From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id EFB78347530
	for <linux-kernel@vger.kernel.org>; Fri, 27 Mar 2026 16:20:17 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.45
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774628419; cv=none; b=py0Sz+Z7pxlechqgAPfkw4bAE57nVvtmmGvPFOkBkZOopmd6gFCYd203TWRiP1fwXVgli9fhKDmSKq3skdwwFbuFaibV44if28ICBkua0XsJZ5c3DljMrVzxeDaiOM2E85mVMHs3rhljBPLKSlL4JFxdIH4zzDi/JvFkAVtciOg=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774628419; c=relaxed/simple;
	bh=lqlFWgPBzjZTpwe+AEayoOVfsxpi65LTDQsno7CnfU4=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=DJYgM6N2ZVWSPgk1wNKQT2jjKPaCfEhI7IFGxQX/9LWMPI7LF7tZaCkxC1ReT9GSKYsyPGV3TphcH3QcyfmGxESzWblN2aBHsApm5RcUFiLaL2bNZXeD54bX7xIMbH2L3E8giRwas1K3bvWx+HOvfQQPh5tEW4GBdHXuqkh11OE=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b=Pt3lGT//; arc=none smtp.client-ip=209.85.221.45
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=suse.com header.i=@suse.com header.b="Pt3lGT//"
Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-439cd6b09f8so1541814f8f.3
        for <linux-kernel@vger.kernel.org>; Fri, 27 Mar 2026 09:20:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=suse.com; s=google; t=1774628416; x=1775233216; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=GWj6PnRgmg2QNUQCBP0TFKGsaYTpSuflbxdJ28r+Rqk=;
        b=Pt3lGT//cclBVRw7UdcJEhWfjGkNQZys2KG4gGCuJQjn7fojc44i25NeqwP5gXYB3U
         AYLvtbnyoVD22f0o/FV9ZEYmGdLSAQrnQAdQg8qC3GnTk7pAjvf1fyrHKezIZZNYinDy
         QGLbw0zFnsZxZZt46ouUbPiApbfsT+yhyYqweydc3mrLA9FthEI37e3pJXpoxHm5pf+k
         e+z/H0Pjx9V7G84+ud7oFma358oVjBK0ZSYG5rmMKctZ7rQpaJZ/Jh1ngWmUq9U0EF9r
         8djDWDSWpagyg2JgorJOtNzhDNh90yxcX+qn4NqW8v+a68s3T+EMIPxQ3eQRQnCCPNgn
         6yRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1774628416; x=1775233216;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=GWj6PnRgmg2QNUQCBP0TFKGsaYTpSuflbxdJ28r+Rqk=;
        b=KocgfAwceEwDdG8mY6sM7sK5RZYzDI9NE8s+iVjVAvudbszRYwbD2jGcfbivsupu2w
         YV64AFJyjnPoe5JtZpWkJhMQ9ObbqochwqwOW/Kb8IPO1BFHJkgkYUkGTlXQTRm2BLkR
         ZqOLnj2nN+uBanMhzLhr7v5Y99UCGttJ9rh2igZvZlS9eRWtc7WIEHZVUdUAzrt6+0K9
         TvJYDep1qdtSTv/YMYLjdJg2zgVwa7r0T2qAFR4jn9D+xkfB8PGNUxL36J1bhBuNvlL6
         026+Wnt3C1r6MrN+W20vIjHyXFxaq0mLdHwcP6/lQdB9sIaxoCzfYdcjaAUtQu1KlL7X
         VtXQ==
X-Forwarded-Encrypted: i=1; AJvYcCU167AWCdKGbq6UYuQjpcwn7E1b8IcwL3apc2k1al03bk5x3JEL5RAVqQFkAzRmPw49wZi4OLTaiA5j2Tg=@vger.kernel.org
X-Gm-Message-State: AOJu0Yzikhu+8qbbfrrcH4R6+KqU8V4gfXlQMBDtjVSzPps+LAu2muwF
	i3z+XQZuruJfqz8d7SbvFxwiEjNygTsF1Za5jxflp40cKorVHPGgLtBSbM3A0YDPOlJI6Lahknb
	mcrc+bXE=
X-Gm-Gg: ATEYQzwwiqN9u1llO7aAlylYaAjgPFSeAWN3QZveLkE7O3pEkX6++wxfpYi171GwU2k
	8d/mA+Yh/lnJdLqrE1Ary4oeCdpqrK5gSZ9o4oPbkdUeuE2xPXNBuAwYD4IeKCDI1NQv+G42hg5
	f4RfY9UAyjlWFZgvGnnKe+wWGMI/xBtRJid/cOmxF0v5mvuQbpGi5uJu7ysJ0qzZyOcOESAiZXk
	PBca83ow9H3jQFms1fhyAjr2pEHjE6ECZ6+81mKNMHlIW1HRGGu70ovYRydncjVxPW6uIQ6RQ0p
	DzOK1DbQmNS/IHYa0+JmD3o+DpC+YRCYi5x24z8ryaeckiplH3FVWGc7/cI3V2umpftPvN9FDVA
	m6TrK7FvlnPJrdb922SX6nUS7NFyv5aCOmHQYbI4UUOvoXvKtu5ik/JNJs++16u5JGMrHwgCnru
	Yr8OIEIIUTVScjywldAimZsN5Zew==
X-Received: by 2002:a05:6000:1787:b0:43b:9b63:920b with SMTP id ffacd0b85a97d-43b9e9e8e5cmr5484296f8f.16.1774628416274;
        Fri, 27 Mar 2026 09:20:16 -0700 (PDT)
Received: from pathway.suse.cz ([176.114.240.130])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-43b919df7e7sm15270203f8f.26.2026.03.27.09.20.15
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 27 Mar 2026 09:20:15 -0700 (PDT)
Date: Fri, 27 Mar 2026 17:20:14 +0100
From: Petr Mladek <pmladek@suse.com>
To: John Ogness <john.ogness@linutronix.de>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>,
	Steven Rostedt <rostedt@goodmis.org>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH printk v2 1/2] printk_ringbuffer: Fix get_data() size
 sanity check
Message-ID: <acauPlmV4RayduW_@pathway.suse.cz>
References: <20260326133809.8045-1-john.ogness@linutronix.de>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20260326133809.8045-1-john.ogness@linutronix.de>

On Thu 2026-03-26 14:44:01, John Ogness wrote:
> Commit cc3bad11de6e ("printk_ringbuffer: Fix check of valid data
> size when blk_lpos overflows") added sanity checking to get_data()
> to avoid returning data of illegal sizes (too large or too small).
> It uses the helper function data_check_size() for the check.
> However, data_check_size() expects the size of the data, not the
> size of the data block. get_data() is providing the size of the
> data block.  This means that if the data size (text_buf_size) is
> at or near the maximum legal size:
> 
> sizeof(prb_data_block) + text_buf_size == DATA_SIZE(data_ring) / 2
> 
> data_check_size() will report failure because it adds
> sizeof(prb_data_block) to the provided size. The sanity check in
> get_data() is counting the data block header twice. The result is
> that the reader fails to read the legal record.
> 
> Since get_data() subtracts the data block header size before returning,
> move the sanity check to after the subtraction.
> 
> Luckily printk() is not vulnerable to this problem because
> truncate_msg() limits printk-messages to 1/4 of the ringbuffer.
> Indeed, by adjusting the printk_ringbuffer KUnit test, which does not
> use printk() and its truncate_msg() check, it is easy to see that the
> reader fails and the WARN_ON is triggered.
> 
> Fixes: cc3bad11de6e ("printk_ringbuffer: Fix check of valid data size when blk_lpos overflows")
> Signed-off-by: John Ogness <john.ogness@linutronix.de>

JFYI, both patches have been comitted into printk/linux.git,
branch rework/prb-fixes.

They are queued for the next merge window (7.1).

Best Regards,
Petr