From patchwork Tue Oct 18 02:08:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13009794 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C66FC433FE for ; Tue, 18 Oct 2022 02:09:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230163AbiJRCJP (ORCPT ); Mon, 17 Oct 2022 22:09:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231224AbiJRCIu (ORCPT ); Mon, 17 Oct 2022 22:08:50 -0400 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 69E611A20E for ; Mon, 17 Oct 2022 19:08:37 -0700 (PDT) Received: by mail-pl1-x62f.google.com with SMTP id c24so12501603plo.3 for ; Mon, 17 Oct 2022 19:08:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=KIJuGjNT3LS85ZDwhI1QK3bDVaC4AE+6gjeWhM49s+JH+xpYFFcPNFFUvO5z97nWc8 3qHYOvMSCMWKhgCUK8jfsgwo94QfZqPwZA0oEE9N75VRfhpgSur4kI1JiPgUTYXCuRtD WfbWOlFE7BmzofG7f2xA8rqRZNKp1xI7XjZ8I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=z1PmKew0BrxngCYBxSlmexd5gZjDJae8fmJY34pFol50MidtRrLUJ+Y8UGNrKzEqDE 8nVTCDQK6O+/xZqXznPPLpT4G+GGPSGVPq79tY6/0cie7RzEHsoDMOa6f98ZE/qvCkjp KIfeVqi6VrNqjmIVtgkUjA0Que3gWVm2PrLE9NMf/dX0VtBIaT8q4QobEPvf7ekbxGty g/F5Oy/PYF02JY4ADD1J6AG+4ZZxkhuD0Bcpv9gg65/EcCw+Z2D2stZ1vas8yeTu43ct VIG6+HLBnEjzRY8fDqAvPgVF0vxelue7ZemiGB9L+cyjUWOX8Lo3iMQxXYVgC5HC//T2 YWPw== X-Gm-Message-State: ACrzQf34vCwp34GqKABsq/mWVXcmna+/RlKzUncGI2zK0lupo7l1drAi IX7YecvFbv5C+gPGTiHQTdVOKA== X-Google-Smtp-Source: AMsMyM5bR1UuDGWR0RD1MGC8amr4BEf8QetflWgXyBl3g52ZWS8Y8D0p6XKIXe5AgoTtNKQKFdQARg== X-Received: by 2002:a17:903:11c3:b0:17a:e62:16e8 with SMTP id q3-20020a17090311c300b0017a0e6216e8mr612463plh.137.1666058899859; Mon, 17 Oct 2022 19:08:19 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id c8-20020a170903234800b0017d061a6119sm7312776plh.116.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/5] pstore: Remove worse-case compression size logic Date: Mon, 17 Oct 2022 19:08:09 -0700 Message-Id: <20221018020815.2872331-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5455; h=from:subject; bh=+tMHCZOTPIvRa0mUTcXlg2VCSU1nRw7kMkBTASHQke4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMQlVArORJD6vwQmAGDxw2yPxs+T03ESP4BWrt w84R/kSJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJgQSD/ wNUsf8repH9xHlLCpz/CMMet6C6UcVL2z7D/aT4lcyu0GVdX/RrntIC8lEj7SJN7EQdzrZEHkqjPOe bklsLC/TaHdCVVYaJQnX921X+jU7Abf6S+prdr067yp1N1/I744jauGm99Sj38EMNad1xrEvn1PJcn SDcoAjNiYgS/FZtEjfewNPmZ0bXFioCpc0SCgfbeO12BThhkCI33MWC010Ihjupoytpbs8Ks8bB8xT cU+YxWO/rh4RhIkKO/Bl7vXnRtDFnz2XqwaoDrQjGYVo7YB9e2K1SIefAvQMRyjrWi0V0PsuTNn/zc j5t3pDG2o+Y/jTywGSZqdAsMvQOl6jjHwG+jUswIrjtH6XwAZQXbk6nsQwSuSuqZq69Qs+5rQJEBes OpxlD5SOpU03hzZnFdId1wn/YWs7G58Q6hDr3Bv4dh9xKWJ5LcvrR+4gdI4oV9/istb5krrPYzDFtB pErJjTAD5Sz9g16VL6U8pNSZpZVw3hXsP6ShpA7Dazjv5DExoJ4qsgco7mprLEnEoK/Ge72MQjHq51 JSzVidOSLPIq+FMcAALcrw8TMCFWAaZuClsddg6CJmkAw4KtdYqIym5otPCNS1iN/lhqCRx/fkCqXn /ahzhUBhLVdmH5t+vkcWyNiDr8Cd7Tdt994hwFqcjd8njG+BHaRDiFNSZfvw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org The worst case compression size is always the size of the uncompressed data itself so avoid perfectly optimizing the oops buffer size. Hugely simplifies the code. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 144 +++---------------------------------------- 1 file changed, 9 insertions(+), 135 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index cbc0b468c1ab..ef0bc3ae161b 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -97,11 +97,6 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to snapshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; -struct pstore_zbackend { - int (*zbufsize)(size_t size); - const char *name; -}; - static char *big_oops_buf; static size_t big_oops_buf_sz; @@ -168,105 +163,6 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) } } -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) -static int zbufsize_deflate(size_t size) -{ - size_t cmpr; - - switch (size) { - /* buffer range for efivars */ - case 1000 ... 2000: - cmpr = 56; - break; - case 2001 ... 3000: - cmpr = 54; - break; - case 3001 ... 3999: - cmpr = 52; - break; - /* buffer range for nvram, erst */ - case 4000 ... 10000: - cmpr = 45; - break; - default: - cmpr = 60; - break; - } - - return (size * 100) / cmpr; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -static int zbufsize_lzo(size_t size) -{ - return lzo1x_worst_compress(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) -static int zbufsize_lz4(size_t size) -{ - return LZ4_compressBound(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) -static int zbufsize_842(size_t size) -{ - return size; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -static int zbufsize_zstd(size_t size) -{ - return zstd_compress_bound(size); -} -#endif - -static const struct pstore_zbackend *zbackend __ro_after_init; - -static const struct pstore_zbackend zbackends[] = { -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) - { - .zbufsize = zbufsize_deflate, - .name = "deflate", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) - { - .zbufsize = zbufsize_lzo, - .name = "lzo", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) - { - .zbufsize = zbufsize_lz4, - .name = "lz4", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) - { - .zbufsize = zbufsize_lz4, - .name = "lz4hc", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) - { - .zbufsize = zbufsize_842, - .name = "842", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) - { - .zbufsize = zbufsize_zstd, - .name = "zstd", - }, -#endif - { } -}; - static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { @@ -291,36 +187,31 @@ static void allocate_buf_for_compression(void) char *buf; /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !zbackend) + if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) return; /* Skip if no pstore backend yet or compression init already done. */ if (!psinfo || tfm) return; - if (!crypto_has_comp(zbackend->name, 0, 0)) { - pr_err("Unknown compression: %s\n", zbackend->name); - return; - } - - size = zbackend->zbufsize(psinfo->bufsize); - if (size <= 0) { - pr_err("Invalid compression size for %s: %d\n", - zbackend->name, size); + if (!crypto_has_comp(compress, 0, 0)) { + pr_err("Unknown compression: %s\n", compress); return; } + /* Worst-case compression should never be more than uncompressed. */ + size = psinfo->bufsize; buf = kmalloc(size, GFP_KERNEL); if (!buf) { pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, zbackend->name); + size, compress); return; } - ctx = crypto_alloc_comp(zbackend->name, 0, 0); + ctx = crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { kfree(buf); - pr_err("crypto_alloc_comp('%s') failed: %ld\n", zbackend->name, + pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); return; } @@ -330,7 +221,7 @@ static void allocate_buf_for_compression(void) big_oops_buf_sz = size; big_oops_buf = buf; - pr_info("Using crash dump compression: %s\n", zbackend->name); + pr_info("Using crash dump compression: %s\n", compress); } static void free_buf_for_compression(void) @@ -818,27 +709,10 @@ static void pstore_timefunc(struct timer_list *unused) pstore_timer_kick(); } -static void __init pstore_choose_compression(void) -{ - const struct pstore_zbackend *step; - - if (!compress) - return; - - for (step = zbackends; step->name; step++) { - if (!strcmp(compress, step->name)) { - zbackend = step; - return; - } - } -} - static int __init pstore_init(void) { int ret; - pstore_choose_compression(); - /* * Check if any pstore backends registered earlier but did not * initialize compression because crypto was not ready. If so, From patchwork Tue Oct 18 02:08:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13009796 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6BC9FC4167D for ; Tue, 18 Oct 2022 02:09:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229895AbiJRCJR (ORCPT ); Mon, 17 Oct 2022 22:09:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33222 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231337AbiJRCI6 (ORCPT ); Mon, 17 Oct 2022 22:08:58 -0400 Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DC4D8748C9 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) Received: by mail-oi1-x22d.google.com with SMTP id w196so14149176oiw.8 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=NwNNyZ5Wb03KNiJhkFaOysaWhHo6lNizPNjKIi4CbPvS6pVTgMh50mv7INFYyuW8a6 kR3Kzootcf5Q7/OePmjcvl0M1ECOirL7jq0lnseGrS+XkVMmc3wstnkJEQy0KCkbml/j EHPaSGukxSVTz0OFFdebK0v/c10ovejMsD3qg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=gpsVsDC/3yA2ftEAF7FB7o9N/NvahdrS2ksMKcdTGuzAcSo2/J3yW8d/PDdtgkHDlm jEy5WRgqk3oreNdCeeVkG4EHhLHVTm8IGbu8pAjc63JSOacK32xuxNXExYA10aoxmTto QpSVf+tHhCXSLfBX/1OWrksl3HvCOpF0FUmH/dTdNOBT5diGwgHWEFXaybR+yfe/czmw RZczOXH8SeoiPRGuMNrugwX/pc3okXusjXmCvYWOcyP8aYkeJFzkRQClX0jjtJ/REGh6 T2C13B/SCcH1VGr8zHft6YbFcC02UTLuE2OSVL67kB1cHCtn44O2v6T3y4QO41g7Be4X B4KA== X-Gm-Message-State: ACrzQf22bWJjdfUA27ryQLhsS3NZPkWl1T49Y/YvS62dCBpqY+RSJTCZ nmi+ot+wvFl7lk2iWUNlFg0VEZseM4FBNw== X-Google-Smtp-Source: AMsMyM6V5SLuc+cJSz5kpkL2t47DjSmr/J/X0Am3hm0EyaT5eZJmd16vVHaB/3yRCDgTErjFU4UfoA== X-Received: by 2002:a17:90b:692:b0:203:6c21:b4aa with SMTP id m18-20020a17090b069200b002036c21b4aamr35534172pjz.227.1666058900664; Mon, 17 Oct 2022 19:08:20 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i10-20020a170902c94a00b00179f370dbe7sm7290666pla.287.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/5] pstore: Allow for arbitrary compression algorithm Date: Mon, 17 Oct 2022 19:08:10 -0700 Message-Id: <20221018020815.2872331-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=7760; h=from:subject; bh=uc0kl+a6TRA5+6XFgJLw6TULSMAzOvGGUCrsT4ONIEQ=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbyBNAMou3xirdeIaCwW74Lc8wdvstFfBCHL4 YvkAb9eJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJg2mD/ 4w2fvpDNRN1D3IMtBm5CqUw6M66DMdJv5Rq9IeVdTvcGKOCQXOloxOx2Kb87Ut54OsTz/sQVeWov9K j+HR6jVxFiq2kKFSP/kJH6RTIyTK/3QwN0Ocw43Aqtg8qZGMx/gShBINNtVDhJ0buKILEduEhleF5F /lzkv49eXy9dXWiMedinSBfu6ImScEtd25ym/aekGxbs66tcHySFjb0GN+TW7GTjw1vTTZThi0pejJ /mO7YyshqePq3cmiMQk43j0NItwXL+Vavk92Mp1ZeAb4PB636UntywH4uNtj8I0Ho2s/wWPHeTFhAA tkZhDwkv4MovVNZ0UdfdIH7iC5zeVxTnFPidM0wgOi3lGAEBtkYHTKjyImKs/VtBeuIYw8vpAzt7dv lW1n9bVVeYYk3xPVimBaY/vsjy6eKH51PwqwWduQHba6H5vv0X1m9huhQao842Pde8jTxZiA5i7e3G 8g8/h5pPHoxqZ1P1HWdDtRWdJVH65DsseUcXVBnaK+MGCSd89ciXaqNSaiJ0WG82swVia9YZEvBm2n E5kBZxNvdeySPLgMoRdRfHI9X8JCQiZhbQwBmq+u4aZ/Ev2tNTd5cbmwtAnQvrX5I7ivkqrC1irznU raF+bf9m0wrDMA/10vca2++0FDSwjv+kSHfH5cmAQJ+gxdNBeHY134R6+ghw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org Since there is no longer a need for figuring out worst-case compression size, there is no reason to limit the compression algorithm choice. Greatly simplifies Kconfig. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 122 ++++++++++++------------------------------- fs/pstore/platform.c | 39 ++++++-------- 2 files changed, 47 insertions(+), 114 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index 8adabde685f1..a95b3981cb0e 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -22,99 +22,41 @@ config PSTORE_DEFAULT_KMSG_BYTES Defines default size of pstore kernel log storage. Can be enlarged if needed, not recommended to shrink it. -config PSTORE_DEFLATE_COMPRESS - tristate "DEFLATE (ZLIB) compression" - default y - depends on PSTORE - select CRYPTO_DEFLATE - help - This option enables DEFLATE (also known as ZLIB) compression - algorithm support. - -config PSTORE_LZO_COMPRESS - tristate "LZO compression" - depends on PSTORE - select CRYPTO_LZO - help - This option enables LZO compression algorithm support. - -config PSTORE_LZ4_COMPRESS - tristate "LZ4 compression" - depends on PSTORE - select CRYPTO_LZ4 - help - This option enables LZ4 compression algorithm support. - -config PSTORE_LZ4HC_COMPRESS - tristate "LZ4HC compression" - depends on PSTORE - select CRYPTO_LZ4HC - help - This option enables LZ4HC (high compression) mode algorithm. - -config PSTORE_842_COMPRESS - bool "842 compression" - depends on PSTORE - select CRYPTO_842 - help - This option enables 842 compression algorithm support. - -config PSTORE_ZSTD_COMPRESS - bool "zstd compression" - depends on PSTORE - select CRYPTO_ZSTD - help - This option enables zstd compression algorithm support. - -config PSTORE_COMPRESS - def_bool y - depends on PSTORE - depends on PSTORE_DEFLATE_COMPRESS || PSTORE_LZO_COMPRESS || \ - PSTORE_LZ4_COMPRESS || PSTORE_LZ4HC_COMPRESS || \ - PSTORE_842_COMPRESS || PSTORE_ZSTD_COMPRESS - choice - prompt "Default pstore compression algorithm" - depends on PSTORE_COMPRESS - help - This option chooses the default active compression algorithm. - This change be changed at boot with "pstore.compress=..." on - the kernel command line. - - Currently, pstore has support for 6 compression algorithms: - deflate, lzo, lz4, lz4hc, 842 and zstd. - - The default compression algorithm is deflate. - - config PSTORE_DEFLATE_COMPRESS_DEFAULT - bool "deflate" if PSTORE_DEFLATE_COMPRESS - - config PSTORE_LZO_COMPRESS_DEFAULT - bool "lzo" if PSTORE_LZO_COMPRESS - - config PSTORE_LZ4_COMPRESS_DEFAULT - bool "lz4" if PSTORE_LZ4_COMPRESS - - config PSTORE_LZ4HC_COMPRESS_DEFAULT - bool "lz4hc" if PSTORE_LZ4HC_COMPRESS - - config PSTORE_842_COMPRESS_DEFAULT - bool "842" if PSTORE_842_COMPRESS - - config PSTORE_ZSTD_COMPRESS_DEFAULT - bool "zstd" if PSTORE_ZSTD_COMPRESS - + prompt "Panic dump compression" + depends on PSTORE + default PSTORE_COMPRESS_CRYPTO + help + Choose whether and how to compress the panic dump output. This + is usually only needed for very storage-constrained backends. + + config PSTORE_COMPRESS_CRYPTO + bool "Use an arbitrary compression algorithm via the Crypto API" + help + If the default compression algorithm from PSTORE_COMPRESS + is not desired, an arbitrary one can be chosen if it is + available to from the Crypto API. Note that this may reserve + non-trivial amounts of per-CPU memory. + + config PSTORE_COMPRESS_NONE + bool "Do not compress panic dumps" + help + Do not compress the panic dump output. This leave the + output easily readable in memory, if non-pstore forensics + tools want to examine the contents easily. endchoice -config PSTORE_COMPRESS_DEFAULT - string - depends on PSTORE_COMPRESS - default "deflate" if PSTORE_DEFLATE_COMPRESS_DEFAULT - default "lzo" if PSTORE_LZO_COMPRESS_DEFAULT - default "lz4" if PSTORE_LZ4_COMPRESS_DEFAULT - default "lz4hc" if PSTORE_LZ4HC_COMPRESS_DEFAULT - default "842" if PSTORE_842_COMPRESS_DEFAULT - default "zstd" if PSTORE_ZSTD_COMPRESS_DEFAULT +config PSTORE_COMPRESS_CRYPTO_DEFAULT + string "Crypto API compression algorithm" + depends on PSTORE_COMPRESS_CRYPTO + default "zstd" + help + This option chooses the default active compression algorithm, + and can be changed at boot with "pstore.compress=..." on the + kernel command line. The chosen compression algorithm needs to + be available to the crypto subsystem for it to be usable by + pstore. For example, "zstd" needs CONFIG_CRYPTO_ZSTD, "deflate" + needs CONFIG_CRYPTO_DEFLATE, etc. config PSTORE_CONSOLE bool "Log kernel console messages" diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index ef0bc3ae161b..1f01c4b904fc 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -16,15 +16,6 @@ #include #include #include -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -#include -#endif #include #include #include @@ -80,9 +71,9 @@ static char *backend; module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); -static char *compress = -#ifdef CONFIG_PSTORE_COMPRESS_DEFAULT - CONFIG_PSTORE_COMPRESS_DEFAULT; +static char *compress __ro_after_init = +#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; #else NULL; #endif @@ -166,18 +157,18 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { - int ret; + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + int ret; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS)) - return -EINVAL; - - ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); - if (ret) { - pr_err("crypto_comp_compress failed, ret = %d!\n", ret); - return ret; + ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (ret) { + pr_err("crypto_comp_compress failed, ret = %d!\n", ret); + return ret; + } + return outlen; } - return outlen; + return -EINVAL; } static void allocate_buf_for_compression(void) @@ -187,7 +178,7 @@ static void allocate_buf_for_compression(void) char *buf; /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) return; /* Skip if no pstore backend yet or compression init already done. */ @@ -226,7 +217,7 @@ static void allocate_buf_for_compression(void) static void free_buf_for_compression(void) { - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && tfm) { + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm = NULL; } @@ -578,7 +569,7 @@ static void decompress_record(struct pstore_record *record) int unzipped_len; char *unzipped, *workspace; - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !record->compressed) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; /* Only PSTORE_TYPE_DMESG support compression. */ From patchwork Tue Oct 18 02:08:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13009791 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A6333C4332F for ; Tue, 18 Oct 2022 02:09:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230502AbiJRCJN (ORCPT ); Mon, 17 Oct 2022 22:09:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32862 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229838AbiJRCIn (ORCPT ); Mon, 17 Oct 2022 22:08:43 -0400 Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D2F248E788 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) Received: by mail-pl1-x62d.google.com with SMTP id f23so12478371plr.6 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=Ejf9T48sPy2SQkDkKO3qeRvLhxySNSJCnDu6Xwwm0S7fucUsPGGdILc95lmBN0JR7m gYaf/SfNGV6HQ6L9OtG6dvMIzzfhmlStyUx496rhLALi/gn3WEbiVIF9qqOQOYX3a6PM SssrKHd8ghM4DgybtJLu0nA1WEx8YJwQquFFk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=KKNnGG8+WGYpinApcsB9VnipFdvtQgYmGJAeqXMmBfNSzhplf3FnQrjnmzeJowRQHv goU2bKF/ZlYvvQpWQ76HNd68NLkh669Aid9kRFWd5rwmw8xZQWMvB1bM4Sn9H+PCrQND wMUs9HY0fLL4Y/p2KlyBqzQAKTneEgIUlGqVEMKAunEWNdXWHsLPLFKtYTum8XEqYuJp 6zfzX9Kup24CABY9+gRXDkWDAXAT1TLVbjdpqSTGXrmoG7nI9aliz9RsKYhqpQ/drii4 kHyQRSKu/726RXH0tFrAQtKPlsmTLil/FLtOTlJhGih9pchgY0C36FSFp8+UPgcPYdk8 FBGg== X-Gm-Message-State: ACrzQf2EEae7Z1+8oaeisFNNJx1rCXZ/lw8T+A2a9Fc/+3ehYpgLPmmG G7t9L/k+cXWWBAPDYjAwxYGRY6zBGxbh4A== X-Google-Smtp-Source: AMsMyM6J95gTGuLusRFaCvMsJ0bdX7wowAFXXKCq11iWsbGo/OW/s7BeFJ9B9qNpiVJe61pC54CP5w== X-Received: by 2002:a17:902:d484:b0:17f:7437:565d with SMTP id c4-20020a170902d48400b0017f7437565dmr630248plg.154.1666058898335; Mon, 17 Oct 2022 19:08:18 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id d4-20020a631d04000000b00460d89df1f1sm6797003pgd.57.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 3/5] pstore: Use size_t for compress/decompression type widths Date: Mon, 17 Oct 2022 19:08:11 -0700 Message-Id: <20221018020815.2872331-3-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3370; h=from:subject; bh=d80Gw6VCQNtp9Ez6pYN9gROZhqnl6PYG6krL4B0B4o4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMos88G1DeCsiRQXnCR4zXLwb9UDI3ISAB1F4o GocmFImJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJn12D/ 0aQ1ZAKOJEY9arwChs4OA2uRV6oYgtpEV0Vqbf1CrNEqoszswyKm83dWZjIsQfDaPkTVXUrt6AaAZh KhXqXry8mtOn2Q/8OvPkeiux7ChBtIMTyYzbb82dVlxgiTZF/MbOh/O0HHOHy40gXWM4qC8UzEnbMP uhk/JxGuOJNsItMrrG+h+z4sr7eN16+mpbjEGqnMbyTm0CaT1zh3oLULl0eYluGQOlfKBIwygVuWf2 Zuca9gRFaF+R5kukMrkDAaS9RTJT8z3znNqCwGKh1Wi6/1JZxmNNmq0YraSEJOEEejK0oEX8GLE0JV EgMkXBbQSG0X5cLREwp7RRC7Ej5T6OuKJMVqAP8eONNDoYls82NtGDB0mQkPDTVj+0cRHNt/6CXt+H UKM6TqbO9HBC8iBW4iYp/pr78AHpecShCoGdvgewKjJUxkF32lHh92QjTaNhcWp5Y4a4PNIu4eM+0R KX+HxTicQMjInWMcHgBfKfROug3RZeANjLebFqVC2rvESIcgiUmevJTLRQ4tNu5MfD9uhLfMps8jfO HVPHeOiGO3p29tj9QsMNRBSnZ+k5O/qeR1Lk7NWTHbqJ94e7sTubSLZblRTgM7U3AGOUbEgSrNu7DB +e7GlQxFJ4q/mulBqu19pB7ZbgBQtp4qKvHdgqnzU5feIHA2nmD+MH+HY4MQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org In preparation for adding direct library calls for zstd, refactor routines to use normalized compress/decompression type widths of size_t. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 47 ++++++++++++++++++++++++++++++-------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 1f01c4b904fc..210a4224edb4 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -155,17 +155,24 @@ static bool pstore_cannot_block_path(enum kmsg_dump_reason reason) } static int pstore_compress(const void *in, void *out, - unsigned int inlen, unsigned int outlen) + size_t inlen, size_t *outlen) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + unsigned int crypto_outlen; int ret; - ret = crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (inlen > UINT_MAX || *outlen > UINT_MAX) + return -EINVAL; + + crypto_outlen = *outlen; + ret = crypto_comp_compress(tfm, in, inlen, out, &crypto_outlen); if (ret) { pr_err("crypto_comp_compress failed, ret = %d!\n", ret); return ret; } - return outlen; + + *outlen = crypto_outlen; + return 0; } return -EINVAL; @@ -297,7 +304,6 @@ static void pstore_dump(struct kmsg_dumper *dumper, char *dst; size_t dst_size; int header_size; - int zipped_len = -1; size_t dump_size; struct pstore_record record; @@ -327,11 +333,11 @@ static void pstore_dump(struct kmsg_dumper *dumper, break; if (big_oops_buf) { - zipped_len = pstore_compress(dst, psinfo->buf, - header_size + dump_size, - psinfo->bufsize); + size_t zipped_len = psinfo->bufsize; - if (zipped_len > 0) { + if (pstore_compress(dst, psinfo->buf, + header_size + dump_size, + &zipped_len) == 0) { record.compressed = true; record.size = zipped_len; } else { @@ -563,10 +569,25 @@ void pstore_unregister(struct pstore_info *psi) } EXPORT_SYMBOL_GPL(pstore_unregister); -static void decompress_record(struct pstore_record *record) +static int pstore_decompress_crypto(struct pstore_record *record, char *workspace, size_t *outlen) { + unsigned int crypto_outlen = *outlen; int ret; - int unzipped_len; + + ret = crypto_comp_decompress(tfm, record->buf, record->size, + workspace, &crypto_outlen); + if (ret) { + pr_err("crypto_comp_decompress failed, ret = %d!\n", ret); + return 0; + } + + *outlen = crypto_outlen; + return 0; +} + +static void decompress_record(struct pstore_record *record) +{ + size_t unzipped_len; char *unzipped, *workspace; if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) @@ -591,11 +612,7 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - /* After decompression "unzipped_len" is almost certainly smaller. */ - ret = crypto_comp_decompress(tfm, record->buf, record->size, - workspace, &unzipped_len); - if (ret) { - pr_err("crypto_comp_decompress failed, ret = %d!\n", ret); + if (pstore_decompress_crypto(record, workspace, &unzipped_len) != 0) { kfree(workspace); return; } From patchwork Tue Oct 18 02:08:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13009793 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D72B4C4332F for ; Tue, 18 Oct 2022 02:09:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229955AbiJRCJO (ORCPT ); Mon, 17 Oct 2022 22:09:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60462 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231235AbiJRCIu (ORCPT ); Mon, 17 Oct 2022 22:08:50 -0400 Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7A2C12A261 for ; Mon, 17 Oct 2022 19:08:39 -0700 (PDT) Received: by mail-pf1-x42e.google.com with SMTP id y1so12779654pfr.3 for ; Mon, 17 Oct 2022 19:08:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=KwORkaYqVW4DcwQBe8fKyiUBV3lL2VI45MbBjyL5evrubabQAAlJRmEOYoDNPnKOoo IOosyef4qN2cVWORGlutYO9mKfNcT+WQs7HdI9dtzAE52Yfec3xVxA3WT2S73LIqj7EE T59NJkFkzwgnTSUFSnQR8PYEwUGY0Ul3q8MYY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=ilf6nmmV+q6nHIae+NGobH1sM1ON2Zm8e+Vg4J8xgLvxCQa3N8TSD4q6PcZizq0qu6 Ztvus3TfDjWPxfNHYFTtbEVMF1sdW2LF8gTG2CtQUojznsbm2jAY/cdOOX9iVFZQL5n6 kZ5TnpcpRGafydX/C0LePfGyZPTQC7tt/TEQyYjei704VTukBdhUrjsaGt6repSJqvsz 7NObY5rsshaIh0EhDTPs/bksjfSIcc+y3S8D65vooH+z4h7f8gH0PMKtrVB0ufNfJ0FH QgwTcd4vUdZIe/uM4l8aS/oYb8wTr6S1RxPZp9jDFn/IISq55dkKpryHSax93ELXEaDJ DEeQ== X-Gm-Message-State: ACrzQf2i0YvVbj++6FE82wFBf5RCGtpfqpowunvOXpt1uv94WAKVTDFf L+bBxZLdeVPC7YTssSHxbDo0JA== X-Google-Smtp-Source: AMsMyM42u1mNW0p5VK4cM4i2NzHA/27NsVEfd9Qw1q5ppuQOHIT1iM9sM9cmyu5y2JRmKhPxecsw6Q== X-Received: by 2002:a05:6a00:150c:b0:563:9f05:bd68 with SMTP id q12-20020a056a00150c00b005639f05bd68mr806021pfu.44.1666058901438; Mon, 17 Oct 2022 19:08:21 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id iw7-20020a170903044700b001782580ce9csm7279968plb.249.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 4/5] pstore: Refactor compression initialization Date: Mon, 17 Oct 2022 19:08:12 -0700 Message-Id: <20221018020815.2872331-4-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3635; h=from:subject; bh=GnPW7cHJLHzp4Ur4fA7Uqr/d5LRg10HGm2sjpwP9wQ4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbJcThe30sb8XabMHTpGedN4xQTi7dpmCn6Ia 6xJIvlKJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJj2ID/ 0cbUhMbp27GjX1utSX7bmwpWuk4vCfS965dpQWibESAGOrzxATO7v024sS07ZvcZhimNPxdBuP0l1R 3Nb/Wf+jhy+2st1CZcmkQtQJlBcQnfoCF0nYFPOFXScITibR7jFNp1tYOffw3ToSnRFenpS1yFGzdI FAlrcfhYIH4+ecaHqUzTTncAwgv0rftKiAS8UQwJYD9b0MhFt0ZhQe+WqzycDyS8Wh1dGwxGVXF9ni d6FFY93IHvoN6YVGpHwYOiiTWq4OPIbrz7K4qXhGhp3c4/EwIcwdF7wAAQWDoZCD1RdicyChazHNuO LYDmdF3SBcWKX4D40Z+F4ny4Yj1dkr0eYGd5CwOH/StDEcPLFZnxmENrCefQ+YB5BuYbroWeUCClN7 /huBIV8E30nxGUp7wlbDQdy3068Uern1UJcYOCa62BN2aEIWFnrz7GodxvaUPiLiS57GsABPVfDzX5 IoXCLhaAYGhG+6tlC9zY9nMRWDNDEB0drPm6ldJx7BsfmBvCz/hlHBlXWCLebKEp7e2JqdBHrFjxMp KlQVqhaDJcp5WOGPXeC+H772pVOWRqRRB63TFlVuglsrakUvEbjSasz/GJCqe2z779Cn9O6G3wONHH PGi5WMfJM0cApmg282NFC9bLeQ4x8EYVHxb4HiG7FB/pXc2402UlGkIL5oLg== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org In preparation for calling zstd library compression routines, split the crypto-specific initialization into a separate init routine. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 71 +++++++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 210a4224edb4..4d883dc2e8a7 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -178,48 +178,29 @@ static int pstore_compress(const void *in, void *out, return -EINVAL; } -static void allocate_buf_for_compression(void) +static int allocate_crypto_buf(void) { struct crypto_comp *ctx; - int size; - char *buf; - /* Skip if not built-in or compression backend not selected yet. */ - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) - return; - - /* Skip if no pstore backend yet or compression init already done. */ - if (!psinfo || tfm) - return; + /* Skip if compression init already done. */ + if (tfm) + return 0; if (!crypto_has_comp(compress, 0, 0)) { pr_err("Unknown compression: %s\n", compress); - return; - } - - /* Worst-case compression should never be more than uncompressed. */ - size = psinfo->bufsize; - buf = kmalloc(size, GFP_KERNEL); - if (!buf) { - pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, compress); - return; + return -EINVAL; } ctx = crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { - kfree(buf); pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); - return; + return -ENOMEM; } - - /* A non-NULL big_oops_buf indicates compression is available. */ tfm = ctx; - big_oops_buf_sz = size; - big_oops_buf = buf; - pr_info("Using crash dump compression: %s\n", compress); + pr_info("Using crash dump compression: crypto API %s\n", compress); + return 0; } static void free_buf_for_compression(void) @@ -233,6 +214,38 @@ static void free_buf_for_compression(void) big_oops_buf_sz = 0; } +static void allocate_buf_for_compression(void) +{ + char *buf; + int rc; + + /* Skip if not built-in or compression backend not selected yet. */ + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) + return; + + /* Skip if no pstore backend yet. */ + if (!psinfo) + return; + + /* Initialize compression routines. */ + rc = allocate_crypto_buf(); + if (rc) + goto fail; + + /* Create common buffer for compression work. */ + buf = kmalloc(psinfo->bufsize, GFP_KERNEL); + if (!buf) + goto fail; + + /* A non-NULL big_oops_buf indicates compression is available. */ + big_oops_buf_sz = psinfo->bufsize; + big_oops_buf = buf; + return; + +fail: + free_buf_for_compression(); +} + /* * Called when compression fails, since the printk buffer * would be fetched for compression calling it again when @@ -589,6 +602,7 @@ static void decompress_record(struct pstore_record *record) { size_t unzipped_len; char *unzipped, *workspace; + int rc; if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; @@ -612,7 +626,8 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - if (pstore_decompress_crypto(record, workspace, &unzipped_len) != 0) { + rc = pstore_decompress_crypto(record, workspace, &unzipped_len); + if (rc) { kfree(workspace); return; } From patchwork Tue Oct 18 02:08:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13009795 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCA48C43217 for ; Tue, 18 Oct 2022 02:09:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230473AbiJRCJQ (ORCPT ); Mon, 17 Oct 2022 22:09:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60924 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231255AbiJRCIw (ORCPT ); Mon, 17 Oct 2022 22:08:52 -0400 Received: from mail-pj1-x1029.google.com (mail-pj1-x1029.google.com [IPv6:2607:f8b0:4864:20::1029]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 34AF472857 for ; Mon, 17 Oct 2022 19:08:41 -0700 (PDT) Received: by mail-pj1-x1029.google.com with SMTP id t10-20020a17090a4e4a00b0020af4bcae10so12635049pjl.3 for ; Mon, 17 Oct 2022 19:08:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=ezyLTjrM3Dn0zRtu72SFNG0CnEpp1bT63bETOd2sgVAX4wyvBiuKeStfHGQqcLyT0c gVDYu1L+NV1sUT55XXuC2KnIGY6mInWaLnQuPwZ0OWKrVkQgzv5C9d3BHfr/ahLIDZI+ DPOFNE01+2a7o4KLbVjTxkkKlLFYEWzfuT0vY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=f3YNIXHys27FSSUn5+pLY587FMBS/C+5sBoPkGIS/3rvMCXMYm9hRouI42APksquRj XUYJ6uG6bOyYOGwXNLpicWr0OF177dx/9aJSQ8Osb6hpqSB17tbRSdTXjMYQk56Z98w3 FZkDOLK7p9+reK+8LGxRaI2oLH0EX9vbNa5+wj23PgGzCYELRuOU17yS/iXr2i1YlUyb a9eiD9EKSgVd4JiNANDY5+jdvFJW4IJeCsDMBRVTAeGigtOOfZN1VSAHUp78XU2qbaV1 vmY1zbElQ1sILpjNtyhbKy/uieTOERylS2IUYJ/xRrJeRqcLnND17pjcivv44ss7P6yO FeHA== X-Gm-Message-State: ACrzQf2cwOVep7yVO+92BzRj+KVzruwx4edohNX5UFYn/Vy+9QLrVjW8 790MCVnSeF97xolBVusuCqvCug== X-Google-Smtp-Source: AMsMyM74kPZI3NEJlQ4I13yJg8iIYbMLJs0Ow74byPpU+7gCvF39Ifo4s0jk3IrU+VUUikYEbh0plQ== X-Received: by 2002:a17:902:e542:b0:185:53ee:60cd with SMTP id n2-20020a170902e54200b0018553ee60cdmr690796plf.59.1666058904055; Mon, 17 Oct 2022 19:08:24 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i3-20020aa796e3000000b005625ef68eecsm7801373pfq.31.2022.10.17.19.08.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:21 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 5/5] pstore: Use zstd directly by default for compression Date: Mon, 17 Oct 2022 19:08:13 -0700 Message-Id: <20221018020815.2872331-5-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5821; h=from:subject; bh=sLRnNe7TSr1mUP3rC2Jvs34rMQHwsZo2peo8sm7nqHc=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqNgz5mFVDTEKh2ZTTBl7zsnZsWbaMExcRb5vXR gEu/gkyJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjQAKCRCJcvTf3G3AJkloEA Cx0DdUC7uHvpq0otB5MaffHQuDX/WFSqZOjbyZ3s4Ko7jTPVRaQ+0I5mgBLkr7XNi5anMUfD6E0dwW Jmj0GLm7TQQTNlNPjlWEh+sBwrakWkY0ogeMNlT2BEghzGrAehJtXAm1OVNpuGZG9zbkTl+YDmSoM0 R00snjAslMqT96UbreZhrfb3+PoH/Mp5KytWO7IR/wIbsZq2x1gbUssIdJ3PMUDV8YIrXyoXep26YD o+lEndpJ0LG+2doq/BH4MbiMXGGAuFjbhjfwlY3jVtGvBpJVjdF3/vD9ornpfamj5gK7MXGyGrWFZ+ s4H9gtlsoD2FGpj+wHerMCmOVqXyg7r4RQ9075mZ3Z8FqcfRwbj+Ywvm8ZExjTFbQnxaou3du24z8y oZ8/OLj58d/xW2gp9OTE4wFeQM736WRXGnmQQOCsfMms1EO8BbpnAZX6/Pc1adzCbOcSIHlqKiC6al lpEUsadqvEctXeAtBUc8w7/S/upt6CE8UOYLxyieiZC5rwWYTakzZjDvDi3nk4//DMjRjjL10ED3Ih b1VGqx9YEEvMtMiNg63YZzTzXFbXAG2UXtmiovUfzVMIXBT2NXjEl4nngk8zmuYqBgPGGpoxiNT60M 9iO/p2mSCGm6jRKhoFq+jeSqnGms3IfOyYPiGf2BV/Kd1JtkkkcGW8HSKHYQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org If compression is desired, use zstd directly to avoid Crypto API overhead. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 11 +++++- fs/pstore/platform.c | 93 +++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 97 insertions(+), 7 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index a95b3981cb0e..1f05312c7479 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -25,7 +25,7 @@ config PSTORE_DEFAULT_KMSG_BYTES choice prompt "Panic dump compression" depends on PSTORE - default PSTORE_COMPRESS_CRYPTO + default PSTORE_COMPRESS help Choose whether and how to compress the panic dump output. This is usually only needed for very storage-constrained backends. @@ -38,6 +38,15 @@ choice available to from the Crypto API. Note that this may reserve non-trivial amounts of per-CPU memory. + config PSTORE_COMPRESS + bool "Use recommended best compression algorithm" + select CRYPTO_ZSTD + help + Use the compression routines currently deemed best suited + for panic dump compression. Currently, this is "zstd". + As this compression is used directly through its library + interface, no per-CPU memory is allocated by the Crypto API. + config PSTORE_COMPRESS_NONE bool "Do not compress panic dumps" help diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 4d883dc2e8a7..51d2801fc880 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "internal.h" @@ -72,13 +73,17 @@ module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); static char *compress __ro_after_init = -#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT - CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; +#ifdef CONFIG_PSTORE_COMPRESS + "zstd"; #else - NULL; -#endif +# ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; module_param(compress, charp, 0444); MODULE_PARM_DESC(compress, "compression to use"); +# else + NULL; +# endif +#endif /* How much of the kernel log to snapshot */ unsigned long kmsg_bytes = CONFIG_PSTORE_DEFAULT_KMSG_BYTES; @@ -88,6 +93,12 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to snapshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; +static zstd_cctx *cctx; +static zstd_dctx *dctx; +static void *cwksp; +static void *dwksp; +zstd_parameters zparams; + static char *big_oops_buf; static size_t big_oops_buf_sz; @@ -175,6 +186,14 @@ static int pstore_compress(const void *in, void *out, return 0; } + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS)) { + *outlen = zstd_compress_cctx(cctx, out, *outlen, in, inlen, + &zparams); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; + } + return -EINVAL; } @@ -203,12 +222,56 @@ static int allocate_crypto_buf(void) return 0; } +static int allocate_zstd_buf(void) +{ + size_t csize, dsize; + + /* Skip if compression init already done. */ + if (cctx) + return 0; + + zparams = zstd_get_params(3, 0); + csize = zstd_cctx_workspace_bound(&zparams.cParams); + dsize = zstd_dctx_workspace_bound(); + +#define init_ctx(dir, name) do { \ + dir##wksp = kzalloc(dir##size, GFP_KERNEL); \ + if (!dir##wksp) { \ + pr_err("Failed %zu byte %s " #name " allocation\n", \ + dir##size, compress); \ + return -ENOMEM; \ + } \ + dir##ctx = zstd_init_##dir##ctx(dir##wksp, dir##size); \ + if (!dir##ctx) { \ + pr_err("Failed %s " #name " context init\n", compress); \ + return -EINVAL; \ + } \ +} while (0) + + init_ctx(c, compress); + init_ctx(d, decompress); + +#undef init_wksp + + pr_info("Using crash dump compression: built-in %s\n", compress); + return 0; +} + static void free_buf_for_compression(void) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm = NULL; } + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && cctx) { + cctx = NULL; + dctx = NULL; + kfree(cwksp); + cwksp = NULL; + kfree(dwksp); + dwksp = NULL; + + } kfree(big_oops_buf); big_oops_buf = NULL; big_oops_buf_sz = 0; @@ -228,7 +291,10 @@ static void allocate_buf_for_compression(void) return; /* Initialize compression routines. */ - rc = allocate_crypto_buf(); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc = allocate_crypto_buf(); + else + rc = allocate_zstd_buf(); if (rc) goto fail; @@ -598,6 +664,16 @@ static int pstore_decompress_crypto(struct pstore_record *record, char *workspac return 0; } +static int pstore_decompress_zstd(struct pstore_record *record, + char *workspace, size_t *outlen) +{ + *outlen = zstd_decompress_dctx(dctx, workspace, *outlen, + record->buf, record->size); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; +} + static void decompress_record(struct pstore_record *record) { size_t unzipped_len; @@ -626,7 +702,12 @@ static void decompress_record(struct pstore_record *record) if (!workspace) return; - rc = pstore_decompress_crypto(record, workspace, &unzipped_len); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc = pstore_decompress_crypto(record, workspace, + &unzipped_len); + else + rc = pstore_decompress_zstd(record, workspace, + &unzipped_len); if (rc) { kfree(workspace); return;