From: John Ogness <john.ogness@linutronix.de>
To: Petr Mladek <pmladek@suse.com>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>,
Steven Rostedt <rostedt@goodmis.org>,
Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org
Subject: [PATCH printk v4 6/6] printk: syslog: close window between wait and read
Date: Thu, 15 Jul 2021 21:39:59 +0206 [thread overview]
Message-ID: <20210715193359.25946-7-john.ogness@linutronix.de> (raw)
In-Reply-To: <20210715193359.25946-1-john.ogness@linutronix.de>
Syslog's SYSLOG_ACTION_READ is supposed to block until the next
syslog record can be read, and then it should read that record.
However, because @syslog_lock is not held between waking up and
reading the record, another reader could read the record first,
thus causing SYSLOG_ACTION_READ to return with a value of 0, never
having read _anything_.
By holding @syslog_lock between waking up and reading, it can be
guaranteed that SYSLOG_ACTION_READ blocks until it successfully
reads a syslog record (or a real error occurs).
Signed-off-by: John Ogness <john.ogness@linutronix.de>
---
kernel/printk/printk.c | 55 +++++++++++++++++++++++++++---------------
1 file changed, 36 insertions(+), 19 deletions(-)
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index 99160d0dafd6..d11612687323 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -1480,12 +1480,14 @@ static u64 find_first_fitting_seq(u64 start_seq, u64 max_seq, size_t size,
return seq;
}
+/* The caller is responsible for making sure @size is greater than 0. */
static int syslog_print(char __user *buf, int size)
{
struct printk_info info;
struct printk_record r;
char *text;
int len = 0;
+ u64 seq;
text = kmalloc(CONSOLE_LOG_MAX, GFP_KERNEL);
if (!text)
@@ -1493,15 +1495,35 @@ static int syslog_print(char __user *buf, int size)
prb_rec_init_rd(&r, &info, text, CONSOLE_LOG_MAX);
- while (size > 0) {
+ mutex_lock(&syslog_lock);
+
+ /*
+ * Wait for the @syslog_seq record to be available. @syslog_seq may
+ * change while waiting.
+ */
+ do {
+ seq = syslog_seq;
+
+ mutex_unlock(&syslog_lock);
+ len = wait_event_interruptible(log_wait, prb_read_valid(prb, seq, NULL));
+ mutex_lock(&syslog_lock);
+
+ if (len)
+ goto out;
+ } while (syslog_seq != seq);
+
+ /*
+ * Copy records that fit into the buffer. The above cycle makes sure
+ * that the first record is always available.
+ */
+ do {
size_t n;
size_t skip;
+ int err;
- mutex_lock(&syslog_lock);
- if (!prb_read_valid(prb, syslog_seq, &r)) {
- mutex_unlock(&syslog_lock);
+ if (!prb_read_valid(prb, syslog_seq, &r))
break;
- }
+
if (r.info->seq != syslog_seq) {
/* message is gone, move to next valid one */
syslog_seq = r.info->seq;
@@ -1528,12 +1550,15 @@ static int syslog_print(char __user *buf, int size)
syslog_partial += n;
} else
n = 0;
- mutex_unlock(&syslog_lock);
if (!n)
break;
- if (copy_to_user(buf, text + skip, n)) {
+ mutex_unlock(&syslog_lock);
+ err = copy_to_user(buf, text + skip, n);
+ mutex_lock(&syslog_lock);
+
+ if (err) {
if (!len)
len = -EFAULT;
break;
@@ -1542,8 +1567,9 @@ static int syslog_print(char __user *buf, int size)
len += n;
size -= n;
buf += n;
- }
-
+ } while (size);
+out:
+ mutex_unlock(&syslog_lock);
kfree(text);
return len;
}
@@ -1614,7 +1640,6 @@ int do_syslog(int type, char __user *buf, int len, int source)
bool clear = false;
static int saved_console_loglevel = LOGLEVEL_DEFAULT;
int error;
- u64 seq;
error = check_syslog_permissions(type, source);
if (error)
@@ -1632,15 +1657,6 @@ int do_syslog(int type, char __user *buf, int len, int source)
return 0;
if (!access_ok(buf, len))
return -EFAULT;
-
- /* Get a consistent copy of @syslog_seq. */
- mutex_lock(&syslog_lock);
- seq = syslog_seq;
- mutex_unlock(&syslog_lock);
-
- error = wait_event_interruptible(log_wait, prb_read_valid(prb, seq, NULL));
- if (error)
- return error;
error = syslog_print(buf, len);
break;
/* Read/clear last kernel messages */
@@ -1707,6 +1723,7 @@ int do_syslog(int type, char __user *buf, int len, int source)
} else {
bool time = syslog_partial ? syslog_time : printk_time;
unsigned int line_count;
+ u64 seq;
prb_for_each_info(syslog_seq, prb, seq, &info,
&line_count) {
--
2.20.1
next prev parent reply other threads:[~2021-07-15 19:52 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-15 19:33 [PATCH printk v4 0/6] printk: remove safe buffers John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-15 19:33 ` [PATCH printk v4 1/6] lib/nmi_backtrace: explicitly serialize banner and regs John Ogness
2021-07-15 19:33 ` [PATCH printk v4 2/6] printk: track/limit recursion John Ogness
2021-07-15 19:33 ` [PATCH printk v4 3/6] printk: remove safe buffers John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-21 11:25 ` Petr Mladek
2021-07-21 11:25 ` Petr Mladek
2021-07-21 11:25 ` Petr Mladek
2021-09-02 16:48 ` Geert Uytterhoeven
2021-09-02 16:48 ` Geert Uytterhoeven
2021-09-02 16:48 ` Geert Uytterhoeven
2021-07-15 19:33 ` [PATCH printk v4 4/6] printk: remove NMI tracking John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-15 19:33 ` John Ogness
2021-07-21 12:00 ` Petr Mladek
2021-07-21 12:00 ` Petr Mladek
2021-07-21 12:00 ` Petr Mladek
2021-07-21 12:46 ` John Ogness
2021-07-21 12:46 ` John Ogness
2021-07-21 12:46 ` John Ogness
2021-07-21 13:08 ` Petr Mladek
2021-07-21 13:08 ` Petr Mladek
2021-07-21 13:08 ` Petr Mladek
2021-07-21 13:23 ` John Ogness
2021-07-21 13:23 ` John Ogness
2021-07-21 13:23 ` John Ogness
2021-07-15 19:33 ` [PATCH printk v4 5/6] printk: convert @syslog_lock to mutex John Ogness
2021-07-21 12:21 ` Petr Mladek
2021-07-15 19:33 ` John Ogness [this message]
2021-07-21 12:43 ` [PATCH printk v4 6/6] printk: syslog: close window between wait and read Petr Mladek
2021-07-27 7:26 ` [PATCH printk v4 0/6] printk: remove safe buffers Petr Mladek
2021-07-27 7:26 ` Petr Mladek
2021-07-27 7:26 ` Petr Mladek
2021-07-27 7:26 ` Petr Mladek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210715193359.25946-7-john.ogness@linutronix.de \
--to=john.ogness@linutronix.de \
--cc=linux-kernel@vger.kernel.org \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=senozhatsky@chromium.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.