From: Eric Biggers <ebiggers@kernel.org>
To: Joe Perches <joe@perches.com>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
linux-fscrypt@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] fscrypt: Reduce object size of logging messages
Date: Mon, 7 Sep 2020 15:23:38 -0700 [thread overview]
Message-ID: <20200907222338.GA68127@sol.localdomain> (raw)
In-Reply-To: <ec1347522c95c89425b3189b071b35f9d912e3e0.camel@perches.com>
On Fri, Sep 04, 2020 at 09:38:23PM -0700, Joe Perches wrote:
> > > diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
> > > index 9212325763b0..c82cc3907e43 100644
> > > --- a/fs/crypto/crypto.c
> > > +++ b/fs/crypto/crypto.c
> > > @@ -329,25 +329,27 @@ int fscrypt_initialize(unsigned int cop_flags)
> > > return err;
> > > }
> > >
> > > -void fscrypt_msg(const struct inode *inode, const char *level,
> > > - const char *fmt, ...)
> > > +void fscrypt_printk(const struct inode *inode, const char *fmt, ...)
> > > {
> > > static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
> > > DEFAULT_RATELIMIT_BURST);
> > > struct va_format vaf;
> > > va_list args;
> > > + int level;
> > >
> > > if (!__ratelimit(&rs))
> > > return;
> > >
> > > va_start(args, fmt);
> > > - vaf.fmt = fmt;
> > > + level = printk_get_level(fmt);
> > > + vaf.fmt = printk_skip_level(fmt);
> > > vaf.va = &args;
> > > if (inode)
> > > - printk("%sfscrypt (%s, inode %lu): %pV\n",
> > > - level, inode->i_sb->s_id, inode->i_ino, &vaf);
> > > + printk("%c%cfscrypt (%s, inode %lu): %pV\n",
> > > + KERN_SOH_ASCII, level, inode->i_sb->s_id, inode->i_ino,
> > > + &vaf);
> > > else
> > > - printk("%sfscrypt: %pV\n", level, &vaf);
> > > + printk("%c%cfscrypt: %pV\n", KERN_SOH_ASCII, level, &vaf);
> > > va_end(args);
> >
> > The problem with this approach is that if fscrypt_printk() is called without
> > providing a log level in the format string (which one would assume would work,
> > since printk() allows it), then the real format string will be truncated to just
> > KERN_SOH because 'level' will be 0.
> > Can you find a way to avoid that?
>
> While I don't think this is a problem in that all the fscrypt_<level>
> calls will always prefix a KERN_<LEVEL>,
It's still a pitfall that people could run into later. It would be better to
make fscrypt_printk() work in the expected way.
> what btrfs uses:
>
> char lvl[PRINTK_MAX_SINGLE_HEADER_LEN + 1] = "\0";
> ...
> while ((kern_level = printk_get_level(fmt)) != 0) {
> size_t size = printk_skip_level(fmt) - fmt;
>
> if (kern_level >= '0' && kern_level <= '7') {
> memcpy(lvl, fmt, size);
> lvl[size] = '\0';
> }
> fmt += size;
> }
>
> and use "%s...", lvl, ...
>
Is the loop really needed? How about just:
diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 9212325763b0f..c5a87c2fe1020 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -329,11 +329,12 @@ int fscrypt_initialize(unsigned int cop_flags)
return err;
}
-void fscrypt_msg(const struct inode *inode, const char *level,
- const char *fmt, ...)
+void fscrypt_printk(const struct inode *inode, const char *fmt, ...)
{
static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
DEFAULT_RATELIMIT_BURST);
+ const char *raw_fmt = printk_skip_level(fmt);
+ int hdr_len = raw_fmt - fmt;
struct va_format vaf;
va_list args;
@@ -341,13 +342,13 @@ void fscrypt_msg(const struct inode *inode, const char *level,
return;
va_start(args, fmt);
- vaf.fmt = fmt;
+ vaf.fmt = raw_fmt;
vaf.va = &args;
if (inode)
- printk("%sfscrypt (%s, inode %lu): %pV\n",
- level, inode->i_sb->s_id, inode->i_ino, &vaf);
+ printk("%.*sfscrypt (%s, inode %lu): %pV\n",
+ hdr_len, fmt, inode->i_sb->s_id, inode->i_ino, &vaf);
else
- printk("%sfscrypt: %pV\n", level, &vaf);
+ printk("%.*sfscrypt: %pV\n", hdr_len, fmt, &vaf);
va_end(args);
}
>
> > > -#define fscrypt_warn(inode, fmt, ...) \
> > > - fscrypt_msg((inode), KERN_WARNING, fmt, ##__VA_ARGS__)
> > > -#define fscrypt_err(inode, fmt, ...) \
> > > - fscrypt_msg((inode), KERN_ERR, fmt, ##__VA_ARGS__)
> > > +#define fscrypt_err(inode, fmt, ...) \
> > > + fscrypt_printk(inode, KERN_ERR fmt, ##__VA_ARGS__)
> > > +#define fscrypt_warn(inode, fmt, ...) \
> > > + fscrypt_printk(inode, KERN_WARNING fmt, ##__VA_ARGS__)
> >
> > It's probably best to keep the parentheses around 'inode'.
>
> Not really as it's an independent argument that can't
> effectively have any other purpose but to be an argument
> to the fsrypt_printk function.
True, but since forgetting to include parentheses around macro arguments is such
a common mistake, IMO they should just always be included so that people don't
have to think about whether the omission is correct or not.
- Eric
next prev parent reply other threads:[~2020-09-07 22:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-04 22:10 [PATCH] fscrypt: Reduce object size of logging messages Joe Perches
2020-09-04 23:03 ` Eric Biggers
2020-09-05 4:38 ` Joe Perches
2020-09-07 22:23 ` Eric Biggers [this message]
2020-09-07 23:00 ` Joe Perches
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200907222338.GA68127@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=joe@perches.com \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox