From: Don Zickus <dzickus@redhat.com>
To: Tony Luck <tony.luck@gmail.com>
Cc: Kees Cook <keescook@chromium.org>,
linux-kernel@vger.kernel.org, Matthew Garrett <mjg@redhat.com>,
Chen Gong <gong.chen@linux.intel.com>,
Huang Ying <ying.huang@intel.com>,
Mike Waychison <mikew@google.com>,
Greg Kroah-Hartman <gregkh@suse.de>,
Seiji Aguchi <seiji.aguchi@hds.com>
Subject: Re: [PATCH v2] pstore: pass allocated memory region back to caller
Date: Thu, 17 Nov 2011 08:53:37 -0500 [thread overview]
Message-ID: <20111117135337.GL8685@redhat.com> (raw)
In-Reply-To: <CA+8MBb+dEz+zOD_SsOYqV3z1O-H-Q8CRyr6gPU73S34xhxDWiQ@mail.gmail.com>
On Wed, Nov 16, 2011 at 02:45:24PM -0800, Tony Luck wrote:
> On Wed, Nov 16, 2011 at 2:20 PM, Don Zickus <dzickus@redhat.com> wrote:
> > This is an interesting approach. But are we leaving psinfo data exposed
> > when you have a reader and writer at the same time?
>
> I look at this as the first step in separating the read & write paths.
>
> I started out with the (good) idea that the back end should allocate & own
> the buffer for the write path ... this means that the buffer is ready to use
> when an oops/panic happens - which is obviously a bad time to need to
> allocate memory :-)
Of course. :-) But don't we have mechanisms which can use pre-allocated
memory? Like the lock-less link list or the ring buffer?
Or maybe something safer, perhaps pass the backend buffer size to the
dumper routine when it registers? That way kmsg_dump can allocate memory
at registration time which is sync'd in size with the backend. This
allows kmsg_dump to fill the buffer and pass it directly down to the
backend (through pstore_dumper), with minimal locks, without breaking it
up again and re-copying into yet another buffer.
Thoughts?
>
> Then I reused the same buffer for read - in hindsight this was not such a
> good idea - it led to all the discussions we've had about how to guarantee
> that the dmesg data gets saved on panic - even in the cases where we
> can't get the locks (so proposals have been made to bust the locks).
>
> So Kees' patch is the functional equivalent of busting the spinlock.
>
> Next step would be to look at the back end drivers to see whether
> they can handle a simultaneous read & write in a graceful way.
>
I was just wondering if we should put a 'const' on the psinfo data being
passed to the read/write routine, otherwise a broken backend could modify
psinfo and corrupt any concurrent access, no?
> I've queued this for linux-next. Probably missed the snapshot today,
> but I expect it should show up in next-20111118
Cheers,
Don
next prev parent reply other threads:[~2011-11-17 13:54 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-16 21:13 [PATCH v2] pstore: pass allocated memory region back to caller Kees Cook
2011-11-16 22:20 ` Don Zickus
2011-11-16 22:45 ` Tony Luck
2011-11-17 13:53 ` Don Zickus [this message]
2011-11-17 9:22 ` Chen Gong
2011-11-17 17:51 ` Kees Cook
2011-11-17 18:20 ` Tony Luck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111117135337.GL8685@redhat.com \
--to=dzickus@redhat.com \
--cc=gong.chen@linux.intel.com \
--cc=gregkh@suse.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mikew@google.com \
--cc=mjg@redhat.com \
--cc=seiji.aguchi@hds.com \
--cc=tony.luck@gmail.com \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.