From: Oleg Nesterov <oleg@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andi Kleen <andi@firstfloor.org>,
Colin Walters <walters@verbum.org>,
Denys Vlasenko <vda.linux@googlemail.com>,
Jiri Slaby <jslaby@suse.cz>,
Lennart Poettering <mzxreary@0pointer.de>,
Lucas De Marchi <lucas.de.marchi@gmail.com>,
Neil Horman <nhorman@tuxdriver.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 5/6] coredump: kill call_count, add core_name_size
Date: Mon, 27 May 2013 17:16:30 +0200 [thread overview]
Message-ID: <20130527151630.GA30933@redhat.com> (raw)
In-Reply-To: <20130524125323.861541a12992c3da0145f0d9@linux-foundation.org>
On 05/24, Andrew Morton wrote:
>
> On Wed, 15 May 2013 22:12:32 +0200 Oleg Nesterov <oleg@redhat.com> wrote:
>
> > Imho, "atomic_t call_count" is ugly and should die. It buys
> > nothing and in fact it can grow more than necessary, expand
> > doesn't check if it was already incremented by another task.
> >
> > Kill it, and introduce "static int core_name_size" updated by
> > expand_corename(). This is obviously racy too but harmless,
> > and core_name_size never grows for no reason.
> >
> > We do not bother to to calculate the "right" new size, we
> > simply do kmalloc(size_we_need) and use ksize() to rely on
> > kmalloc_index's decision.
> >
> > Finally change format_corename() to use expand_corename(),
> > krealloc(NULL) is fine.
>
> The code still looks like a bunch of fluff. I look at it and think
> "wtf, why doesn't it just use kasprintf()".
But how?
kasprintf() can't replace cn_printf(), and it can't make it simpler.
If it was possible to create va_list dinamically then format_corename()
could construct "char *fmt" and call kvasprintf() once.
Or we can change this code to avoid *printk* altogether, we only need
a very limited subset of "enum format_type". Not sure this makes sense.
> If there were any comments in there at all which explained the reason
> for the code's existence, perhaps I wouldn't think that. But there
> aren't, so I do.
If you meant "why do we need expand_corename" I can't answer because
I do not know ;) I mean, if CORENAME_MAX_SIZE == 128 is not enough we
can probably just increase it and simplify the code.
Please see 1b0d300b "core_pattern: fix truncation by core_pattern handler
with long parameters" which introduced this.
And yes, we can keep "expand" but simply kill "atomic_t call_count"
(replaced by core_name_size in this patch), I do not think it buys
too much. But at least with this patch this logic becomes really
trivial.
Andrew, it seems that you missed the last patch in this series,
attached below. I sent it a bit later as 7/6 because I didn't notice
this problem when I started these changes.
Oleg.
-------------------------------------------------------------------------------
[PATCH 7/6] coredump: avoid the uninitialized cn->corename if core_pattern is empty
If core_pattern is "" or "|", cn->corename is used uninitialized
by filp_open() or call_usermodehelper_exec().
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
fs/coredump.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index 5968064..72f816d 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -165,6 +165,7 @@ static int format_corename(struct core_name *cn, struct coredump_params *cprm)
cn->corename = NULL;
if (expand_corename(cn, core_name_size))
return -ENOMEM;
+ cn->corename[0] = '\0';
if (ispipe)
++pat_ptr;
--
1.5.5.1
next prev parent reply other threads:[~2013-05-27 15:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-15 20:11 [PATCH 0/6] coredump: format_corename() fixes/cleanups Oleg Nesterov
2013-05-15 20:12 ` [PATCH 1/6] coredump: format_corename() can leak cn->corename Oleg Nesterov
2013-05-15 20:12 ` [PATCH 2/6] coredump: introduce cn_vprintf() Oleg Nesterov
2013-05-15 20:12 ` [PATCH 3/6] coredump: cn_vprintf() has no reason to call vsnprintf() twice Oleg Nesterov
2013-05-15 20:12 ` [PATCH 4/6] coredump: kill cn_escape(), introduce cn_esc_printf() Oleg Nesterov
2013-05-15 20:26 ` [PATCH v2 " Oleg Nesterov
2013-05-15 20:12 ` [PATCH 5/6] coredump: kill call_count, add core_name_size Oleg Nesterov
2013-05-24 19:53 ` Andrew Morton
2013-05-27 15:16 ` Oleg Nesterov [this message]
2013-05-15 20:12 ` [PATCH 6/6] coredump: '% at the end' shouldn't bypass core_uses_pid logic Oleg Nesterov
2013-05-16 13:28 ` [PATCH 0/6] coredump: format_corename() fixes/cleanups Neil Horman
[not found] ` <20130516154323.GA19060@redhat.com>
2013-05-16 15:43 ` [PATCH 1/1] usermodehelper: check subprocess_info->path != NULL Oleg Nesterov
2013-05-16 16:16 ` Lucas De Marchi
2013-05-16 17:13 ` Oleg Nesterov
[not found] ` <20130516182624.GA29455@redhat.com>
2013-05-16 18:38 ` [PATCH 7/6] coredump: avoid the uninitialized cn->corename if core_pattern is empty Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130527151630.GA30933@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=lucas.de.marchi@gmail.com \
--cc=mzxreary@0pointer.de \
--cc=nhorman@tuxdriver.com \
--cc=vda.linux@googlemail.com \
--cc=walters@verbum.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox