seR8aDka6hXS5fh/LGOFevgtM6QS973WsDN6lgq6yE=; b=HRMi/lVB4CQ+uxxJd7sFQlyr267Oij1dOgb3wEBz1rZFDd++tAtciAlnLHw0tmH+xv nxM/PAAd0A3dMmtwS99IEfy8iNe6keoGRJ2c8hYfaTbHJCI0WqwqSEZRqb7FrwtrDBsK n561LhvYTOR2HMXoUwAZg4iP+xTKinGZGCQKWXHLlrLQVW36BXACIbwImJm1rRxbghHO 5Sw6BRcwPq8DkWdZEsxmgzn19D7YkjsRlbQ0xXPGwfkZ3i4PrAF/4VMlqvQ/Qi/CILU0 MMWKANYNd6TUlcOgX54CHX5NW/CWNGPqJ1TDEuZBHGH8zj0Y2SncINFEMSrJTQe4Z/oy EyFw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of linux-kernel+bounces-89488-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-89488-ouuuleilei=gmail.com@vger.kernel.org" Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id ne2-20020a1709077b8200b00a44feb876f0si132019ejc.186.2024.03.02.07.53.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Mar 2024 07:53:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-89488-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1); spf=pass (google.com: domain of linux-kernel+bounces-89488-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-89488-ouuuleilei=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 25DC91F21F2E for ; Sat, 2 Mar 2024 15:53:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E42471BC47; Sat, 2 Mar 2024 15:53:17 +0000 (UTC) Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F2101947E for ; Sat, 2 Mar 2024 15:53:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709394796; cv=none; b=PCIejuRbhSLpAx5A0JZhptJ5mWimPmcvhT431yQw4/L+Y7UC5wn2QSq203r2MSUIVUcmQVZTK3YQMpwO7zymBunFMLKVtFNZNHegjGa++j6/XS05hnXtEJ2n9EIf7fXbHj087DLJefV7X8F1U5omqM1UUuH8xoMiIXm/hzaVc3w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709394796; c=relaxed/simple; bh=gx+oBh4okljPT/oHkZ+fsQuFULuA9YFsCcX+6c1c4lw=; h=Date:From:To:Cc:Subject:Message-ID:MIME-Version:Content-Type; b=ozsfSaqTF0pxMbSFYvrqcjZhp05JFasqfHeRZsSkOzD9WDxjWbc/4oXxYpDY5cxDDa2SMXIP7Zn/ax7m0gwXlOuUA/JlDLjJfBkh4psQaBjy26X+gDIp2EK/y5xkRVsERGS7rdMPPRa2lcMncqM1M8hrrS7pvyCMRQHfXsAaHy4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1A833C433C7; Sat, 2 Mar 2024 15:53:14 +0000 (UTC) Date: Sat, 2 Mar 2024 10:55:25 -0500 From: Steven Rostedt To: LKML Cc: Masami Hiramatsu , Mathieu Desnoyers , Sachin Sant Subject: [for-linus][PATCH] tracing: Prevent trace_marker being bigger than unsigned short Message-ID: <20240302105525.4972c026@gandalf.local.home> X-Mailer: Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792430374128639021 X-GMAIL-MSGID: 1792430374128639021 Tracing fix for 6.8-rc6: - The change to allow trace_marker writes to be as big as the trace_seq can hold, and also the change that increases the size of the trace_seq to two pages, caused PowerPC kselftest trace_marker test to fail. The trace_marker kselftest writes up to subbuffer size which is determined by PAGE_SIZE. On PowerPC, the PAGE_SIZE can be 64K, which means the selftest will write a string that is around 64K in size. The output of the trace_marker is performed with a vsnprintf("%.*s", size, string), but this write would make the size greater than 32K, which is the max precision of "%.*s", and that causes a kernel warning. The fix is simply to keep the write of trace_marker less than or equal to max signed short. Steven Rostedt (Google) (1): tracing: Prevent trace_marker being bigger than unsigned short ---- kernel/trace/trace.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) --------------------------- commit 6e77fd570deda96cf3696a10c5bd7cc26cf0f687 Author: Steven Rostedt (Google) Date: Tue Feb 27 12:57:06 2024 -0500 tracing: Prevent trace_marker being bigger than unsigned short The trace_marker write goes into the ring buffer. A test was added to write a string as big as the sub-buffer of the ring buffer to see if it would work. A sub-buffer is typically PAGE_SIZE in length. On PowerPC architecture, the ftrace selftest for trace_marker started to fail. This was due to PowerPC having a PAGE_SIZE of 65536 and not 4096. It would try to write a string that was around 63000 bytes in size. This gave the following warning: ------------[ cut here ]------------ precision 63492 too large WARNING: CPU: 15 PID: 2538829 at lib/vsprintf.c:2721 set_precision+0x68/0xa4 Modules linked in: CPU: 15 PID: 2538829 Comm: awk Tainted: G M O K 6.8.0-rc5-gfca7526b7d89 #1 Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NH1060_018) hv:phyp pSeries NIP: c000000000f57c34 LR: c000000000f57c30 CTR: c000000000f5cdf0 REGS: c000000a58e4f5f0 TRAP: 0700 Tainted: G M O K (6.8.0-rc5-gfca7526b7d89) MSR: 8000000002029033 CR: 48000824 XER: 00000005 CFAR: c00000000016154c IRQMASK: 0 GPR00: c000000000f57c30 c000000a58e4f890 c000000001482800 0000000000000019 GPR04: 0000000100011559 c000000a58e4f660 c000000a58e4f658 0000000000000027 GPR08: c000000e84e37c10 0000000000000001 0000000000000027 c000000002a47e50 GPR12: 0000000000000000 c000000e87bf7300 0000000000000000 0000000000000000 GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 GPR20: c0000004a43ec590 0000000000400cc0 0000000000000003 c0000000012c3e65 GPR24: c000000a58e4fa18 0000000000000025 0000000000000020 000000000001ff97 GPR28: c0000001168a00dd c0000001168c0074 c000000a58e4f920 000000000000f804 NIP [c000000000f57c34] set_precision+0x68/0xa4 LR [c000000000f57c30] set_precision+0x64/0xa4 Call Trace: [c000000a58e4f890] [c000000000f57c30] set_precision+0x64/0xa4 (unreliable) [c000000a58e4f900] [c000000000f5ccc4] vsnprintf+0x198/0x4c8 [c000000a58e4f980] [c000000000f53228] seq_buf_vprintf+0x50/0xa0 [c000000a58e4f9b0] [c00000000031cec0] trace_seq_printf+0x60/0xe0 [c000000a58e4f9e0] [c00000000031b5f0] trace_print_print+0x78/0xa4 [c000000a58e4fa60] [c0000000003133a4] print_trace_line+0x2ac/0x6d8 [c000000a58e4fb20] [c0000000003145c0] s_show+0x58/0x2c0 [c000000a58e4fba0] [c0000000005dfb2c] seq_read_iter+0x448/0x618 [c000000a58e4fc70] [c0000000005dfe08] seq_read+0x10c/0x174 [c000000a58e4fd10] [c00000000059a7e0] vfs_read+0xe0/0x39c [c000000a58e4fdc0] [c00000000059b59c] ksys_read+0x7c/0x140 [c000000a58e4fe10] [c000000000035d74] system_call_exception+0x134/0x330 [c000000a58e4fe50] [c00000000000d6a0] system_call_common+0x160/0x2e4 The problem was that in trace_print_print() that reads the trace_marker write data had the following code: int max = iter->ent_size - offsetof(struct print_entry, buf); [..] trace_seq_printf(s, ": %.*s", max, field->buf); Where "max" was the size of the entry. Now that the write to trace_marker can be as big as what the sub-buffer can hold, and the sub-buffer for powerpc is 64K in size, the "max" value was: 63492, and that was passed to trace_seq_printf() which eventually calls vsnprintf() with the same format and parameters. The max "precision" that "%.*s" can be is max signed short (32767) where 63492 happens to be greater than. Prevent the max size written by trace_marker to be greater than what a signed short can hold. Link: https://lore.kernel.org/all/C7E7AF1A-D30F-4D18-B8E5-AF1EF58004F5@linux.ibm.com/ Link: https://lore.kernel.org/linux-trace-kernel/20240227125706.04279ac2@gandalf.local.home Cc: Mathieu Desnoyers Reported-by: Sachin Sant Tested-by: Sachin Sant Fixes: 8ec90be7f15f ("tracing: Allow for max buffer data size trace_marker writes") Acked-by: Masami Hiramatsu (Google) Signed-off-by: Steven Rostedt (Google) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 8198bfc54b58..1606fa99367b 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -7310,7 +7310,9 @@ tracing_mark_write(struct file *filp, const char __user *ubuf, /* Used in tracing_mark_raw_write() as well */ #define FAULTED_STR "" #define FAULTED_SIZE (sizeof(FAULTED_STR) - 1) /* '\0' is already accounted for */ - +#ifndef SHORT_MAX +#define SHORT_MAX ((1<<15) - 1) +#endif if (tracing_disabled) return -EINVAL; @@ -7328,6 +7330,16 @@ tracing_mark_write(struct file *filp, const char __user *ubuf, if (cnt < FAULTED_SIZE) size += FAULTED_SIZE - cnt; + /* + * trace_print_print() uses vsprintf() to determine the size via + * the precision format "%.*s" which can not be greater than + * a signed short. + */ + if (size > SHORT_MAX) { + cnt -= size - SHORT_MAX; + goto again; + } + if (size > TRACE_SEQ_BUFFER_SIZE) { cnt -= size - TRACE_SEQ_BUFFER_SIZE; goto again;