| Message ID | 20210526025625.601023-5-swboyd@chromium.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | slub: Print non-hashed pointers in slub debugging | expand |
Hi Stephen,
I love your patch! Perhaps something to improve:
[auto build test WARNING on d07f6ca923ea0927a1024dfccafc5b53b61cfecc]
url: https://github.com/0day-ci/linux/commits/Stephen-Boyd/slub-Print-non-hashed-pointers-in-slub-debugging/20210526-105816
base: d07f6ca923ea0927a1024dfccafc5b53b61cfecc
config: i386-tinyconfig (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build):
# https://github.com/0day-ci/linux/commit/1e3e0117436276faacd0217d89715df61021b4d2
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Stephen-Boyd/slub-Print-non-hashed-pointers-in-slub-debugging/20210526-105816
git checkout 1e3e0117436276faacd0217d89715df61021b4d2
# save the attached .config to linux build tree
make W=1 ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
lib/vsprintf.c: In function 'va_format':
lib/vsprintf.c:1663:2: warning: function 'va_format' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format]
1663 | buf += vsnprintf(buf, end > buf ? end - buf : 0, va_fmt->fmt, va);
| ^~~
lib/vsprintf.c: At top level:
>> lib/vsprintf.c:2189:12: warning: no previous prototype for 'no_hash_pointers_enable' [-Wmissing-prototypes]
2189 | int __init no_hash_pointers_enable(char *str)
| ^~~~~~~~~~~~~~~~~~~~~~~
vim +/no_hash_pointers_enable +2189 lib/vsprintf.c
2188
> 2189 int __init no_hash_pointers_enable(char *str)
2190 {
2191 if (no_hash_pointers)
2192 return 0;
2193
2194 no_hash_pointers = true;
2195
2196 pr_warn("**********************************************************\n");
2197 pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n");
2198 pr_warn("** **\n");
2199 pr_warn("** This system shows unhashed kernel memory addresses **\n");
2200 pr_warn("** via the console, logs, and other interfaces. This **\n");
2201 pr_warn("** might reduce the security of your system. **\n");
2202 pr_warn("** **\n");
2203 pr_warn("** If you see this message and you are not debugging **\n");
2204 pr_warn("** the kernel, report this immediately to your system **\n");
2205 pr_warn("** administrator! **\n");
2206 pr_warn("** **\n");
2207 pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n");
2208 pr_warn("**********************************************************\n");
2209
2210 return 0;
2211 }
2212 early_param("no_hash_pointers", no_hash_pointers_enable);
2213
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Hi Stephen,
I love your patch! Perhaps something to improve:
[auto build test WARNING on d07f6ca923ea0927a1024dfccafc5b53b61cfecc]
url: https://github.com/0day-ci/linux/commits/Stephen-Boyd/slub-Print-non-hashed-pointers-in-slub-debugging/20210526-105816
base: d07f6ca923ea0927a1024dfccafc5b53b61cfecc
config: powerpc-randconfig-r013-20210526 (attached as .config)
compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 99155e913e9bad5f7f8a247f8bb3a3ff3da74af1)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install powerpc cross compiling tool for clang build
# apt-get install binutils-powerpc-linux-gnu
# https://github.com/0day-ci/linux/commit/1e3e0117436276faacd0217d89715df61021b4d2
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Stephen-Boyd/slub-Print-non-hashed-pointers-in-slub-debugging/20210526-105816
git checkout 1e3e0117436276faacd0217d89715df61021b4d2
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=powerpc
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> lib/vsprintf.c:2189:12: warning: no previous prototype for function 'no_hash_pointers_enable' [-Wmissing-prototypes]
int __init no_hash_pointers_enable(char *str)
^
lib/vsprintf.c:2189:1: note: declare 'static' if the function is not intended to be used outside of this translation unit
int __init no_hash_pointers_enable(char *str)
^
static
1 warning generated.
vim +/no_hash_pointers_enable +2189 lib/vsprintf.c
2188
> 2189 int __init no_hash_pointers_enable(char *str)
2190 {
2191 if (no_hash_pointers)
2192 return 0;
2193
2194 no_hash_pointers = true;
2195
2196 pr_warn("**********************************************************\n");
2197 pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n");
2198 pr_warn("** **\n");
2199 pr_warn("** This system shows unhashed kernel memory addresses **\n");
2200 pr_warn("** via the console, logs, and other interfaces. This **\n");
2201 pr_warn("** might reduce the security of your system. **\n");
2202 pr_warn("** **\n");
2203 pr_warn("** If you see this message and you are not debugging **\n");
2204 pr_warn("** the kernel, report this immediately to your system **\n");
2205 pr_warn("** administrator! **\n");
2206 pr_warn("** **\n");
2207 pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n");
2208 pr_warn("**********************************************************\n");
2209
2210 return 0;
2211 }
2212 early_param("no_hash_pointers", no_hash_pointers_enable);
2213
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
On 5/26/21 4:56 AM, Stephen Boyd wrote: > Obscuring the pointers that slub shows when debugging makes for some > confusing slub debug messages: > > Padding overwritten. 0x0000000079f0674a-0x000000000d4dce17 > > Those addresses are hashed for kernel security reasons. If we're trying > to be secure with slub_debug on the commandline we have some big > problems given that we dump whole chunks of kernel memory to the kernel > logs. Let's force on the no_hash_pointers commandline flag when > slub_debug is on the commandline. This makes slub debug messages more > meaningful and if by chance a kernel address is in some slub debug > object dump we will have a better chance of figuring out what went > wrong. > > Note that we don't use %px in the slub code because we want to reduce > the number of places that %px is used in the kernel. This also nicely > prints a big fat warning at kernel boot if slub_debug is on the > commandline so that we know that this kernel shouldn't be used on > production systems. > > Signed-off-by: Stephen Boyd <swboyd@chromium.org> > --- > > I opted for extern because I guess we don't want to advertise > no_hash_pointers_enable() in some sort of header file? It can be put in > a header file Hm looks like the bots disagree. I suppose a declaration right above definition in lib/vsprintf.c would silence them, but I'll leave it to printk maintainers if they would prefer that way or traditionally include/linux/kernel.h > but I see that the no_hash_pointers variable is also not > in a header file but exported as symbol. Yeah it's only used by tests, and a variable doesn't need separate declaration. > lib/vsprintf.c | 2 +- > mm/slub.c | 6 ++++++ > 2 files changed, 7 insertions(+), 1 deletion(-) > > diff --git a/lib/vsprintf.c b/lib/vsprintf.c > index f0c35d9b65bf..cc281f5895f9 100644 > --- a/lib/vsprintf.c > +++ b/lib/vsprintf.c > @@ -2186,7 +2186,7 @@ char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode, > bool no_hash_pointers __ro_after_init; > EXPORT_SYMBOL_GPL(no_hash_pointers); > > -static int __init no_hash_pointers_enable(char *str) > +int __init no_hash_pointers_enable(char *str) > { > if (no_hash_pointers) > return 0; > diff --git a/mm/slub.c b/mm/slub.c > index bf4949115412..1c30436d3e6c 100644 > --- a/mm/slub.c > +++ b/mm/slub.c > @@ -4451,6 +4451,8 @@ static struct kmem_cache * __init bootstrap(struct kmem_cache *static_cache) > return s; > } > > +extern int no_hash_pointers_enable(char *str); > + > void __init kmem_cache_init(void) > { > static __initdata struct kmem_cache boot_kmem_cache, > @@ -4470,6 +4472,10 @@ void __init kmem_cache_init(void) > for_each_node_state(node, N_NORMAL_MEMORY) > node_set(node, slab_nodes); > > + /* Print slub debugging pointers without hashing */ > + if (static_branch_unlikely(&slub_debug_enabled)) > + no_hash_pointers_enable(NULL); > + > create_boot_cache(kmem_cache_node, "kmem_cache_node", > sizeof(struct kmem_cache_node), SLAB_HWCACHE_ALIGN, 0, 0); > >
On Wed 2021-05-26 12:48:47, Vlastimil Babka wrote: > On 5/26/21 4:56 AM, Stephen Boyd wrote: > > Obscuring the pointers that slub shows when debugging makes for some > > confusing slub debug messages: > > > > Padding overwritten. 0x0000000079f0674a-0x000000000d4dce17 > > > > I opted for extern because I guess we don't want to advertise > > no_hash_pointers_enable() in some sort of header file? It can be put in > > a header file > > Hm looks like the bots disagree. I suppose a declaration right above definition > in lib/vsprintf.c would silence them, but I'll leave it to printk maintainers if > they would prefer that way or traditionally > include/linux/kernel.h I slightly prefer to put it into kernel.h. I expect that some more debugging facilities would want to enable this in the future. But I would accept even the "ugly" declaration in vsprintf.c. Best Regards, Petr
Quoting Petr Mladek (2021-05-26 06:47:23) > On Wed 2021-05-26 12:48:47, Vlastimil Babka wrote: > > On 5/26/21 4:56 AM, Stephen Boyd wrote: > > > Obscuring the pointers that slub shows when debugging makes for some > > > confusing slub debug messages: > > > > > > Padding overwritten. 0x0000000079f0674a-0x000000000d4dce17 > > > > > > I opted for extern because I guess we don't want to advertise > > > no_hash_pointers_enable() in some sort of header file? It can be put in > > > a header file > > > > Hm looks like the bots disagree. I suppose a declaration right above definition > > in lib/vsprintf.c would silence them, but I'll leave it to printk maintainers if > > they would prefer that way or traditionally > > include/linux/kernel.h > > I slightly prefer to put it into kernel.h. I expect that some more > debugging facilities would want to enable this in the future. > But I would accept even the "ugly" declaration in vsprintf.c. Ok no problem. Would printk.h be more appropriate?
On Wed 2021-05-26 15:27:37, Stephen Boyd wrote: > Quoting Petr Mladek (2021-05-26 06:47:23) > > On Wed 2021-05-26 12:48:47, Vlastimil Babka wrote: > > > On 5/26/21 4:56 AM, Stephen Boyd wrote: > > > > Obscuring the pointers that slub shows when debugging makes for some > > > > confusing slub debug messages: > > > > > > > > Padding overwritten. 0x0000000079f0674a-0x000000000d4dce17 > > > > > > > > I opted for extern because I guess we don't want to advertise > > > > no_hash_pointers_enable() in some sort of header file? It can be put in > > > > a header file > > > > > > Hm looks like the bots disagree. I suppose a declaration right above definition > > > in lib/vsprintf.c would silence them, but I'll leave it to printk maintainers if > > > they would prefer that way or traditionally > > > include/linux/kernel.h > > > > I slightly prefer to put it into kernel.h. I expect that some more > > debugging facilities would want to enable this in the future. > > But I would accept even the "ugly" declaration in vsprintf.c. > > Ok no problem. Would printk.h be more appropriate? kernel.h looks more appropriate to me. vsprintf-related are there and no_hash_pointers is implemented and handled in vsprintf.c. Best Regards, Petr
diff --git a/lib/vsprintf.c b/lib/vsprintf.c index f0c35d9b65bf..cc281f5895f9 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -2186,7 +2186,7 @@ char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode, bool no_hash_pointers __ro_after_init; EXPORT_SYMBOL_GPL(no_hash_pointers); -static int __init no_hash_pointers_enable(char *str) +int __init no_hash_pointers_enable(char *str) { if (no_hash_pointers) return 0; diff --git a/mm/slub.c b/mm/slub.c index bf4949115412..1c30436d3e6c 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -4451,6 +4451,8 @@ static struct kmem_cache * __init bootstrap(struct kmem_cache *static_cache) return s; } +extern int no_hash_pointers_enable(char *str); + void __init kmem_cache_init(void) { static __initdata struct kmem_cache boot_kmem_cache, @@ -4470,6 +4472,10 @@ void __init kmem_cache_init(void) for_each_node_state(node, N_NORMAL_MEMORY) node_set(node, slab_nodes); + /* Print slub debugging pointers without hashing */ + if (static_branch_unlikely(&slub_debug_enabled)) + no_hash_pointers_enable(NULL); + create_boot_cache(kmem_cache_node, "kmem_cache_node", sizeof(struct kmem_cache_node), SLAB_HWCACHE_ALIGN, 0, 0);
Obscuring the pointers that slub shows when debugging makes for some confusing slub debug messages: Padding overwritten. 0x0000000079f0674a-0x000000000d4dce17 Those addresses are hashed for kernel security reasons. If we're trying to be secure with slub_debug on the commandline we have some big problems given that we dump whole chunks of kernel memory to the kernel logs. Let's force on the no_hash_pointers commandline flag when slub_debug is on the commandline. This makes slub debug messages more meaningful and if by chance a kernel address is in some slub debug object dump we will have a better chance of figuring out what went wrong. Note that we don't use %px in the slub code because we want to reduce the number of places that %px is used in the kernel. This also nicely prints a big fat warning at kernel boot if slub_debug is on the commandline so that we know that this kernel shouldn't be used on production systems. Signed-off-by: Stephen Boyd <swboyd@chromium.org> --- I opted for extern because I guess we don't want to advertise no_hash_pointers_enable() in some sort of header file? It can be put in a header file but I see that the no_hash_pointers variable is also not in a header file but exported as symbol. lib/vsprintf.c | 2 +- mm/slub.c | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-)