From nobody Thu Apr 9 13:15:34 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 399FCC4332F for ; Tue, 18 Oct 2022 02:09:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231293AbiJRCJb (ORCPT ); Mon, 17 Oct 2022 22:09:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230446AbiJRCIt (ORCPT ); Mon, 17 Oct 2022 22:08:49 -0400 Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7978F43AF0 for ; Mon, 17 Oct 2022 19:08:36 -0700 (PDT) Received: by mail-pj1-x1032.google.com with SMTP id g8-20020a17090a128800b0020c79f987ceso15948937pja.5 for ; Mon, 17 Oct 2022 19:08:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=KIJuGjNT3LS85ZDwhI1QK3bDVaC4AE+6gjeWhM49s+JH+xpYFFcPNFFUvO5z97nWc8 3qHYOvMSCMWKhgCUK8jfsgwo94QfZqPwZA0oEE9N75VRfhpgSur4kI1JiPgUTYXCuRtD WfbWOlFE7BmzofG7f2xA8rqRZNKp1xI7XjZ8I= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UbYz18T6bZpWW8vOJjiPrzs7fsULyDP/1+meWjyG7ZE=; b=i3Eo8zeidRdxDb3qtigctA6e8y3ZNqx6LWDtc/mxVBE3FBQ13QsIaI4SP2HLGrw5k8 tugQrzF5NpWGOMeNEOF+mE2TqOwS9uPQyKZTpKXCmzHWMKVeT4vG2UAHcuam4XKGRwaT 4ugjMBREKVbag37FVherBYsVN5PBKfXy3u1I66Cu+UD0raeQhKuUPPgM3Mdpv80XpUzQ JICnNsWy4H1cGMIc2+7px151MJThBBBWO5qey8LRrPyKTrE6hjBGgxRiUu1zJSM9JQSf ZgSCPtoJZfhWgf2p7ZaSBXqCKLon/hFWFPqBUpLqT8/CtMI9/WlO7omn91tfjY+88hwG mBIw== X-Gm-Message-State: ACrzQf2AIE/A+n3SSbQXUQD3Bi2gUKdYwhnyDlS6KY8oCsJmI6gooWir eWEiMLfhEj3gaEzVSwhfyy6Bew== X-Google-Smtp-Source: AMsMyM5bR1UuDGWR0RD1MGC8amr4BEf8QetflWgXyBl3g52ZWS8Y8D0p6XKIXe5AgoTtNKQKFdQARg== X-Received: by 2002:a17:903:11c3:b0:17a:e62:16e8 with SMTP id q3-20020a17090311c300b0017a0e6216e8mr612463plh.137.1666058899859; Mon, 17 Oct 2022 19:08:19 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id c8-20020a170903234800b0017d061a6119sm7312776plh.116.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 1/5] pstore: Remove worse-case compression size logic Date: Mon, 17 Oct 2022 19:08:09 -0700 Message-Id: <20221018020815.2872331-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5455; h=from:subject; bh=+tMHCZOTPIvRa0mUTcXlg2VCSU1nRw7kMkBTASHQke4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMQlVArORJD6vwQmAGDxw2yPxs+T03ESP4BWrt w84R/kSJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJgQSD/ wNUsf8repH9xHlLCpz/CMMet6C6UcVL2z7D/aT4lcyu0GVdX/RrntIC8lEj7SJN7EQdzrZEHkqjPOe bklsLC/TaHdCVVYaJQnX921X+jU7Abf6S+prdr067yp1N1/I744jauGm99Sj38EMNad1xrEvn1PJcn SDcoAjNiYgS/FZtEjfewNPmZ0bXFioCpc0SCgfbeO12BThhkCI33MWC010Ihjupoytpbs8Ks8bB8xT cU+YxWO/rh4RhIkKO/Bl7vXnRtDFnz2XqwaoDrQjGYVo7YB9e2K1SIefAvQMRyjrWi0V0PsuTNn/zc j5t3pDG2o+Y/jTywGSZqdAsMvQOl6jjHwG+jUswIrjtH6XwAZQXbk6nsQwSuSuqZq69Qs+5rQJEBes OpxlD5SOpU03hzZnFdId1wn/YWs7G58Q6hDr3Bv4dh9xKWJ5LcvrR+4gdI4oV9/istb5krrPYzDFtB pErJjTAD5Sz9g16VL6U8pNSZpZVw3hXsP6ShpA7Dazjv5DExoJ4qsgco7mprLEnEoK/Ge72MQjHq51 JSzVidOSLPIq+FMcAALcrw8TMCFWAaZuClsddg6CJmkAw4KtdYqIym5otPCNS1iN/lhqCRx/fkCqXn /ahzhUBhLVdmH5t+vkcWyNiDr8Cd7Tdt994hwFqcjd8njG+BHaRDiFNSZfvw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The worst case compression size is always the size of the uncompressed data itself so avoid perfectly optimizing the oops buffer size. Hugely simplifies the code. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 144 +++---------------------------------------- 1 file changed, 9 insertions(+), 135 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index cbc0b468c1ab..ef0bc3ae161b 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -97,11 +97,6 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to sn= apshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; =20 -struct pstore_zbackend { - int (*zbufsize)(size_t size); - const char *name; -}; - static char *big_oops_buf; static size_t big_oops_buf_sz; =20 @@ -168,105 +163,6 @@ static bool pstore_cannot_block_path(enum kmsg_dump_r= eason reason) } } =20 -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) -static int zbufsize_deflate(size_t size) -{ - size_t cmpr; - - switch (size) { - /* buffer range for efivars */ - case 1000 ... 2000: - cmpr =3D 56; - break; - case 2001 ... 3000: - cmpr =3D 54; - break; - case 3001 ... 3999: - cmpr =3D 52; - break; - /* buffer range for nvram, erst */ - case 4000 ... 10000: - cmpr =3D 45; - break; - default: - cmpr =3D 60; - break; - } - - return (size * 100) / cmpr; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -static int zbufsize_lzo(size_t size) -{ - return lzo1x_worst_compress(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4= HC_COMPRESS) -static int zbufsize_lz4(size_t size) -{ - return LZ4_compressBound(size); -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) -static int zbufsize_842(size_t size) -{ - return size; -} -#endif - -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -static int zbufsize_zstd(size_t size) -{ - return zstd_compress_bound(size); -} -#endif - -static const struct pstore_zbackend *zbackend __ro_after_init; - -static const struct pstore_zbackend zbackends[] =3D { -#if IS_ENABLED(CONFIG_PSTORE_DEFLATE_COMPRESS) - { - .zbufsize =3D zbufsize_deflate, - .name =3D "deflate", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) - { - .zbufsize =3D zbufsize_lzo, - .name =3D "lzo", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) - { - .zbufsize =3D zbufsize_lz4, - .name =3D "lz4", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4HC_COMPRESS) - { - .zbufsize =3D zbufsize_lz4, - .name =3D "lz4hc", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_842_COMPRESS) - { - .zbufsize =3D zbufsize_842, - .name =3D "842", - }, -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) - { - .zbufsize =3D zbufsize_zstd, - .name =3D "zstd", - }, -#endif - { } -}; - static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { @@ -291,36 +187,31 @@ static void allocate_buf_for_compression(void) char *buf; =20 /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !zbackend) + if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) return; =20 /* Skip if no pstore backend yet or compression init already done. */ if (!psinfo || tfm) return; =20 - if (!crypto_has_comp(zbackend->name, 0, 0)) { - pr_err("Unknown compression: %s\n", zbackend->name); - return; - } - - size =3D zbackend->zbufsize(psinfo->bufsize); - if (size <=3D 0) { - pr_err("Invalid compression size for %s: %d\n", - zbackend->name, size); + if (!crypto_has_comp(compress, 0, 0)) { + pr_err("Unknown compression: %s\n", compress); return; } =20 + /* Worst-case compression should never be more than uncompressed. */ + size =3D psinfo->bufsize; buf =3D kmalloc(size, GFP_KERNEL); if (!buf) { pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, zbackend->name); + size, compress); return; } =20 - ctx =3D crypto_alloc_comp(zbackend->name, 0, 0); + ctx =3D crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { kfree(buf); - pr_err("crypto_alloc_comp('%s') failed: %ld\n", zbackend->name, + pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); return; } @@ -330,7 +221,7 @@ static void allocate_buf_for_compression(void) big_oops_buf_sz =3D size; big_oops_buf =3D buf; =20 - pr_info("Using crash dump compression: %s\n", zbackend->name); + pr_info("Using crash dump compression: %s\n", compress); } =20 static void free_buf_for_compression(void) @@ -818,27 +709,10 @@ static void pstore_timefunc(struct timer_list *unused) pstore_timer_kick(); } =20 -static void __init pstore_choose_compression(void) -{ - const struct pstore_zbackend *step; - - if (!compress) - return; - - for (step =3D zbackends; step->name; step++) { - if (!strcmp(compress, step->name)) { - zbackend =3D step; - return; - } - } -} - static int __init pstore_init(void) { int ret; =20 - pstore_choose_compression(); - /* * Check if any pstore backends registered earlier but did not * initialize compression because crypto was not ready. If so, --=20 2.34.1 From nobody Thu Apr 9 13:15:34 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5345CC433FE for ; Tue, 18 Oct 2022 02:09:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231430AbiJRCJ5 (ORCPT ); Mon, 17 Oct 2022 22:09:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231404AbiJRCJI (ORCPT ); Mon, 17 Oct 2022 22:09:08 -0400 Received: from mail-oa1-x2f.google.com (mail-oa1-x2f.google.com [IPv6:2001:4860:4864:20::2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0643A748F2 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) Received: by mail-oa1-x2f.google.com with SMTP id 586e51a60fabf-131dda37dddso15424037fac.0 for ; Mon, 17 Oct 2022 19:08:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=NwNNyZ5Wb03KNiJhkFaOysaWhHo6lNizPNjKIi4CbPvS6pVTgMh50mv7INFYyuW8a6 kR3Kzootcf5Q7/OePmjcvl0M1ECOirL7jq0lnseGrS+XkVMmc3wstnkJEQy0KCkbml/j EHPaSGukxSVTz0OFFdebK0v/c10ovejMsD3qg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YBRd9cw1Rkfek0J7YHlv9ebkE6z5a48tsgrcsxT5PuA=; b=mNpTUYVcljgmEkt9zhN1XY8DEKT6NqK18G2l18frQeXEhq55XlpAq9k89nwM3xUhf0 AX72wFWpFGO+Vm8TiGpOiO9DGg7NCpHsL3GmK8lt+/VsYv5Z+KLQx2P8L9XXyfhzDDnp NrbDrBkn+INxsm2eYGtnug9AUsSe24hag1elxBZcFwvdF/DnZskb/WluqciZ8hwryJwu 3t3mzGCJdr/fiYmDbOBCRKVE0+15RyJqL0SKQoOA5V4kIEzGeqs8fvF8xGLfuB+uL+6U Jn5XtrD2/109WjNaQBZEtu+PaJx7HDxUgSl77wUK758oN+Ow+XuYNUrYZQ+enAWPug+w YvKA== X-Gm-Message-State: ACrzQf1bDpby9PVi6fgKh1EMqLJMDWHLtbcS70ymkJQO+YbICVliulYL B0sY9efLYOSXpOG3LCNtWUwGyfxZyBnf0g== X-Google-Smtp-Source: AMsMyM6V5SLuc+cJSz5kpkL2t47DjSmr/J/X0Am3hm0EyaT5eZJmd16vVHaB/3yRCDgTErjFU4UfoA== X-Received: by 2002:a17:90b:692:b0:203:6c21:b4aa with SMTP id m18-20020a17090b069200b002036c21b4aamr35534172pjz.227.1666058900664; Mon, 17 Oct 2022 19:08:20 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i10-20020a170902c94a00b00179f370dbe7sm7290666pla.287.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/5] pstore: Allow for arbitrary compression algorithm Date: Mon, 17 Oct 2022 19:08:10 -0700 Message-Id: <20221018020815.2872331-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=7760; h=from:subject; bh=uc0kl+a6TRA5+6XFgJLw6TULSMAzOvGGUCrsT4ONIEQ=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbyBNAMou3xirdeIaCwW74Lc8wdvstFfBCHL4 YvkAb9eJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJg2mD/ 4w2fvpDNRN1D3IMtBm5CqUw6M66DMdJv5Rq9IeVdTvcGKOCQXOloxOx2Kb87Ut54OsTz/sQVeWov9K j+HR6jVxFiq2kKFSP/kJH6RTIyTK/3QwN0Ocw43Aqtg8qZGMx/gShBINNtVDhJ0buKILEduEhleF5F /lzkv49eXy9dXWiMedinSBfu6ImScEtd25ym/aekGxbs66tcHySFjb0GN+TW7GTjw1vTTZThi0pejJ /mO7YyshqePq3cmiMQk43j0NItwXL+Vavk92Mp1ZeAb4PB636UntywH4uNtj8I0Ho2s/wWPHeTFhAA tkZhDwkv4MovVNZ0UdfdIH7iC5zeVxTnFPidM0wgOi3lGAEBtkYHTKjyImKs/VtBeuIYw8vpAzt7dv lW1n9bVVeYYk3xPVimBaY/vsjy6eKH51PwqwWduQHba6H5vv0X1m9huhQao842Pde8jTxZiA5i7e3G 8g8/h5pPHoxqZ1P1HWdDtRWdJVH65DsseUcXVBnaK+MGCSd89ciXaqNSaiJ0WG82swVia9YZEvBm2n E5kBZxNvdeySPLgMoRdRfHI9X8JCQiZhbQwBmq+u4aZ/Ev2tNTd5cbmwtAnQvrX5I7ivkqrC1irznU raF+bf9m0wrDMA/10vca2++0FDSwjv+kSHfH5cmAQJ+gxdNBeHY134R6+ghw== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Since there is no longer a need for figuring out worst-case compression size, there is no reason to limit the compression algorithm choice. Greatly simplifies Kconfig. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 122 ++++++++++++------------------------------- fs/pstore/platform.c | 39 ++++++-------- 2 files changed, 47 insertions(+), 114 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index 8adabde685f1..a95b3981cb0e 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -22,99 +22,41 @@ config PSTORE_DEFAULT_KMSG_BYTES Defines default size of pstore kernel log storage. Can be enlarged if needed, not recommended to shrink it. =20 -config PSTORE_DEFLATE_COMPRESS - tristate "DEFLATE (ZLIB) compression" - default y - depends on PSTORE - select CRYPTO_DEFLATE - help - This option enables DEFLATE (also known as ZLIB) compression - algorithm support. - -config PSTORE_LZO_COMPRESS - tristate "LZO compression" - depends on PSTORE - select CRYPTO_LZO - help - This option enables LZO compression algorithm support. - -config PSTORE_LZ4_COMPRESS - tristate "LZ4 compression" - depends on PSTORE - select CRYPTO_LZ4 - help - This option enables LZ4 compression algorithm support. - -config PSTORE_LZ4HC_COMPRESS - tristate "LZ4HC compression" - depends on PSTORE - select CRYPTO_LZ4HC - help - This option enables LZ4HC (high compression) mode algorithm. - -config PSTORE_842_COMPRESS - bool "842 compression" - depends on PSTORE - select CRYPTO_842 - help - This option enables 842 compression algorithm support. - -config PSTORE_ZSTD_COMPRESS - bool "zstd compression" - depends on PSTORE - select CRYPTO_ZSTD - help - This option enables zstd compression algorithm support. - -config PSTORE_COMPRESS - def_bool y - depends on PSTORE - depends on PSTORE_DEFLATE_COMPRESS || PSTORE_LZO_COMPRESS || \ - PSTORE_LZ4_COMPRESS || PSTORE_LZ4HC_COMPRESS || \ - PSTORE_842_COMPRESS || PSTORE_ZSTD_COMPRESS - choice - prompt "Default pstore compression algorithm" - depends on PSTORE_COMPRESS - help - This option chooses the default active compression algorithm. - This change be changed at boot with "pstore.compress=3D..." on - the kernel command line. - - Currently, pstore has support for 6 compression algorithms: - deflate, lzo, lz4, lz4hc, 842 and zstd. - - The default compression algorithm is deflate. - - config PSTORE_DEFLATE_COMPRESS_DEFAULT - bool "deflate" if PSTORE_DEFLATE_COMPRESS - - config PSTORE_LZO_COMPRESS_DEFAULT - bool "lzo" if PSTORE_LZO_COMPRESS - - config PSTORE_LZ4_COMPRESS_DEFAULT - bool "lz4" if PSTORE_LZ4_COMPRESS - - config PSTORE_LZ4HC_COMPRESS_DEFAULT - bool "lz4hc" if PSTORE_LZ4HC_COMPRESS - - config PSTORE_842_COMPRESS_DEFAULT - bool "842" if PSTORE_842_COMPRESS - - config PSTORE_ZSTD_COMPRESS_DEFAULT - bool "zstd" if PSTORE_ZSTD_COMPRESS - + prompt "Panic dump compression" + depends on PSTORE + default PSTORE_COMPRESS_CRYPTO + help + Choose whether and how to compress the panic dump output. This + is usually only needed for very storage-constrained backends. + + config PSTORE_COMPRESS_CRYPTO + bool "Use an arbitrary compression algorithm via the Crypto API" + help + If the default compression algorithm from PSTORE_COMPRESS + is not desired, an arbitrary one can be chosen if it is + available to from the Crypto API. Note that this may reserve + non-trivial amounts of per-CPU memory. + + config PSTORE_COMPRESS_NONE + bool "Do not compress panic dumps" + help + Do not compress the panic dump output. This leave the + output easily readable in memory, if non-pstore forensics + tools want to examine the contents easily. endchoice =20 -config PSTORE_COMPRESS_DEFAULT - string - depends on PSTORE_COMPRESS - default "deflate" if PSTORE_DEFLATE_COMPRESS_DEFAULT - default "lzo" if PSTORE_LZO_COMPRESS_DEFAULT - default "lz4" if PSTORE_LZ4_COMPRESS_DEFAULT - default "lz4hc" if PSTORE_LZ4HC_COMPRESS_DEFAULT - default "842" if PSTORE_842_COMPRESS_DEFAULT - default "zstd" if PSTORE_ZSTD_COMPRESS_DEFAULT +config PSTORE_COMPRESS_CRYPTO_DEFAULT + string "Crypto API compression algorithm" + depends on PSTORE_COMPRESS_CRYPTO + default "zstd" + help + This option chooses the default active compression algorithm, + and can be changed at boot with "pstore.compress=3D..." on the + kernel command line. The chosen compression algorithm needs to + be available to the crypto subsystem for it to be usable by + pstore. For example, "zstd" needs CONFIG_CRYPTO_ZSTD, "deflate" + needs CONFIG_CRYPTO_DEFLATE, etc. =20 config PSTORE_CONSOLE bool "Log kernel console messages" diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index ef0bc3ae161b..1f01c4b904fc 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -16,15 +16,6 @@ #include #include #include -#if IS_ENABLED(CONFIG_PSTORE_LZO_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_LZ4_COMPRESS) || IS_ENABLED(CONFIG_PSTORE_LZ4= HC_COMPRESS) -#include -#endif -#if IS_ENABLED(CONFIG_PSTORE_ZSTD_COMPRESS) -#include -#endif #include #include #include @@ -80,9 +71,9 @@ static char *backend; module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); =20 -static char *compress =3D -#ifdef CONFIG_PSTORE_COMPRESS_DEFAULT - CONFIG_PSTORE_COMPRESS_DEFAULT; +static char *compress __ro_after_init =3D +#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; #else NULL; #endif @@ -166,18 +157,18 @@ static bool pstore_cannot_block_path(enum kmsg_dump_r= eason reason) static int pstore_compress(const void *in, void *out, unsigned int inlen, unsigned int outlen) { - int ret; + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + int ret; =20 - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS)) - return -EINVAL; - - ret =3D crypto_comp_compress(tfm, in, inlen, out, &outlen); - if (ret) { - pr_err("crypto_comp_compress failed, ret =3D %d!\n", ret); - return ret; + ret =3D crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (ret) { + pr_err("crypto_comp_compress failed, ret =3D %d!\n", ret); + return ret; + } + return outlen; } =20 - return outlen; + return -EINVAL; } =20 static void allocate_buf_for_compression(void) @@ -187,7 +178,7 @@ static void allocate_buf_for_compression(void) char *buf; =20 /* Skip if not built-in or compression backend not selected yet. */ - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !compress) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) return; =20 /* Skip if no pstore backend yet or compression init already done. */ @@ -226,7 +217,7 @@ static void allocate_buf_for_compression(void) =20 static void free_buf_for_compression(void) { - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && tfm) { + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm =3D NULL; } @@ -578,7 +569,7 @@ static void decompress_record(struct pstore_record *rec= ord) int unzipped_len; char *unzipped, *workspace; =20 - if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !record->compressed) + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; =20 /* Only PSTORE_TYPE_DMESG support compression. */ --=20 2.34.1 From nobody Thu Apr 9 13:15:34 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA240C433FE for ; Tue, 18 Oct 2022 02:09:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231266AbiJRCIx (ORCPT ); Mon, 17 Oct 2022 22:08:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33308 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230425AbiJRCIg (ORCPT ); Mon, 17 Oct 2022 22:08:36 -0400 Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 954E32DC4 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) Received: by mail-pj1-x102e.google.com with SMTP id fw14so12641778pjb.3 for ; Mon, 17 Oct 2022 19:08:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=Ejf9T48sPy2SQkDkKO3qeRvLhxySNSJCnDu6Xwwm0S7fucUsPGGdILc95lmBN0JR7m gYaf/SfNGV6HQ6L9OtG6dvMIzzfhmlStyUx496rhLALi/gn3WEbiVIF9qqOQOYX3a6PM SssrKHd8ghM4DgybtJLu0nA1WEx8YJwQquFFk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8o/3L/7nu8yqSqN2t7ynhTHNqc6zN3rpINeuVtJh23c=; b=IOgjHiPM2udKCIpnLl2u7diTeuIwKVWg0TLqU1Ye8jjiyLJDuBzBrGHw7imAq4i+Iu 3S9FIc2s5yhVy5FoqZgXi5KYCuGuUahi8r27X9ERswF+iLTPARbuqB3Ir1+vp++k5hIj SFVr6hZHfSKzxTmYOD4UubAxXbmORsUSNj7OewlP4/I6BeuVrnuOrW2DnqqX6JJrGKYX pBOQbRsYZsWf/oWhbEqotAU/0Z8tm9oXUjmJYQOcdHcU/4zRZakMv4OIv+QtxhVQ62zZ 3SpL0ycz5KSIxW6G8KvxD4MjwNiHV3IS0RwgiT4m20UEAfUcoa+9X2sPQ+LY/+Jww7Fy F01g== X-Gm-Message-State: ACrzQf1ANeHApCmDbxIAb8bO15zdJXT+OYTKMsN2AMN7OQ/sECIdTva9 O17QkEDzsGy0XUY3mUIZ777z2g== X-Google-Smtp-Source: AMsMyM6J95gTGuLusRFaCvMsJ0bdX7wowAFXXKCq11iWsbGo/OW/s7BeFJ9B9qNpiVJe61pC54CP5w== X-Received: by 2002:a17:902:d484:b0:17f:7437:565d with SMTP id c4-20020a170902d48400b0017f7437565dmr630248plg.154.1666058898335; Mon, 17 Oct 2022 19:08:18 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id d4-20020a631d04000000b00460d89df1f1sm6797003pgd.57.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 3/5] pstore: Use size_t for compress/decompression type widths Date: Mon, 17 Oct 2022 19:08:11 -0700 Message-Id: <20221018020815.2872331-3-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3370; h=from:subject; bh=d80Gw6VCQNtp9Ez6pYN9gROZhqnl6PYG6krL4B0B4o4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMos88G1DeCsiRQXnCR4zXLwb9UDI3ISAB1F4o GocmFImJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJn12D/ 0aQ1ZAKOJEY9arwChs4OA2uRV6oYgtpEV0Vqbf1CrNEqoszswyKm83dWZjIsQfDaPkTVXUrt6AaAZh KhXqXry8mtOn2Q/8OvPkeiux7ChBtIMTyYzbb82dVlxgiTZF/MbOh/O0HHOHy40gXWM4qC8UzEnbMP uhk/JxGuOJNsItMrrG+h+z4sr7eN16+mpbjEGqnMbyTm0CaT1zh3oLULl0eYluGQOlfKBIwygVuWf2 Zuca9gRFaF+R5kukMrkDAaS9RTJT8z3znNqCwGKh1Wi6/1JZxmNNmq0YraSEJOEEejK0oEX8GLE0JV EgMkXBbQSG0X5cLREwp7RRC7Ej5T6OuKJMVqAP8eONNDoYls82NtGDB0mQkPDTVj+0cRHNt/6CXt+H UKM6TqbO9HBC8iBW4iYp/pr78AHpecShCoGdvgewKjJUxkF32lHh92QjTaNhcWp5Y4a4PNIu4eM+0R KX+HxTicQMjInWMcHgBfKfROug3RZeANjLebFqVC2rvESIcgiUmevJTLRQ4tNu5MfD9uhLfMps8jfO HVPHeOiGO3p29tj9QsMNRBSnZ+k5O/qeR1Lk7NWTHbqJ94e7sTubSLZblRTgM7U3AGOUbEgSrNu7DB +e7GlQxFJ4q/mulBqu19pB7ZbgBQtp4qKvHdgqnzU5feIHA2nmD+MH+HY4MQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" In preparation for adding direct library calls for zstd, refactor routines to use normalized compress/decompression type widths of size_t. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 47 ++++++++++++++++++++++++++++++-------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 1f01c4b904fc..210a4224edb4 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -155,17 +155,24 @@ static bool pstore_cannot_block_path(enum kmsg_dump_r= eason reason) } =20 static int pstore_compress(const void *in, void *out, - unsigned int inlen, unsigned int outlen) + size_t inlen, size_t *outlen) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) { + unsigned int crypto_outlen; int ret; =20 - ret =3D crypto_comp_compress(tfm, in, inlen, out, &outlen); + if (inlen > UINT_MAX || *outlen > UINT_MAX) + return -EINVAL; + + crypto_outlen =3D *outlen; + ret =3D crypto_comp_compress(tfm, in, inlen, out, &crypto_outlen); if (ret) { pr_err("crypto_comp_compress failed, ret =3D %d!\n", ret); return ret; } - return outlen; + + *outlen =3D crypto_outlen; + return 0; } =20 return -EINVAL; @@ -297,7 +304,6 @@ static void pstore_dump(struct kmsg_dumper *dumper, char *dst; size_t dst_size; int header_size; - int zipped_len =3D -1; size_t dump_size; struct pstore_record record; =20 @@ -327,11 +333,11 @@ static void pstore_dump(struct kmsg_dumper *dumper, break; =20 if (big_oops_buf) { - zipped_len =3D pstore_compress(dst, psinfo->buf, - header_size + dump_size, - psinfo->bufsize); + size_t zipped_len =3D psinfo->bufsize; =20 - if (zipped_len > 0) { + if (pstore_compress(dst, psinfo->buf, + header_size + dump_size, + &zipped_len) =3D=3D 0) { record.compressed =3D true; record.size =3D zipped_len; } else { @@ -563,10 +569,25 @@ void pstore_unregister(struct pstore_info *psi) } EXPORT_SYMBOL_GPL(pstore_unregister); =20 -static void decompress_record(struct pstore_record *record) +static int pstore_decompress_crypto(struct pstore_record *record, char *wo= rkspace, size_t *outlen) { + unsigned int crypto_outlen =3D *outlen; int ret; - int unzipped_len; + + ret =3D crypto_comp_decompress(tfm, record->buf, record->size, + workspace, &crypto_outlen); + if (ret) { + pr_err("crypto_comp_decompress failed, ret =3D %d!\n", ret); + return 0; + } + + *outlen =3D crypto_outlen; + return 0; +} + +static void decompress_record(struct pstore_record *record) +{ + size_t unzipped_len; char *unzipped, *workspace; =20 if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) @@ -591,11 +612,7 @@ static void decompress_record(struct pstore_record *re= cord) if (!workspace) return; =20 - /* After decompression "unzipped_len" is almost certainly smaller. */ - ret =3D crypto_comp_decompress(tfm, record->buf, record->size, - workspace, &unzipped_len); - if (ret) { - pr_err("crypto_comp_decompress failed, ret =3D %d!\n", ret); + if (pstore_decompress_crypto(record, workspace, &unzipped_len) !=3D 0) { kfree(workspace); return; } --=20 2.34.1 From nobody Thu Apr 9 13:15:34 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C95A9C4332F for ; Tue, 18 Oct 2022 02:09:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231147AbiJRCJU (ORCPT ); Mon, 17 Oct 2022 22:09:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60590 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229959AbiJRCIm (ORCPT ); Mon, 17 Oct 2022 22:08:42 -0400 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC238422C3 for ; Mon, 17 Oct 2022 19:08:39 -0700 (PDT) Received: by mail-pf1-x42c.google.com with SMTP id h13so12772067pfr.7 for ; Mon, 17 Oct 2022 19:08:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=KwORkaYqVW4DcwQBe8fKyiUBV3lL2VI45MbBjyL5evrubabQAAlJRmEOYoDNPnKOoo IOosyef4qN2cVWORGlutYO9mKfNcT+WQs7HdI9dtzAE52Yfec3xVxA3WT2S73LIqj7EE T59NJkFkzwgnTSUFSnQR8PYEwUGY0Ul3q8MYY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=4CzAnMvFQDLPHvwatG/USFLXonFnc4UppdnrxHWRO70=; b=wYStaSzOLLl7cULo8Lxx/k+5l+lYa3/iazu638Ql2q5TQE6JJ3FagKi1uQGtQhNNrf 8tmrEXQUgeAUqD05i98zJbQPx/I5eW8rHyakJLQOb9J2eZ0XE9+beHnnPUJIJeM09WGF USviWoJN0oPYwwxGKLC2DuW9xBbKOwXpdYKYq1bEDJLDwp5HwBWK8ope07fZ8rCjh9We 4PECXriNqpnJvIpT9FJa1Ux7LQqsJ0L1AMgylGdswXsu/gLzGtg0MLT9O/TmDnXhTsU/ xxvteRTULL+CHAhh04Xmq0jv/eoxn66jiCd8wko0K59L/Vnr3oKhTzP550WodTod+Yrk f6kg== X-Gm-Message-State: ACrzQf0hzbLDtik2bzfRDVsE9utwsvUp0MR7IRxwuih7WexAd1W9c9aM MAoTcv9gCtfCLRLj/NWYFuO5vQ== X-Google-Smtp-Source: AMsMyM42u1mNW0p5VK4cM4i2NzHA/27NsVEfd9Qw1q5ppuQOHIT1iM9sM9cmyu5y2JRmKhPxecsw6Q== X-Received: by 2002:a05:6a00:150c:b0:563:9f05:bd68 with SMTP id q12-20020a056a00150c00b005639f05bd68mr806021pfu.44.1666058901438; Mon, 17 Oct 2022 19:08:21 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id iw7-20020a170903044700b001782580ce9csm7279968plb.249.2022.10.17.19.08.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:17 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Nick Terrell , linux-kernel@vger.kernel.org Subject: [PATCH 4/5] pstore: Refactor compression initialization Date: Mon, 17 Oct 2022 19:08:12 -0700 Message-Id: <20221018020815.2872331-4-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3635; h=from:subject; bh=GnPW7cHJLHzp4Ur4fA7Uqr/d5LRg10HGm2sjpwP9wQ4=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqMbJcThe30sb8XabMHTpGedN4xQTi7dpmCn6Ia 6xJIvlKJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjAAKCRCJcvTf3G3AJj2ID/ 0cbUhMbp27GjX1utSX7bmwpWuk4vCfS965dpQWibESAGOrzxATO7v024sS07ZvcZhimNPxdBuP0l1R 3Nb/Wf+jhy+2st1CZcmkQtQJlBcQnfoCF0nYFPOFXScITibR7jFNp1tYOffw3ToSnRFenpS1yFGzdI FAlrcfhYIH4+ecaHqUzTTncAwgv0rftKiAS8UQwJYD9b0MhFt0ZhQe+WqzycDyS8Wh1dGwxGVXF9ni d6FFY93IHvoN6YVGpHwYOiiTWq4OPIbrz7K4qXhGhp3c4/EwIcwdF7wAAQWDoZCD1RdicyChazHNuO LYDmdF3SBcWKX4D40Z+F4ny4Yj1dkr0eYGd5CwOH/StDEcPLFZnxmENrCefQ+YB5BuYbroWeUCClN7 /huBIV8E30nxGUp7wlbDQdy3068Uern1UJcYOCa62BN2aEIWFnrz7GodxvaUPiLiS57GsABPVfDzX5 IoXCLhaAYGhG+6tlC9zY9nMRWDNDEB0drPm6ldJx7BsfmBvCz/hlHBlXWCLebKEp7e2JqdBHrFjxMp KlQVqhaDJcp5WOGPXeC+H772pVOWRqRRB63TFlVuglsrakUvEbjSasz/GJCqe2z779Cn9O6G3wONHH PGi5WMfJM0cApmg282NFC9bLeQ4x8EYVHxb4HiG7FB/pXc2402UlGkIL5oLg== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" In preparation for calling zstd library compression routines, split the crypto-specific initialization into a separate init routine. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/platform.c | 71 +++++++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 210a4224edb4..4d883dc2e8a7 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -178,48 +178,29 @@ static int pstore_compress(const void *in, void *out, return -EINVAL; } =20 -static void allocate_buf_for_compression(void) +static int allocate_crypto_buf(void) { struct crypto_comp *ctx; - int size; - char *buf; =20 - /* Skip if not built-in or compression backend not selected yet. */ - if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) - return; - - /* Skip if no pstore backend yet or compression init already done. */ - if (!psinfo || tfm) - return; + /* Skip if compression init already done. */ + if (tfm) + return 0; =20 if (!crypto_has_comp(compress, 0, 0)) { pr_err("Unknown compression: %s\n", compress); - return; - } - - /* Worst-case compression should never be more than uncompressed. */ - size =3D psinfo->bufsize; - buf =3D kmalloc(size, GFP_KERNEL); - if (!buf) { - pr_err("Failed %d byte compression buffer allocation for: %s\n", - size, compress); - return; + return -EINVAL; } =20 ctx =3D crypto_alloc_comp(compress, 0, 0); if (IS_ERR_OR_NULL(ctx)) { - kfree(buf); pr_err("crypto_alloc_comp('%s') failed: %ld\n", compress, PTR_ERR(ctx)); - return; + return -ENOMEM; } - - /* A non-NULL big_oops_buf indicates compression is available. */ tfm =3D ctx; - big_oops_buf_sz =3D size; - big_oops_buf =3D buf; =20 - pr_info("Using crash dump compression: %s\n", compress); + pr_info("Using crash dump compression: crypto API %s\n", compress); + return 0; } =20 static void free_buf_for_compression(void) @@ -233,6 +214,38 @@ static void free_buf_for_compression(void) big_oops_buf_sz =3D 0; } =20 +static void allocate_buf_for_compression(void) +{ + char *buf; + int rc; + + /* Skip if not built-in or compression backend not selected yet. */ + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !compress) + return; + + /* Skip if no pstore backend yet. */ + if (!psinfo) + return; + + /* Initialize compression routines. */ + rc =3D allocate_crypto_buf(); + if (rc) + goto fail; + + /* Create common buffer for compression work. */ + buf =3D kmalloc(psinfo->bufsize, GFP_KERNEL); + if (!buf) + goto fail; + + /* A non-NULL big_oops_buf indicates compression is available. */ + big_oops_buf_sz =3D psinfo->bufsize; + big_oops_buf =3D buf; + return; + +fail: + free_buf_for_compression(); +} + /* * Called when compression fails, since the printk buffer * would be fetched for compression calling it again when @@ -589,6 +602,7 @@ static void decompress_record(struct pstore_record *rec= ord) { size_t unzipped_len; char *unzipped, *workspace; + int rc; =20 if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_NONE) || !record->compressed) return; @@ -612,7 +626,8 @@ static void decompress_record(struct pstore_record *rec= ord) if (!workspace) return; =20 - if (pstore_decompress_crypto(record, workspace, &unzipped_len) !=3D 0) { + rc =3D pstore_decompress_crypto(record, workspace, &unzipped_len); + if (rc) { kfree(workspace); return; } --=20 2.34.1 From nobody Thu Apr 9 13:15:34 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52BDBC43219 for ; Tue, 18 Oct 2022 02:09:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230407AbiJRCJQ (ORCPT ); Mon, 17 Oct 2022 22:09:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32828 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230027AbiJRCIn (ORCPT ); Mon, 17 Oct 2022 22:08:43 -0400 Received: from mail-pj1-x102b.google.com (mail-pj1-x102b.google.com [IPv6:2607:f8b0:4864:20::102b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C90937284C for ; Mon, 17 Oct 2022 19:08:40 -0700 (PDT) Received: by mail-pj1-x102b.google.com with SMTP id t12-20020a17090a3b4c00b0020b04251529so12631028pjf.5 for ; Mon, 17 Oct 2022 19:08:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=ezyLTjrM3Dn0zRtu72SFNG0CnEpp1bT63bETOd2sgVAX4wyvBiuKeStfHGQqcLyT0c gVDYu1L+NV1sUT55XXuC2KnIGY6mInWaLnQuPwZ0OWKrVkQgzv5C9d3BHfr/ahLIDZI+ DPOFNE01+2a7o4KLbVjTxkkKlLFYEWzfuT0vY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+VM6TrkNfqqqa9ARyQZypqrAo/ewzetmaTqLOSrYaeE=; b=GHnHNrhymUZyVQoWwWBbUqrAGmbbsekwJ9zw/xGkYTdJ2tvX+gjDTT65tpsty3kWPS JuSZIq97pFSVKKW8QwhsqBKTieWUxye6D0uhnXBcMwPOB/VyVguuRRmgMdhsmiImuRjy sTr2RsUqhpZSzLPY6jMu2JPFPwF5TpfGN30SOy6IpL74pN4SeWFEqJw9FazvGRMRDi/J lxxwDTvLqJYKsc6GVGiSe/KustRfFmglLwHELBB+yv9D+fokhF4oX/ZOrVy/Po817WzA lBvM/a0yrEdnTl5VRljtwW9bmIfq8zn9Jjzm59f5vms8lCdXXMYk+G9yhS2WtCjXHyTI 6lFA== X-Gm-Message-State: ACrzQf30h4Qdvfd88r5wkQMR76H+0S5eFHIvufn7Ad/lqd0M1VBo9eTo QaTHNRkwy/x4KHV/f1rlhmbvXg== X-Google-Smtp-Source: AMsMyM74kPZI3NEJlQ4I13yJg8iIYbMLJs0Ow74byPpU+7gCvF39Ifo4s0jk3IrU+VUUikYEbh0plQ== X-Received: by 2002:a17:902:e542:b0:185:53ee:60cd with SMTP id n2-20020a170902e54200b0018553ee60cdmr690796plf.59.1666058904055; Mon, 17 Oct 2022 19:08:24 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i3-20020aa796e3000000b005625ef68eecsm7801373pfq.31.2022.10.17.19.08.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 17 Oct 2022 19:08:21 -0700 (PDT) From: Kees Cook To: Ard Biesheuvel Cc: Kees Cook , Tony Luck , "Guilherme G. Piccoli" , Nick Terrell , linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 5/5] pstore: Use zstd directly by default for compression Date: Mon, 17 Oct 2022 19:08:13 -0700 Message-Id: <20221018020815.2872331-5-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221018020519.never.337-kees@kernel.org> References: <20221018020519.never.337-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5821; h=from:subject; bh=sLRnNe7TSr1mUP3rC2Jvs34rMQHwsZo2peo8sm7nqHc=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBjTgqNgz5mFVDTEKh2ZTTBl7zsnZsWbaMExcRb5vXR gEu/gkyJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCY04KjQAKCRCJcvTf3G3AJkloEA Cx0DdUC7uHvpq0otB5MaffHQuDX/WFSqZOjbyZ3s4Ko7jTPVRaQ+0I5mgBLkr7XNi5anMUfD6E0dwW Jmj0GLm7TQQTNlNPjlWEh+sBwrakWkY0ogeMNlT2BEghzGrAehJtXAm1OVNpuGZG9zbkTl+YDmSoM0 R00snjAslMqT96UbreZhrfb3+PoH/Mp5KytWO7IR/wIbsZq2x1gbUssIdJ3PMUDV8YIrXyoXep26YD o+lEndpJ0LG+2doq/BH4MbiMXGGAuFjbhjfwlY3jVtGvBpJVjdF3/vD9ornpfamj5gK7MXGyGrWFZ+ s4H9gtlsoD2FGpj+wHerMCmOVqXyg7r4RQ9075mZ3Z8FqcfRwbj+Ywvm8ZExjTFbQnxaou3du24z8y oZ8/OLj58d/xW2gp9OTE4wFeQM736WRXGnmQQOCsfMms1EO8BbpnAZX6/Pc1adzCbOcSIHlqKiC6al lpEUsadqvEctXeAtBUc8w7/S/upt6CE8UOYLxyieiZC5rwWYTakzZjDvDi3nk4//DMjRjjL10ED3Ih b1VGqx9YEEvMtMiNg63YZzTzXFbXAG2UXtmiovUfzVMIXBT2NXjEl4nngk8zmuYqBgPGGpoxiNT60M 9iO/p2mSCGm6jRKhoFq+jeSqnGms3IfOyYPiGf2BV/Kd1JtkkkcGW8HSKHYQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" If compression is desired, use zstd directly to avoid Crypto API overhead. Cc: Tony Luck Cc: "Guilherme G. Piccoli" Cc: Nick Terrell Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook --- fs/pstore/Kconfig | 11 +++++- fs/pstore/platform.c | 93 +++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 97 insertions(+), 7 deletions(-) diff --git a/fs/pstore/Kconfig b/fs/pstore/Kconfig index a95b3981cb0e..1f05312c7479 100644 --- a/fs/pstore/Kconfig +++ b/fs/pstore/Kconfig @@ -25,7 +25,7 @@ config PSTORE_DEFAULT_KMSG_BYTES choice prompt "Panic dump compression" depends on PSTORE - default PSTORE_COMPRESS_CRYPTO + default PSTORE_COMPRESS help Choose whether and how to compress the panic dump output. This is usually only needed for very storage-constrained backends. @@ -38,6 +38,15 @@ choice available to from the Crypto API. Note that this may reserve non-trivial amounts of per-CPU memory. =20 + config PSTORE_COMPRESS + bool "Use recommended best compression algorithm" + select CRYPTO_ZSTD + help + Use the compression routines currently deemed best suited + for panic dump compression. Currently, this is "zstd". + As this compression is used directly through its library + interface, no per-CPU memory is allocated by the Crypto API. + config PSTORE_COMPRESS_NONE bool "Do not compress panic dumps" help diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 4d883dc2e8a7..51d2801fc880 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -23,6 +23,7 @@ #include #include #include +#include =20 #include "internal.h" =20 @@ -72,13 +73,17 @@ module_param(backend, charp, 0444); MODULE_PARM_DESC(backend, "specific backend to use"); =20 static char *compress __ro_after_init =3D -#ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT - CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; +#ifdef CONFIG_PSTORE_COMPRESS + "zstd"; #else - NULL; -#endif +# ifdef CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT + CONFIG_PSTORE_COMPRESS_CRYPTO_DEFAULT; module_param(compress, charp, 0444); MODULE_PARM_DESC(compress, "compression to use"); +# else + NULL; +# endif +#endif =20 /* How much of the kernel log to snapshot */ unsigned long kmsg_bytes =3D CONFIG_PSTORE_DEFAULT_KMSG_BYTES; @@ -88,6 +93,12 @@ MODULE_PARM_DESC(kmsg_bytes, "amount of kernel log to sn= apshot (in bytes)"); /* Compression parameters */ static struct crypto_comp *tfm; =20 +static zstd_cctx *cctx; +static zstd_dctx *dctx; +static void *cwksp; +static void *dwksp; +zstd_parameters zparams; + static char *big_oops_buf; static size_t big_oops_buf_sz; =20 @@ -175,6 +186,14 @@ static int pstore_compress(const void *in, void *out, return 0; } =20 + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS)) { + *outlen =3D zstd_compress_cctx(cctx, out, *outlen, in, inlen, + &zparams); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; + } + return -EINVAL; } =20 @@ -203,12 +222,56 @@ static int allocate_crypto_buf(void) return 0; } =20 +static int allocate_zstd_buf(void) +{ + size_t csize, dsize; + + /* Skip if compression init already done. */ + if (cctx) + return 0; + + zparams =3D zstd_get_params(3, 0); + csize =3D zstd_cctx_workspace_bound(&zparams.cParams); + dsize =3D zstd_dctx_workspace_bound(); + +#define init_ctx(dir, name) do { \ + dir##wksp =3D kzalloc(dir##size, GFP_KERNEL); \ + if (!dir##wksp) { \ + pr_err("Failed %zu byte %s " #name " allocation\n", \ + dir##size, compress); \ + return -ENOMEM; \ + } \ + dir##ctx =3D zstd_init_##dir##ctx(dir##wksp, dir##size); \ + if (!dir##ctx) { \ + pr_err("Failed %s " #name " context init\n", compress); \ + return -EINVAL; \ + } \ +} while (0) + + init_ctx(c, compress); + init_ctx(d, decompress); + +#undef init_wksp + + pr_info("Using crash dump compression: built-in %s\n", compress); + return 0; +} + static void free_buf_for_compression(void) { if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO) && tfm) { crypto_free_comp(tfm); tfm =3D NULL; } + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && cctx) { + cctx =3D NULL; + dctx =3D NULL; + kfree(cwksp); + cwksp =3D NULL; + kfree(dwksp); + dwksp =3D NULL; + + } kfree(big_oops_buf); big_oops_buf =3D NULL; big_oops_buf_sz =3D 0; @@ -228,7 +291,10 @@ static void allocate_buf_for_compression(void) return; =20 /* Initialize compression routines. */ - rc =3D allocate_crypto_buf(); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc =3D allocate_crypto_buf(); + else + rc =3D allocate_zstd_buf(); if (rc) goto fail; =20 @@ -598,6 +664,16 @@ static int pstore_decompress_crypto(struct pstore_reco= rd *record, char *workspac return 0; } =20 +static int pstore_decompress_zstd(struct pstore_record *record, + char *workspace, size_t *outlen) +{ + *outlen =3D zstd_decompress_dctx(dctx, workspace, *outlen, + record->buf, record->size); + if (zstd_is_error(*outlen)) + return -EINVAL; + return 0; +} + static void decompress_record(struct pstore_record *record) { size_t unzipped_len; @@ -626,7 +702,12 @@ static void decompress_record(struct pstore_record *re= cord) if (!workspace) return; =20 - rc =3D pstore_decompress_crypto(record, workspace, &unzipped_len); + if (IS_ENABLED(CONFIG_PSTORE_COMPRESS_CRYPTO)) + rc =3D pstore_decompress_crypto(record, workspace, + &unzipped_len); + else + rc =3D pstore_decompress_zstd(record, workspace, + &unzipped_len); if (rc) { kfree(workspace); return; --=20 2.34.1