From patchwork Tue Oct 18 02:08:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 3897 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1739709wrs; Mon, 17 Oct 2022 19:22:24 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6TSt9JgQWbRk2X3/Od26zLioYOtaiXm+/WXxp+72EiDnsGAp9mjwF8SkEjcNMpA0Fjbe1G X-Received: by 2002:a05:6402:378c:b0:458:8053:6c5f with SMTP id et12-20020a056402378c00b0045880536c5fmr530690edb.9.1666059744696; Mon, 17 Oct 2022 19:22:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666059744; cv=none; d=google.com; s=arc-20160816; b=lq4T34vsJ/059HsYz6qb+t7GKCWWzW7bfwNyuYM4yofw/w1U53ClpNY/vldOvhbFMe eyr6zJBl9IxiZNDdqJWH9ga5thKrHxD/X7ipwxeTMJWVf7ix4BSLz9gD0D8bhuElOqcT 6Ewl+m2UR8VKlv1A9Fno5g2LfuO+IoQRpxpNPFT7Q6krjH2DIhSTAih45/mrhICJuTTL EfuLEZw52Pje3xlBK9Er2sGd4ahY80fDBScIviblcHaBLKRgG1q9x1ScznhFfSqGULIH 5TTcWr8wj60CeydmmEj30maTmYufSxG16t6UQjSTQ/I1m88ytJb8WJhTXBCOjWWa323H HVww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=S0F3mLwGaF2B9MuQHH9+FnzRaQ++FNIsVpzM/VOtub1sZ4ghx8RPXhZyadlYH/ZdT2 Apu0yIHvgQ3/CIQ2TznzaWPY8/ELSPlxgNM9n7u65Dl3/cfe/ILDTgVY/cgEmpbqmYkU g5spy3wD2OVjprucy/qgBob7uR3Fx/Dg5t9nuV9I5JnMz0CTbQbmFveemsOsGAk19C5Q rOgmMZMVKAAtYmhtMNURHGeSjDagFf0eSonLRFy3FOhPJ2falCYW2b0b4N5+V2f//eua F/JeIxQYxzxYINV9hfHRphPI8uYMmpKOugp8T5l/K2GqCIduqwdjBkMx+yImsDpXpHsf bf7g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KIJuGjNT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sa28-20020a1709076d1c00b0078d42f9d0ddsi10294224ejc.477.2022.10.17.19.22.00; Mon, 17 Oct 2022 19:22:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KIJuGjNT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231286AbiJRCJa (ORCPT + 99 others); Mon, 17 Oct 2022 22:09:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230446AbiJRCIt (ORCPT ); Mon, 17 Oct 2022 22:08:49 -0400 Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7978F43AF0 for ; Mon, 17 Oct 2022 19:08:36 -0700 (PDT) Received: by mail-pj1-x1032.google.com with SMTP id g8-20020a17090a128800b0020c79f987ceso15948937pja.5 for ; Mon, 17 Oct 2022 19:08:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=KIJuGjNT3LS85ZDwhI1QK3bDVaC4AE+6gjeWhM49s+JH+xpYFFcPNFFUvO5z97nWc8 3qHYOvMSCMWKhgCUK8jfsgwo94QfZqPwZA0oEE9N75VRfhpgSur4kI1JiPgUTYXCuRtD WfbWOlFE7BmzofG7f2xA8rqRZNKp1xI7XjZ8I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=i3Eo8zeidRdxDb3qtigctA6e8y3ZNqx6LWDtc/mxVBE3FBQ13QsIaI4SP2HLGrw5k8 tugQrzF5NpWGOMeNEOF+mE2TqOwS9uPQyKZTpKXCmzHWMKVeT4vG2UAHcuam4XKGRwaT 4ugjMBREKVbag37FVherBYsVN5PBKfXy3u1I66Cu+UD0raeQhKuUPPgM3Mdpv80XpUzQ JICnNsWy4H1cGMIc2+7px151MJThBBBWO5qey8LRrPyKTrE6hjBGgxRiUu1zJSM9JQSf ZgSCPtoJZfhWgf2p7ZaSBXqCKLon/hFWFPqBUpLqT8/CtMI9/WlO7omn91tfjY+88hwG mBIw== X-Gm-Message-State: ACrzQf2AIE/A+n3SSbQXUQD3Bi2gUKdYwhnyDlS6KY8oCsJmI6gooWir eWEiMLfhEj3gaEzVSwhfyy6Bew== X-Received: by 2002:a17:903:11c3:b0:17a:e62:16e8 with SMTP id q3-20020a17090311c300b0017a0e6216e8mr612463plh.137.1666058899859; Mon, 17 Oct 2022 19:08:19 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id c8-20020a170903234800b0017d061a6119sm7312776plh.116.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/5] pstore: Remove worse-case compression size logic Date: Mon, 17 Oct 2022 19:08:09 -0700 Message-Id: <20221018020815.2872331-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5455; h=from:subject; bh=+tMHCZOTPIvRa0mUTcXlg2VCSU1nRw7kMkBTASHQke4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMQlVArORJD6vwQmAGDxw2yPxs+T03ESP4BWrt w84R/kSJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJgQSD/ wNUsf8repH9xHlLCpz/CMMet6C6UcVL2z7D/aT4lcyu0GVdX/RrntIC8lEj7SJN7EQdzrZEHkqjPOe bklsLC/TaHdCVVYaJQnX921X+jU7Abf6S+prdr067yp1N1/I744jauGm99Sj38EMNad1xrEvn1PJcn SDcoAjNiYgS/FZtEjfewNPmZ0bXFioCpc0SCgfbeO12BThhkCI33MWC010Ihjupoytpbs8Ks8bB8xT cU+YxWO/rh4RhIkKO/Bl7vXnRtDFnz2XqwaoDrQjGYVo7YB9e2K1SIefAvQMRyjrWi0V0PsuTNn/zc j5t3pDG2o+Y/jTywGSZqdAsMvQOl6jjHwG+jUswIrjtH6XwAZQXbk6nsQwSuSuqZq69Qs+5rQJEBes OpxlD5SOpU03hzZnFdId1wn/YWs7G58Q6hDr3Bv4dh9xKWJ5LcvrR+4gdI4oV9/istb5krrPYzDFtB pErJjTAD5Sz9g16VL6U8pNSZpZVw3hXsP6ShpA7Dazjv5DExoJ4qsgco7mprLEnEoK/Ge72MQjHq51 JSzVidOSLPIq+FMcAALcrw8TMCFWAaZuClsddg6CJmkAw4KtdYqIym5otPCNS1iN/lhqCRx/fkCqXn /ahzhUBhLVdmH5t+vkcWyNiDr8Cd7Tdt994hwFqcjd8njG+BHaRDiFNSZfvw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1746990262819199634?= X-GMAIL-MSGID: =?utf-8?q?1746990262819199634?= The worst case compression size is always the size of the uncompressed data itself so avoid perfectly optimizing the oops buffer size. Hugely simplifies the code. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 144 +++---------------------------------------- 1 file changed, 9 insertions(+), 135 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index cbc0b468c1ab..ef0bc3ae161b 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -97,11 +97,6 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to snapshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; -struct pstore_zbackend { - int (*zbufsize)(size_t size); - const char *name; -}; - static char *big_oops_buf; static size_t big_oops_buf_sz; @@ -168,105 +163,6 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) } } -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) -static int zbufsize_deflate(size_t size) -{ - size_t cmpr; - - switch (size) { - /* buffer range for efivars */ - case 1000 ... 2000: - cmpr = 56; - break; - case 2001 ... 3000: - cmpr = 54; - break; - case 3001 ... 3999: - cmpr = 52; - break; - /* buffer range for nvram, erst */ - case 4000 ... 10000: - cmpr = 45; - break; - default: - cmpr = 60; - break; - } - - return (size * 100) / cmpr; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -static int zbufsize_lzo(size_t size) -{ - return lzo1x_worst_compress(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) -static int zbufsize_lz4(size_t size) -{ - return LZ4_compressBound(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) -static int zbufsize_842(size_t size) -{ - return size; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -static int zbufsize_zstd(size_t size) -{ - return zstd_compress_bound(size); -} -#endif - -static const struct pstore_zbackend *zbackend __ro_after_init; - -static const struct pstore_zbackend zbackends[] = { -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) - { - .zbufsize = zbufsize_deflate, - .name = "deflate", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) - { - .zbufsize = zbufsize_lzo, - .name = "lzo", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) - { - .zbufsize = zbufsize_lz4, - .name = "lz4", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) - { - .zbufsize = zbufsize_lz4, - .name = "lz4hc", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) - { - .zbufsize = zbufsize_842, - .name = "842", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) - { - .zbufsize = zbufsize_zstd, - .name = "zstd", - }, -#endif - { } -}; - static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { @@ -291,36 +187,31 @@ static void allocate_buf_for_compression(void) char *buf; /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !zbackend) + if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) return; /* Skip if no pstore backend yet or compression init already done. */ if (!psinfo || tfm) return; - if (!crypto_has_comp(zbackend->name, 0, 0)) { - pr_err("Unknown compression: %s\n", zbackend->name); - return; - } - - size = zbackend->zbufsize(psinfo->bufsize); - if (size <= 0) { - pr_err("Invalid compression size for %s: %d\n", - zbackend->name, size); + if (!crypto_has_comp(compress, 0, 0)) { + pr_err("Unknown compression: %s\n", compress); return; } + /* Worst-case compression should never be more than uncompressed. */ + size = psinfo->bufsize; buf = kmalloc(size, GFP_KERNEL); if (!buf) { pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, zbackend->name); + size, compress); return; } - ctx = crypto_alloc_comp(zbackend->name, 0, 0); + ctx = crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { kfree(buf); - pr_err("crypto_alloc_comp('%s') failed: %ld\n", zbackend->name, + pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); return; } @@ -330,7 +221,7 @@ static void allocate_buf_for_compression(void) big_oops_buf_sz = size; big_oops_buf = buf; - pr_info("Using crash dump compression: %s\n", zbackend->name); + pr_info("Using crash dump compression: %s\n", compress); } static void free_buf_for_compression(void) @@ -818,27 +709,10 @@ static void pstore_timefunc(struct timer_list *unused) pstore_timer_kick(); } -static void __init pstore_choose_compression(void) -{ - const struct pstore_zbackend *step; - - if (!compress) - return; - - for (step = zbackends; step->name; step++) { - if (!strcmp(compress, step->name)) { - zbackend = step; - return; - } - } -} - static int __init pstore_init(void) { int ret; - pstore_choose_compression(); - /* * Check if any pstore backends registered earlier but did not * initialize compression because crypto was not ready. If so, From patchwork Tue Oct 18 02:08:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 3898 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1739945wrs; Mon, 17 Oct 2022 19:23:08 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4pvIzQWG8iOqEOdNRyx9+jvcCZizEqNu5iYjFe+xFn9WjL8OelxykvRpeoSVDHdDZ9NQdb X-Received: by 2002:a05:6402:3484:b0:45d:2f59:fae1 with SMTP id v4-20020a056402348400b0045d2f59fae1mr535361edc.237.1666059788747; Mon, 17 Oct 2022 19:23:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666059788; cv=none; d=google.com; s=arc-20160816; b=hMGEUT+yhL1snLnpEU/v3HQz8cMxmSdcfcq2nIUML8ABKzG37AEXlHxlpVW5+w6Dyd gLCfE2x5B14lmjlDpPdsYsmOLyJz2D3yWj7I8PsK9ouj8cvRPGXlphtZ3iJCd6zB1I9T bRVj6/3wEW9E1wByVPKyq6G4f1IoExfliQ241Cq9+pxhMa09yFFD7OH1p0dKYqSil8mo 9NIoULQQoiL5oACV8RZm624iAT2TlbGQ9b1QandjUCmjo5xQFec2bHz3CWH1+1o8WN8v wneTVKOeM/eB1Y4LqM+k/iUn51XzbcRumrLeDtavSlPj9Ttw0QD0QJAxBYWuXTinHBcx aDjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=J6LtdNAOY6bf9qpGz6m60ODLC998KEEEeo/jo/ZKiH2DdLFJVDaD9zCuB9AKM2idgP SRMz62SoDQ66J4CmjCLLsjYkKB33bDrfCVPU67o1lPAGcX9dBvs16SEKzioc6Xq/AKHO hfB1rf6iETLoNBtSdQKE+/oF/KbOF2raYnI7MCme3mB+Lsquk+s9bMeuh24tDLEzqxTq F+mYqUWSzc45tf8Hv8FxU0RQlUe2U26tdNygurR5Y6HFd7GPmrQujUH6PyWkqLy99rEj zkwCWsBb2zfDVPTkCDlugn1CjV3NEqDci8Tq1DBarVRf3fanfWOvVhvqMOslD/XKFptj 9oDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NwNNyZ5W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b19-20020a056402351300b00459e1ce80a7si454417edd.241.2022.10.17.19.22.44; Mon, 17 Oct 2022 19:23:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NwNNyZ5W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231389AbiJRCJz (ORCPT + 99 others); Mon, 17 Oct 2022 22:09:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231404AbiJRCJI (ORCPT ); Mon, 17 Oct 2022 22:09:08 -0400 Received: from mail-oa1-x2f.google.com (mail-oa1-x2f.google.com [IPv6:2001:4860:4864:20::2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0643A748F2 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) Received: by mail-oa1-x2f.google.com with SMTP id 586e51a60fabf-131dda37dddso15424037fac.0 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=NwNNyZ5Wb03KNiJhkFaOysaWhHo6lNizPNjKIi4CbPvS6pVTgMh50mv7INFYyuW8a6 kR3Kzootcf5Q7/OePmjcvl0M1ECOirL7jq0lnseGrS+XkVMmc3wstnkJEQy0KCkbml/j EHPaSGukxSVTz0OFFdebK0v/c10ovejMsD3qg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=mNpTUYVcljgmEkt9zhN1XY8DEKT6NqK18G2l18frQeXEhq55XlpAq9k89nwM3xUhf0 AX72wFWpFGO+Vm8TiGpOiO9DGg7NCpHsL3GmK8lt+/VsYv5Z+KLQx2P8L9XXyfhzDDnp NrbDrBkn+INxsm2eYGtnug9AUsSe24hag1elxBZcFwvdF/DnZskb/WluqciZ8hwryJwu 3t3mzGCJdr/fiYmDbOBCRKVE0+15RyJqL0SKQoOA5V4kIEzGeqs8fvF8xGLfuB+uL+6U Jn5XtrD2/109WjNaQBZEtu+PaJx7HDxUgSl77wUK758oN+Ow+XuYNUrYZQ+enAWPug+w YvKA== X-Gm-Message-State: ACrzQf1bDpby9PVi6fgKh1EMqLJMDWHLtbcS70ymkJQO+YbICVliulYL B0sY9efLYOSXpOG3LCNtWUwGyfxZyBnf0g== X-Received: by 2002:a17:90b:692:b0:203:6c21:b4aa with SMTP id m18-20020a17090b069200b002036c21b4aamr35534172pjz.227.1666058900664; Mon, 17 Oct 2022 19:08:20 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i10-20020a170902c94a00b00179f370dbe7sm7290666pla.287.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/5] pstore: Allow for arbitrary compression algorithm Date: Mon, 17 Oct 2022 19:08:10 -0700 Message-Id: <20221018020815.2872331-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=7760; h=from:subject; bh=uc0kl+a6TRA5+6XFgJLw6TULSMAzOvGGUCrsT4ONIEQ=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbyBNAMou3xirdeIaCwW74Lc8wdvstFfBCHL4 YvkAb9eJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJg2mD/ 4w2fvpDNRN1D3IMtBm5CqUw6M66DMdJv5Rq9IeVdTvcGKOCQXOloxOx2Kb87Ut54OsTz/sQVeWov9K j+HR6jVxFiq2kKFSP/kJH6RTIyTK/3QwN0Ocw43Aqtg8qZGMx/gShBINNtVDhJ0buKILEduEhleF5F /lzkv49eXy9dXWiMedinSBfu6ImScEtd25ym/aekGxbs66tcHySFjb0GN+TW7GTjw1vTTZThi0pejJ /mO7YyshqePq3cmiMQk43j0NItwXL+Vavk92Mp1ZeAb4PB636UntywH4uNtj8I0Ho2s/wWPHeTFhAA tkZhDwkv4MovVNZ0UdfdIH7iC5zeVxTnFPidM0wgOi3lGAEBtkYHTKjyImKs/VtBeuIYw8vpAzt7dv lW1n9bVVeYYk3xPVimBaY/vsjy6eKH51PwqwWduQHba6H5vv0X1m9huhQao842Pde8jTxZiA5i7e3G 8g8/h5pPHoxqZ1P1HWdDtRWdJVH65DsseUcXVBnaK+MGCSd89ciXaqNSaiJ0WG82swVia9YZEvBm2n E5kBZxNvdeySPLgMoRdRfHI9X8JCQiZhbQwBmq+u4aZ/Ev2tNTd5cbmwtAnQvrX5I7ivkqrC1irznU raF+bf9m0wrDMA/10vca2++0FDSwjv+kSHfH5cmAQJ+gxdNBeHY134R6+ghw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1746990308827103706?= X-GMAIL-MSGID: =?utf-8?q?1746990308827103706?= Since there is no longer a need for figuring out worst-case compression size, there is no reason to limit the compression algorithm choice. Greatly simplifies Kconfig. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 122 ++++++++++++------------------------------- fs/pstore/platform.c | 39 ++++++-------- 2 files changed, 47 insertions(+), 114 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index 8adabde685f1..a95b3981cb0e 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -22,99 +22,41 @@ config PSTORE_DEFAULT_KMSG_BYTES Defines default size of pstore kernel log storage. Can be enlarged if needed, not recommended to shrink it. -config PSTORE_DEFLATE_COMPRESS - tristate "DEFLATE (ZLIB) compression" - default y - depends on PSTORE - select CRYPTO_DEFLATE - help - This option enables DEFLATE (also known as ZLIB) compression - algorithm support. - -config PSTORE_LZO_COMPRESS - tristate "LZO compression" - depends on PSTORE - select CRYPTO_LZO - help - This option enables LZO compression algorithm support. - -config PSTORE_LZ4_COMPRESS - tristate "LZ4 compression" - depends on PSTORE - select CRYPTO_LZ4 - help - This option enables LZ4 compression algorithm support. - -config PSTORE_LZ4HC_COMPRESS - tristate "LZ4HC compression" - depends on PSTORE - select CRYPTO_LZ4HC - help - This option enables LZ4HC (high compression) mode algorithm. - -config PSTORE_842_COMPRESS - bool "842 compression" - depends on PSTORE - select CRYPTO_842 - help - This option enables 842 compression algorithm support. - -config PSTORE_ZSTD_COMPRESS - bool "zstd compression" - depends on PSTORE - select CRYPTO_ZSTD - help - This option enables zstd compression algorithm support. - -config PSTORE_COMPRESS - def_bool y - depends on PSTORE - depends on PSTORE_DEFLATE_COMPRESS || PSTORE_LZO_COMPRESS || \ - PSTORE_LZ4_COMPRESS || PSTORE_LZ4HC_COMPRESS || \ - PSTORE_842_COMPRESS || PSTORE_ZSTD_COMPRESS - choice - prompt "Default pstore compression algorithm" - depends on PSTORE_COMPRESS - help - This option chooses the default active compression algorithm. - This change be changed at boot with "pstore.compress=..." on - the kernel command line. - - Currently, pstore has support for 6 compression algorithms: - deflate, lzo, lz4, lz4hc, 842 and zstd. - - The default compression algorithm is deflate. - - config PSTORE_DEFLATE_COMPRESS_DEFAULT - bool "deflate" if PSTORE_DEFLATE_COMPRESS - - config PSTORE_LZO_COMPRESS_DEFAULT - bool "lzo" if PSTORE_LZO_COMPRESS - - config PSTORE_LZ4_COMPRESS_DEFAULT - bool "lz4" if PSTORE_LZ4_COMPRESS - - config PSTORE_LZ4HC_COMPRESS_DEFAULT - bool "lz4hc" if PSTORE_LZ4HC_COMPRESS - - config PSTORE_842_COMPRESS_DEFAULT - bool "842" if PSTORE_842_COMPRESS - - config PSTORE_ZSTD_COMPRESS_DEFAULT - bool "zstd" if PSTORE_ZSTD_COMPRESS - + prompt "Panic dump compression" + depends on PSTORE + default PSTORE_COMPRESS_CRYPTO + help + Choose whether and how to compress the panic dump output. This + is usually only needed for very storage-constrained backends. + + config PSTORE_COMPRESS_CRYPTO + bool "Use an arbitrary compression algorithm via the Crypto API" + help + If the default compression algorithm from PSTORE_COMPRESS + is not desired, an arbitrary one can be chosen if it is + available to from the Crypto API. Note that this may reserve + non-trivial amounts of per-CPU memory. + + config PSTORE_COMPRESS_NONE + bool "Do not compress panic dumps" + help + Do not compress the panic dump output. This leave the + output easily readable in memory, if non-pstore forensics + tools want to examine the contents easily. endchoice -config PSTORE_COMPRESS_DEFAULT - string - depends on PSTORE_COMPRESS - default "deflate" if PSTORE_DEFLATE_COMPRESS_DEFAULT - default "lzo" if PSTORE_LZO_COMPRESS_DEFAULT - default "lz4" if PSTORE_LZ4_COMPRESS_DEFAULT - default "lz4hc" if PSTORE_LZ4HC_COMPRESS_DEFAULT - default "842" if PSTORE_842_COMPRESS_DEFAULT - default "zstd" if PSTORE_ZSTD_COMPRESS_DEFAULT +config PSTORE_COMPRESS_CRYPTO_DEFAULT + string "Crypto API compression algorithm" + depends on PSTORE_COMPRESS_CRYPTO + default "zstd" + help + This option chooses the default active compression algorithm, + and can be changed at boot with "pstore.compress=..." on the + kernel command line. The chosen compression algorithm needs to + be available to the crypto subsystem for it to be usable by + pstore. For example, "zstd" needs CONFIG_CRYPTO_ZSTD, "deflate" + needs CONFIG_CRYPTO_DEFLATE, etc. config PSTORE_CONSOLE bool "Log kernel console messages" diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index ef0bc3ae161b..1f01c4b904fc 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -16,15 +16,6 @@ #include #include #include -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -#include -#endif #include #include #include @@ -80,9 +71,9 @@ static char *backend; module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); -static char *compress = -#ifdef CONFIG_PSTORE_COMPRESS_DEFAULT - CONFIG_PSTORE_COMPRESS_DEFAULT; +static char *compress __ro_after_init = +#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; #else NULL; #endif @@ -166,18 +157,18 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { - int ret; + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + int ret; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS)) - return -EINVAL; - - ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); - if (ret) { - pr_err("crypto_comp_compress failed, ret = %d!\n", ret); - return ret; + ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (ret) { + pr_err("crypto_comp_compress failed, ret = %d!\n", ret); + return ret; + } + return outlen; } - return outlen; + return -EINVAL; } static void allocate_buf_for_compression(void) @@ -187,7 +178,7 @@ static void allocate_buf_for_compression(void) char *buf; /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) return; /* Skip if no pstore backend yet or compression init already done. */ @@ -226,7 +217,7 @@ static void allocate_buf_for_compression(void) static void free_buf_for_compression(void) { - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && tfm) { + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm = NULL; } @@ -578,7 +569,7 @@ static void decompress_record(struct pstore_record *record) int unzipped_len; char *unzipped, *workspace; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !record->compressed) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; /* Only PSTORE_TYPE_DMESG support compression. */ From patchwork Tue Oct 18 02:08:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 3894 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1739471wrs; Mon, 17 Oct 2022 19:21:21 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7a8o1awZLByO4v+Pio9r4OEe6F4S4Tz/NixcbM1xag/+Ab8lzWWt2zKIwhjtMJRN4KpjkA X-Received: by 2002:a50:fe0a:0:b0:458:dce8:2b6b with SMTP id f10-20020a50fe0a000000b00458dce82b6bmr556977edt.84.1666059681217; Mon, 17 Oct 2022 19:21:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666059681; cv=none; d=google.com; s=arc-20160816; b=aXDH/eX7hvZsUiwzmuNbeXKtuUY8Dfsj8qW6XatFN5QoemgkQeD9/6PD86a7nr/GRM uKwgvZ+qJS5E+W9jRt8xcpiSTK8mZNxlfXSw3y+zsNxzukwPKXDdJdF9bmCRwm3VdVRZ fDppcerzU71FzcnM0acAs55C9QGJanlwJ6mYLJkZQ+aIAXp2n/Tx63VIVzFceEzdhv1+ 9WLvqt+YdIBMnDr0nSPmbkjZxvqKaExnDXarRpaHU5Hmlu/7sjUTlk7eZKgnP113kkBL LLjeQY0rlZjQayRfmE54KJU2pe8jZ2LGqfaHXzUOxXUuo7zSrnSEjoe7j+QAzaeWoxXM pz7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=w3epJH0XsdSGQgx4IE3fxhcJk6B5UoAtFlna9jBoNyC5205uW6+J+oDNwK3ZrzevBw g4ZziPTGW4IHYKrLa3ii0f63nt9S0HoCea1BpJNv3ZGbV9o6GHpWTR2YfONaM3aOp5bV GvVZfjsLE+L5p2I1DHklURZHm3D80L4TpJ9NVZkakzx3hnRCi4uVR4KIzFHJfUCFEYfq H8hFcW/rjHGByD1k0smIhIILPt8DixLrANB7WZckIklzGwA3mdORXcZiyWzpMjCxONEA j88e7fSu4QVOGevgu+udSQuWNrXKHc/DkVWNt4NxBQzyg4Ce5usZLmOZGCLs/p9P1a5j NR8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Ejf9T48s; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g5-20020a50d5c5000000b00457f31c1a10si8479163edj.584.2022.10.17.19.20.55; Mon, 17 Oct 2022 19:21:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=Ejf9T48s; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231260AbiJRCIx (ORCPT + 99 others); Mon, 17 Oct 2022 22:08:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33308 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230425AbiJRCIg (ORCPT ); Mon, 17 Oct 2022 22:08:36 -0400 Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 954E32DC4 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) Received: by mail-pj1-x102e.google.com with SMTP id fw14so12641778pjb.3 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=Ejf9T48sPy2SQkDkKO3qeRvLhxySNSJCnDu6Xwwm0S7fucUsPGGdILc95lmBN0JR7m gYaf/SfNGV6HQ6L9OtG6dvMIzzfhmlStyUx496rhLALi/gn3WEbiVIF9qqOQOYX3a6PM SssrKHd8ghM4DgybtJLu0nA1WEx8YJwQquFFk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=IOgjHiPM2udKCIpnLl2u7diTeuIwKVWg0TLqU1Ye8jjiyLJDuBzBrGHw7imAq4i+Iu 3S9FIc2s5yhVy5FoqZgXi5KYCuGuUahi8r27X9ERswF+iLTPARbuqB3Ir1+vp++k5hIj SFVr6hZHfSKzxTmYOD4UubAxXbmORsUSNj7OewlP4/I6BeuVrnuOrW2DnqqX6JJrGKYX pBOQbRsYZsWf/oWhbEqotAU/0Z8tm9oXUjmJYQOcdHcU/4zRZakMv4OIv+QtxhVQ62zZ 3SpL0ycz5KSIxW6G8KvxD4MjwNiHV3IS0RwgiT4m20UEAfUcoa+9X2sPQ+LY/+Jww7Fy F01g== X-Gm-Message-State: ACrzQf1ANeHApCmDbxIAb8bO15zdJXT+OYTKMsN2AMN7OQ/sECIdTva9 O17QkEDzsGy0XUY3mUIZ777z2g== X-Received: by 2002:a17:902:d484:b0:17f:7437:565d with SMTP id c4-20020a170902d48400b0017f7437565dmr630248plg.154.1666058898335; Mon, 17 Oct 2022 19:08:18 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id d4-20020a631d04000000b00460d89df1f1sm6797003pgd.57.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 3/5] pstore: Use size_t for compress/decompression type widths Date: Mon, 17 Oct 2022 19:08:11 -0700 Message-Id: <20221018020815.2872331-3-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3370; h=from:subject; bh=d80Gw6VCQNtp9Ez6pYN9gROZhqnl6PYG6krL4B0B4o4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMos88G1DeCsiRQXnCR4zXLwb9UDI3ISAB1F4o GocmFImJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJn12D/ 0aQ1ZAKOJEY9arwChs4OA2uRV6oYgtpEV0Vqbf1CrNEqoszswyKm83dWZjIsQfDaPkTVXUrt6AaAZh KhXqXry8mtOn2Q/8OvPkeiux7ChBtIMTyYzbb82dVlxgiTZF/MbOh/O0HHOHy40gXWM4qC8UzEnbMP uhk/JxGuOJNsItMrrG+h+z4sr7eN16+mpbjEGqnMbyTm0CaT1zh3oLULl0eYluGQOlfKBIwygVuWf2 Zuca9gRFaF+R5kukMrkDAaS9RTJT8z3znNqCwGKh1Wi6/1JZxmNNmq0YraSEJOEEejK0oEX8GLE0JV EgMkXBbQSG0X5cLREwp7RRC7Ej5T6OuKJMVqAP8eONNDoYls82NtGDB0mQkPDTVj+0cRHNt/6CXt+H UKM6TqbO9HBC8iBW4iYp/pr78AHpecShCoGdvgewKjJUxkF32lHh92QjTaNhcWp5Y4a4PNIu4eM+0R KX+HxTicQMjInWMcHgBfKfROug3RZeANjLebFqVC2rvESIcgiUmevJTLRQ4tNu5MfD9uhLfMps8jfO HVPHeOiGO3p29tj9QsMNRBSnZ+k5O/qeR1Lk7NWTHbqJ94e7sTubSLZblRTgM7U3AGOUbEgSrNu7DB +e7GlQxFJ4q/mulBqu19pB7ZbgBQtp4qKvHdgqnzU5feIHA2nmD+MH+HY4MQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1746990196013036845?= X-GMAIL-MSGID: =?utf-8?q?1746990196013036845?= In preparation for adding direct library calls for zstd, refactor routines to use normalized compress/decompression type widths of size_t. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 47 ++++++++++++++++++++++++++++++-------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 1f01c4b904fc..210a4224edb4 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -155,17 +155,24 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) } static int pstore_compress(const void *in, void *out, - unsigned int inlen, unsigned int outlen) + size_t inlen, size_t *outlen) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + unsigned int crypto_outlen; int ret; - ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (inlen > UINT_MAX || *outlen > UINT_MAX) + return -EINVAL; + + crypto_outlen = *outlen; + ret = crypto_comp_compress(tfm, in, inlen, out, &crypto_outlen); if (ret) { pr_err("crypto_comp_compress failed, ret = %d!\n", ret); return ret; } - return outlen; + + *outlen = crypto_outlen; + return 0; } return -EINVAL; @@ -297,7 +304,6 @@ static void pstore_dump(struct kmsg_dumper *dumper, char *dst; size_t dst_size; int header_size; - int zipped_len = -1; size_t dump_size; struct pstore_record record; @@ -327,11 +333,11 @@ static void pstore_dump(struct kmsg_dumper *dumper, break; if (big_oops_buf) { - zipped_len = pstore_compress(dst, psinfo->buf, - header_size + dump_size, - psinfo->bufsize); + size_t zipped_len = psinfo->bufsize; - if (zipped_len > 0) { + if (pstore_compress(dst, psinfo->buf, + header_size + dump_size, + &zipped_len) == 0) { record.compressed = true; record.size = zipped_len; } else { @@ -563,10 +569,25 @@ void pstore_unregister(struct pstore_info *psi) } EXPORT_SYMBOL_GPL(pstore_unregister); -static void decompress_record(struct pstore_record *record) +static int pstore_decompress_crypto(struct pstore_record *record, char *workspace, size_t *outlen) { + unsigned int crypto_outlen = *outlen; int ret; - int unzipped_len; + + ret = crypto_comp_decompress(tfm, record->buf, record->size, + workspace, &crypto_outlen); + if (ret) { + pr_err("crypto_comp_decompress failed, ret = %d!\n", ret); + return 0; + } + + *outlen = crypto_outlen; + return 0; +} + +static void decompress_record(struct pstore_record *record) +{ + size_t unzipped_len; char *unzipped, *workspace; if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) @@ -591,11 +612,7 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - /* After decompression "unzipped_len" is almost certainly smaller. */ - ret = crypto_comp_decompress(tfm, record->buf, record->size, - workspace, &unzipped_len); - if (ret) { - pr_err("crypto_comp_decompress failed, ret = %d!\n", ret); + if (pstore_decompress_crypto(record, workspace, &unzipped_len) != 0) { kfree(workspace); return; } From patchwork Tue Oct 18 02:08:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 3896 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1739574wrs; Mon, 17 Oct 2022 19:21:50 -0700 (PDT) X-Google-Smtp-Source: AMsMyM50qq8Da36U845Am/EY2tZSuZDlZAoluFTeSHC2vFbDRmTkENdIBF11/tUAcz4bw5dIoeq5 X-Received: by 2002:a05:6402:350f:b0:45d:1d86:9ec9 with SMTP id b15-20020a056402350f00b0045d1d869ec9mr562333edd.266.1666059710371; Mon, 17 Oct 2022 19:21:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666059710; cv=none; d=google.com; s=arc-20160816; b=ldhnb1ntLHESHCYD13iQECGBzoewCmK/Q+dlqPXpnaNQ6vs3FY1TxCrWWYo70s5esc vFpCg8TrUTEno9AMFHjRSfVU7U12iDN8BN4/ut4GG0j3jHr+yuGVBYyizjlM7rcN0LJW ApRe8x4g8YXDYjwciv4vlQDz7qv59o0ohqIV/pnA6Pdtk3ySENdyrFx46mnkGzAi+4iB c6RsE1B2izeGcQ5YiaB4FH4cqgLZNHOt9f94R9nEZ3QOdA+Id3e9TD6uYiBnVkFilmAJ lKjlocP4UYGlTNXHaHsoKcW+wNQFmqTsuyFisTt0kHTrdGagFo5mjtb/+xH7Oh7NZAaq EfZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=iPVVU2SnaecYsHdViA1lvE7xXhyOEKXs6S6KlD59qImRWCJ4RaaCkTKCVNqWovxH5o i1fQaIR8XU4Lc7v0zmZ5alEWEC5FcCHXw+BheO6p8ln/hmHark4UYGmfX5UW2ljPq/bd RhPnrKj92QdIZ0ay6tDxB1ab72RZoCqQ5sJWQlZcbx7jDzzMuj0o8KDZSHH5SxWUuNSW d4etlJi8iHyAXn9D+z04XqLnZeCOdJyRgB/dxVbIm+dZHxMlG9O7Cpq6Jq2+DsLxzVkZ urGEx+6KnA/bQb9FDmqgpZ61u6F2ylqJUf3s2kl8n1TWIKGsLSGoLuKmW23OskNa0yEO yClg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KwORkaYq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l22-20020a056402125600b0044f441d2372si10094568edw.88.2022.10.17.19.21.26; Mon, 17 Oct 2022 19:21:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KwORkaYq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231127AbiJRCJS (ORCPT + 99 others); Mon, 17 Oct 2022 22:09:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60590 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229959AbiJRCIm (ORCPT ); Mon, 17 Oct 2022 22:08:42 -0400 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC238422C3 for ; Mon, 17 Oct 2022 19:08:39 -0700 (PDT) Received: by mail-pf1-x42c.google.com with SMTP id h13so12772067pfr.7 for ; Mon, 17 Oct 2022 19:08:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=KwORkaYqVW4DcwQBe8fKyiUBV3lL2VI45MbBjyL5evrubabQAAlJRmEOYoDNPnKOoo IOosyef4qN2cVWORGlutYO9mKfNcT+WQs7HdI9dtzAE52Yfec3xVxA3WT2S73LIqj7EE T59NJkFkzwgnTSUFSnQR8PYEwUGY0Ul3q8MYY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=wYStaSzOLLl7cULo8Lxx/k+5l+lYa3/iazu638Ql2q5TQE6JJ3FagKi1uQGtQhNNrf 8tmrEXQUgeAUqD05i98zJbQPx/I5eW8rHyakJLQOb9J2eZ0XE9+beHnnPUJIJeM09WGF USviWoJN0oPYwwxGKLC2DuW9xBbKOwXpdYKYq1bEDJLDwp5HwBWK8ope07fZ8rCjh9We 4PECXriNqpnJvIpT9FJa1Ux7LQqsJ0L1AMgylGdswXsu/gLzGtg0MLT9O/TmDnXhTsU/ xxvteRTULL+CHAhh04Xmq0jv/eoxn66jiCd8wko0K59L/Vnr3oKhTzP550WodTod+Yrk f6kg== X-Gm-Message-State: ACrzQf0hzbLDtik2bzfRDVsE9utwsvUp0MR7IRxwuih7WexAd1W9c9aM MAoTcv9gCtfCLRLj/NWYFuO5vQ== X-Received: by 2002:a05:6a00:150c:b0:563:9f05:bd68 with SMTP id q12-20020a056a00150c00b005639f05bd68mr806021pfu.44.1666058901438; Mon, 17 Oct 2022 19:08:21 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id iw7-20020a170903044700b001782580ce9csm7279968plb.249.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 4/5] pstore: Refactor compression initialization Date: Mon, 17 Oct 2022 19:08:12 -0700 Message-Id: <20221018020815.2872331-4-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3635; h=from:subject; bh=GnPW7cHJLHzp4Ur4fA7Uqr/d5LRg10HGm2sjpwP9wQ4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbJcThe30sb8XabMHTpGedN4xQTi7dpmCn6Ia 6xJIvlKJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJj2ID/ 0cbUhMbp27GjX1utSX7bmwpWuk4vCfS965dpQWibESAGOrzxATO7v024sS07ZvcZhimNPxdBuP0l1R 3Nb/Wf+jhy+2st1CZcmkQtQJlBcQnfoCF0nYFPOFXScITibR7jFNp1tYOffw3ToSnRFenpS1yFGzdI FAlrcfhYIH4+ecaHqUzTTncAwgv0rftKiAS8UQwJYD9b0MhFt0ZhQe+WqzycDyS8Wh1dGwxGVXF9ni d6FFY93IHvoN6YVGpHwYOiiTWq4OPIbrz7K4qXhGhp3c4/EwIcwdF7wAAQWDoZCD1RdicyChazHNuO LYDmdF3SBcWKX4D40Z+F4ny4Yj1dkr0eYGd5CwOH/StDEcPLFZnxmENrCefQ+YB5BuYbroWeUCClN7 /huBIV8E30nxGUp7wlbDQdy3068Uern1UJcYOCa62BN2aEIWFnrz7GodxvaUPiLiS57GsABPVfDzX5 IoXCLhaAYGhG+6tlC9zY9nMRWDNDEB0drPm6ldJx7BsfmBvCz/hlHBlXWCLebKEp7e2JqdBHrFjxMp KlQVqhaDJcp5WOGPXeC+H772pVOWRqRRB63TFlVuglsrakUvEbjSasz/GJCqe2z779Cn9O6G3wONHH PGi5WMfJM0cApmg282NFC9bLeQ4x8EYVHxb4HiG7FB/pXc2402UlGkIL5oLg== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1746990226558805449?= X-GMAIL-MSGID: =?utf-8?q?1746990226558805449?= In preparation for calling zstd library compression routines, split the crypto-specific initialization into a separate init routine. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 71 +++++++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 210a4224edb4..4d883dc2e8a7 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -178,48 +178,29 @@ static int pstore_compress(const void *in, void *out, return -EINVAL; } -static void allocate_buf_for_compression(void) +static int allocate_crypto_buf(void) { struct crypto_comp *ctx; - int size; - char *buf; - /* Skip if not built-in or compression backend not selected yet. */ - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) - return; - - /* Skip if no pstore backend yet or compression init already done. */ - if (!psinfo || tfm) - return; + /* Skip if compression init already done. */ + if (tfm) + return 0; if (!crypto_has_comp(compress, 0, 0)) { pr_err("Unknown compression: %s\n", compress); - return; - } - - /* Worst-case compression should never be more than uncompressed. */ - size = psinfo->bufsize; - buf = kmalloc(size, GFP_KERNEL); - if (!buf) { - pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, compress); - return; + return -EINVAL; } ctx = crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { - kfree(buf); pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); - return; + return -ENOMEM; } - - /* A non-NULL big_oops_buf indicates compression is available. */ tfm = ctx; - big_oops_buf_sz = size; - big_oops_buf = buf; - pr_info("Using crash dump compression: %s\n", compress); + pr_info("Using crash dump compression: crypto API %s\n", compress); + return 0; } static void free_buf_for_compression(void) @@ -233,6 +214,38 @@ static void free_buf_for_compression(void) big_oops_buf_sz = 0; } +static void allocate_buf_for_compression(void) +{ + char *buf; + int rc; + + /* Skip if not built-in or compression backend not selected yet. */ + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) + return; + + /* Skip if no pstore backend yet. */ + if (!psinfo) + return; + + /* Initialize compression routines. */ + rc = allocate_crypto_buf(); + if (rc) + goto fail; + + /* Create common buffer for compression work. */ + buf = kmalloc(psinfo->bufsize, GFP_KERNEL); + if (!buf) + goto fail; + + /* A non-NULL big_oops_buf indicates compression is available. */ + big_oops_buf_sz = psinfo->bufsize; + big_oops_buf = buf; + return; + +fail: + free_buf_for_compression(); +} + /* * Called when compression fails, since the printk buffer * would be fetched for compression calling it again when @@ -589,6 +602,7 @@ static void decompress_record(struct pstore_record *record) { size_t unzipped_len; char *unzipped, *workspace; + int rc; if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; @@ -612,7 +626,8 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - if (pstore_decompress_crypto(record, workspace, &unzipped_len) != 0) { + rc = pstore_decompress_crypto(record, workspace, &unzipped_len); + if (rc) { kfree(workspace); return; } From patchwork Tue Oct 18 02:08:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 3895 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp1739512wrs; Mon, 17 Oct 2022 19:21:34 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4c99m2OZzTgoepgsLkfUZBy2uZfHCipsrW+1n0m8tCWNgTARpGQHvba7w0z9f1fpcB49r0 X-Received: by 2002:a17:907:60d5:b0:78d:f741:7f9b with SMTP id hv21-20020a17090760d500b0078df7417f9bmr539015ejc.314.1666059693793; Mon, 17 Oct 2022 19:21:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666059693; cv=none; d=google.com; s=arc-20160816; b=Rt2dPgIk2QlxAmu+UN33gL8F4YGYpVxhxKqm7pYMOKuQPQAASuwGx5VhUf0Xk+YJuC SN2GFwAamDwPPttGank8LebNrUm8HtyJS07tuG68O3CXfh8IqRAF9nDT5ilZO9ei2lnD 0dOqbGul2WWpW4iivB3neg1YBAjnwLi6MxDEkwUdPBPQR8BDZRWTyXdTZGey+/aFtDW7 q9WH1EfnWGUYMOjRWttauBQlDX+IG9kP9GYZwPB+Z5p2KqZM1tb7Hr/Y2bDZYNoHgOwy HMlC0EqTCJLkKjDzHns5+MXN8wAixZyM0f9tzqk6pfozssvTH2NdUTP9CP72aOixvcaS PpSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=0eI2F1zjXmBTETmofhjNKov77uB9NkgJMxb0Vr/ncTMiFY8lhcEG2XrVcVbDUXeD6N 7WLUjRShsbpxtwA4c0MxbgO1u8iRpLU6Nf96Jn6JmtMxVmN/ZZUBbWJrcO1ghHh26srY +9ECVpToUPch1IigVaeom4zlimXvQvn/e3QuPwhYcFcvBjl4HUgeREMu6ow+etDk+5XQ WpoG9Rpvt4HnNpdNejs0yCciL4485Fcr8W8VoLvxpATXTyI54CPNQZmqPJKj9GJhOCcf u7w2Dq79dtFLDLhlpAzRB35cxuB2ad6D8PJpQJMqic0tT8nUpImcsaiJuUkrV4NTRiw0 bVyA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ezyLTjrM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ti5-20020a170907c20500b007307fa2da78si8095964ejc.450.2022.10.17.19.21.04; Mon, 17 Oct 2022 19:21:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=ezyLTjrM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229945AbiJRCJO (ORCPT + 99 others); Mon, 17 Oct 2022 22:09:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32828 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230027AbiJRCIn (ORCPT ); Mon, 17 Oct 2022 22:08:43 -0400 Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C90937284C for ; Mon, 17 Oct 2022 19:08:40 -0700 (PDT) Received: by mail-pj1-x102b.google.com with SMTP id t12-20020a17090a3b4c00b0020b04251529so12631028pjf.5 for ; Mon, 17 Oct 2022 19:08:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=ezyLTjrM3Dn0zRtu72SFNG0CnEpp1bT63bETOd2sgVAX4wyvBiuKeStfHGQqcLyT0c gVDYu1L+NV1sUT55XXuC2KnIGY6mInWaLnQuPwZ0OWKrVkQgzv5C9d3BHfr/ahLIDZI+ DPOFNE01+2a7o4KLbVjTxkkKlLFYEWzfuT0vY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=GHnHNrhymUZyVQoWwWBbUqrAGmbbsekwJ9zw/xGkYTdJ2tvX+gjDTT65tpsty3kWPS JuSZIq97pFSVKKW8QwhsqBKTieWUxye6D0uhnXBcMwPOB/VyVguuRRmgMdhsmiImuRjy sTr2RsUqhpZSzLPY6jMu2JPFPwF5TpfGN30SOy6IpL74pN4SeWFEqJw9FazvGRMRDi/J lxxwDTvLqJYKsc6GVGiSe/KustRfFmglLwHELBB+yv9D+fokhF4oX/ZOrVy/Po817WzA lBvM/a0yrEdnTl5VRljtwW9bmIfq8zn9Jjzm59f5vms8lCdXXMYk+G9yhS2WtCjXHyTI 6lFA== X-Gm-Message-State: ACrzQf30h4Qdvfd88r5wkQMR76H+0S5eFHIvufn7Ad/lqd0M1VBo9eTo QaTHNRkwy/x4KHV/f1rlhmbvXg== X-Received: by 2002:a17:902:e542:b0:185:53ee:60cd with SMTP id n2-20020a170902e54200b0018553ee60cdmr690796plf.59.1666058904055; Mon, 17 Oct 2022 19:08:24 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i3-20020aa796e3000000b005625ef68eecsm7801373pfq.31.2022.10.17.19.08.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:21 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 5/5] pstore: Use zstd directly by default for compression Date: Mon, 17 Oct 2022 19:08:13 -0700 Message-Id: <20221018020815.2872331-5-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5821; h=from:subject; bh=sLRnNe7TSr1mUP3rC2Jvs34rMQHwsZo2peo8sm7nqHc=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqNgz5mFVDTEKh2ZTTBl7zsnZsWbaMExcRb5vXR gEu/gkyJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjQAKCRCJcvTf3G3AJkloEA Cx0DdUC7uHvpq0otB5MaffHQuDX/WFSqZOjbyZ3s4Ko7jTPVRaQ+0I5mgBLkr7XNi5anMUfD6E0dwW Jmj0GLm7TQQTNlNPjlWEh+sBwrakWkY0ogeMNlT2BEghzGrAehJtXAm1OVNpuGZG9zbkTl+YDmSoM0 R00snjAslMqT96UbreZhrfb3+PoH/Mp5KytWO7IR/wIbsZq2x1gbUssIdJ3PMUDV8YIrXyoXep26YD o+lEndpJ0LG+2doq/BH4MbiMXGGAuFjbhjfwlY3jVtGvBpJVjdF3/vD9ornpfamj5gK7MXGyGrWFZ+ s4H9gtlsoD2FGpj+wHerMCmOVqXyg7r4RQ9075mZ3Z8FqcfRwbj+Ywvm8ZExjTFbQnxaou3du24z8y oZ8/OLj58d/xW2gp9OTE4wFeQM736WRXGnmQQOCsfMms1EO8BbpnAZX6/Pc1adzCbOcSIHlqKiC6al lpEUsadqvEctXeAtBUc8w7/S/upt6CE8UOYLxyieiZC5rwWYTakzZjDvDi3nk4//DMjRjjL10ED3Ih b1VGqx9YEEvMtMiNg63YZzTzXFbXAG2UXtmiovUfzVMIXBT2NXjEl4nngk8zmuYqBgPGGpoxiNT60M 9iO/p2mSCGm6jRKhoFq+jeSqnGms3IfOyYPiGf2BV/Kd1JtkkkcGW8HSKHYQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1746990209540027211?= X-GMAIL-MSGID: =?utf-8?q?1746990209540027211?= If compression is desired, use zstd directly to avoid Crypto API overhead. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 11 +++++- fs/pstore/platform.c | 93 +++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 97 insertions(+), 7 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index a95b3981cb0e..1f05312c7479 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -25,7 +25,7 @@ config PSTORE_DEFAULT_KMSG_BYTES choice prompt "Panic dump compression" depends on PSTORE - default PSTORE_COMPRESS_CRYPTO + default PSTORE_COMPRESS help Choose whether and how to compress the panic dump output. This is usually only needed for very storage-constrained backends. @@ -38,6 +38,15 @@ choice available to from the Crypto API. Note that this may reserve non-trivial amounts of per-CPU memory. + config PSTORE_COMPRESS + bool "Use recommended best compression algorithm" + select CRYPTO_ZSTD + help + Use the compression routines currently deemed best suited + for panic dump compression. Currently, this is "zstd". + As this compression is used directly through its library + interface, no per-CPU memory is allocated by the Crypto API. + config PSTORE_COMPRESS_NONE bool "Do not compress panic dumps" help diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 4d883dc2e8a7..51d2801fc880 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "internal.h" @@ -72,13 +73,17 @@ module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); static char *compress __ro_after_init = -#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT - CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; +#ifdef CONFIG_PSTORE_COMPRESS + "zstd"; #else - NULL; -#endif +# ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; module_param(compress, charp, 0444); MODULE_PARM_DESC(compress, "compression to use"); +# else + NULL; +# endif +#endif /* How much of the kernel log to snapshot */ unsigned long kmsg_bytes = CONFIG_PSTORE_DEFAULT_KMSG_BYTES; @@ -88,6 +93,12 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to snapshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; +static zstd_cctx *cctx; +static zstd_dctx *dctx; +static void *cwksp; +static void *dwksp; +zstd_parameters zparams; + static char *big_oops_buf; static size_t big_oops_buf_sz; @@ -175,6 +186,14 @@ static int pstore_compress(const void *in, void *out, return 0; } + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS)) { + *outlen = zstd_compress_cctx(cctx, out, *outlen, in, inlen, + &zparams); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; + } + return -EINVAL; } @@ -203,12 +222,56 @@ static int allocate_crypto_buf(void) return 0; } +static int allocate_zstd_buf(void) +{ + size_t csize, dsize; + + /* Skip if compression init already done. */ + if (cctx) + return 0; + + zparams = zstd_get_params(3, 0); + csize = zstd_cctx_workspace_bound(&zparams.cParams); + dsize = zstd_dctx_workspace_bound(); + +#define init_ctx(dir, name) do { \ + dir##wksp = kzalloc(dir##size, GFP_KERNEL); \ + if (!dir##wksp) { \ + pr_err("Failed %zu byte %s " #name " allocation\n", \ + dir##size, compress); \ + return -ENOMEM; \ + } \ + dir##ctx = zstd_init_##dir##ctx(dir##wksp, dir##size); \ + if (!dir##ctx) { \ + pr_err("Failed %s " #name " context init\n", compress); \ + return -EINVAL; \ + } \ +} while (0) + + init_ctx(c, compress); + init_ctx(d, decompress); + +#undef init_wksp + + pr_info("Using crash dump compression: built-in %s\n", compress); + return 0; +} + static void free_buf_for_compression(void) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm = NULL; } + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && cctx) { + cctx = NULL; + dctx = NULL; + kfree(cwksp); + cwksp = NULL; + kfree(dwksp); + dwksp = NULL; + + } kfree(big_oops_buf); big_oops_buf = NULL; big_oops_buf_sz = 0; @@ -228,7 +291,10 @@ static void allocate_buf_for_compression(void) return; /* Initialize compression routines. */ - rc = allocate_crypto_buf(); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc = allocate_crypto_buf(); + else + rc = allocate_zstd_buf(); if (rc) goto fail; @@ -598,6 +664,16 @@ static int pstore_decompress_crypto(struct pstore_record *record, char *workspac return 0; } +static int pstore_decompress_zstd(struct pstore_record *record, + char *workspace, size_t *outlen) +{ + *outlen = zstd_decompress_dctx(dctx, workspace, *outlen, + record->buf, record->size); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; +} + static void decompress_record(struct pstore_record *record) { size_t unzipped_len; @@ -626,7 +702,12 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - rc = pstore_decompress_crypto(record, workspace, &unzipped_len); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc = pstore_decompress_crypto(record, workspace, + &unzipped_len); + else + rc = pstore_decompress_zstd(record, workspace, + &unzipped_len); if (rc) { kfree(workspace); return;