* [LTP] [PATCH] cve: Fix kernel symbol finding for meltdown case
@ 2019-08-20 14:25 zhe.he
2019-08-20 15:17 ` Jan Stancek
0 siblings, 1 reply; 3+ messages in thread
From: zhe.he @ 2019-08-20 14:25 UTC (permalink / raw)
To: ltp
From: He Zhe <zhe.he@windriver.com>
meltdown case failed as below.
safe_file_ops.c:219: BROK: Expected 3 conversions got 2 at meltdown.c:272
The case used SAFE_FILE_LINES_SCANF which is a wrapper of vsscanf which cannot
extract the symbol name from the following line pattern of kernel symbol table.
01234567 T SYMBOL_NAME
Also the original format pattern is not correct.
This patch re-writes the symbol extraction process and adds a NULL pointer
check.
Signed-off-by: He Zhe <zhe.he@windriver.com>
---
testcases/cve/meltdown.c | 38 +++++++++++++++++++++++++++++++-------
1 file changed, 31 insertions(+), 7 deletions(-)
diff --git a/testcases/cve/meltdown.c b/testcases/cve/meltdown.c
index f78c38b..4c3f3b2 100644
--- a/testcases/cve/meltdown.c
+++ b/testcases/cve/meltdown.c
@@ -248,15 +248,34 @@ set_cache_hit_threshold(void)
static unsigned long
find_symbol_in_file(const char *filename, const char *symname)
{
- unsigned long addr;
- char type;
- int ret, read;
- char fmt[strlen(symname) + 64];
+ unsigned long addr = 0;
+ int found = 0;
+ char line[BUFSIZ] = {0};
+ FILE *fp = NULL;
+ char *p = NULL;
+
+ fp = fopen(filename, "r");
+ if (fp == NULL) {
+ tst_res(TBROK | TERRNO,
+ "Failed to open file:%s for symbol:%s",
+ filename, symname);
+ return 0;
+ }
- sprintf(fmt, "%%lx %%c %s%%c", symname);
+ while (fgets(line, BUFSIZ, fp) != NULL) {
+ p = strstr(line, symname);
+ /* Make sure this line is exactly for this symbol.
+ * Substract the EOL added by fgets for each line.
+ */
+ if (p && ((strlen(p) - 1) == strlen(symname))) {
+ found = sscanf(line, "%lx", &addr);
+ if (found == 1)
+ break;
+ }
+ }
+ fclose(fp);
- ret = SAFE_FILE_LINES_SCANF(filename, fmt, &addr, &type, &read);
- if (ret)
+ if (found != 1)
return 0;
return addr;
@@ -322,6 +341,11 @@ static void run(void)
/* read address of saved_cmdline_addr */
addr = saved_cmdline_addr;
+ if (!addr) {
+ tst_res(TBROK | TERRNO, "saved_cmdline_addr is 0\n");
+ return;
+ }
+
size = sizeof(addr);
for (i = 0; i < size; i++) {
ret = readbyte(spec_fd, addr);
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [LTP] [PATCH] cve: Fix kernel symbol finding for meltdown case
2019-08-20 14:25 [LTP] [PATCH] cve: Fix kernel symbol finding for meltdown case zhe.he
@ 2019-08-20 15:17 ` Jan Stancek
2019-08-21 8:26 ` He Zhe
0 siblings, 1 reply; 3+ messages in thread
From: Jan Stancek @ 2019-08-20 15:17 UTC (permalink / raw)
To: ltp
----- Original Message -----
> From: He Zhe <zhe.he@windriver.com>
>
> meltdown case failed as below.
> safe_file_ops.c:219: BROK: Expected 3 conversions got 2 at meltdown.c:272
What line doesn't match current pattern?
I'm not seeing any changes in kallsyms output:
kernel: "%px %c %s\n"
"%px %c %s\t[%s]\n"
LTP: "%lx %c SYMBOL%c"
>
> The case used SAFE_FILE_LINES_SCANF which is a wrapper of vsscanf which
> cannot
> extract the symbol name from the following line pattern of kernel symbol
> table.
Did you mean "extract symbol address"?
>
> 01234567 T SYMBOL_NAME
>
> Also the original format pattern is not correct.
>
> This patch re-writes the symbol extraction process and adds a NULL pointer
> check.
>
> Signed-off-by: He Zhe <zhe.he@windriver.com>
> ---
> testcases/cve/meltdown.c | 38 +++++++++++++++++++++++++++++++-------
> 1 file changed, 31 insertions(+), 7 deletions(-)
>
> diff --git a/testcases/cve/meltdown.c b/testcases/cve/meltdown.c
> index f78c38b..4c3f3b2 100644
> --- a/testcases/cve/meltdown.c
> +++ b/testcases/cve/meltdown.c
> @@ -248,15 +248,34 @@ set_cache_hit_threshold(void)
> static unsigned long
> find_symbol_in_file(const char *filename, const char *symname)
> {
> - unsigned long addr;
> - char type;
> - int ret, read;
> - char fmt[strlen(symname) + 64];
> + unsigned long addr = 0;
> + int found = 0;
> + char line[BUFSIZ] = {0};
> + FILE *fp = NULL;
> + char *p = NULL;
> +
> + fp = fopen(filename, "r");
> + if (fp == NULL) {
> + tst_res(TBROK | TERRNO,
> + "Failed to open file:%s for symbol:%s",
> + filename, symname);
> + return 0;
> + }
>
> - sprintf(fmt, "%%lx %%c %s%%c", symname);
> + while (fgets(line, BUFSIZ, fp) != NULL) {
> + p = strstr(line, symname);
> + /* Make sure this line is exactly for this symbol.
> + * Substract the EOL added by fgets for each line.
> + */
> + if (p && ((strlen(p) - 1) == strlen(symname))) {
> + found = sscanf(line, "%lx", &addr);
> + if (found == 1)
> + break;
> + }
> + }
> + fclose(fp);
>
> - ret = SAFE_FILE_LINES_SCANF(filename, fmt, &addr, &type, &read);
> - if (ret)
> + if (found != 1)
> return 0;
>
> return addr;
> @@ -322,6 +341,11 @@ static void run(void)
>
> /* read address of saved_cmdline_addr */
> addr = saved_cmdline_addr;
> + if (!addr) {
> + tst_res(TBROK | TERRNO, "saved_cmdline_addr is 0\n");
> + return;
> + }
> +
> size = sizeof(addr);
> for (i = 0; i < size; i++) {
> ret = readbyte(spec_fd, addr);
> --
> 2.7.4
>
>
> --
> Mailing list info: https://lists.linux.it/listinfo/ltp
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [LTP] [PATCH] cve: Fix kernel symbol finding for meltdown case
2019-08-20 15:17 ` Jan Stancek
@ 2019-08-21 8:26 ` He Zhe
0 siblings, 0 replies; 3+ messages in thread
From: He Zhe @ 2019-08-21 8:26 UTC (permalink / raw)
To: ltp
On 8/20/19 11:17 PM, Jan Stancek wrote:
> ----- Original Message -----
>> From: He Zhe <zhe.he@windriver.com>
>>
>> meltdown case failed as below.
>> safe_file_ops.c:219: BROK: Expected 3 conversions got 2 at meltdown.c:272
> What line doesn't match current pattern?
> I'm not seeing any changes in kallsyms output:
>
> kernel: "%px %c %s\n"
> "%px %c %s\t[%s]\n"
> LTP: "%lx %c SYMBOL%c"
Thanks and yes, you're correct.
I just found the root cause and I'll send v2.
find_kernel_symbol is defined to try twice with each of /proc/kallsyms and
/boot/System.map-%s. Currently if the symbol is not found in /proc/kallsyms,
when kernel option CONFIG_KALLSYMS_ALL is disabled, it would stop the case
immediately due to SAFE_FILE_LINES_SCANF.
Zhe
>
>> The case used SAFE_FILE_LINES_SCANF which is a wrapper of vsscanf which
>> cannot
>> extract the symbol name from the following line pattern of kernel symbol
>> table.
> Did you mean "extract symbol address"?
>
>> 01234567 T SYMBOL_NAME
>>
>> Also the original format pattern is not correct.
>>
>> This patch re-writes the symbol extraction process and adds a NULL pointer
>> check.
>>
>> Signed-off-by: He Zhe <zhe.he@windriver.com>
>> ---
>> testcases/cve/meltdown.c | 38 +++++++++++++++++++++++++++++++-------
>> 1 file changed, 31 insertions(+), 7 deletions(-)
>>
>> diff --git a/testcases/cve/meltdown.c b/testcases/cve/meltdown.c
>> index f78c38b..4c3f3b2 100644
>> --- a/testcases/cve/meltdown.c
>> +++ b/testcases/cve/meltdown.c
>> @@ -248,15 +248,34 @@ set_cache_hit_threshold(void)
>> static unsigned long
>> find_symbol_in_file(const char *filename, const char *symname)
>> {
>> - unsigned long addr;
>> - char type;
>> - int ret, read;
>> - char fmt[strlen(symname) + 64];
>> + unsigned long addr = 0;
>> + int found = 0;
>> + char line[BUFSIZ] = {0};
>> + FILE *fp = NULL;
>> + char *p = NULL;
>> +
>> + fp = fopen(filename, "r");
>> + if (fp == NULL) {
>> + tst_res(TBROK | TERRNO,
>> + "Failed to open file:%s for symbol:%s",
>> + filename, symname);
>> + return 0;
>> + }
>>
>> - sprintf(fmt, "%%lx %%c %s%%c", symname);
>> + while (fgets(line, BUFSIZ, fp) != NULL) {
>> + p = strstr(line, symname);
>> + /* Make sure this line is exactly for this symbol.
>> + * Substract the EOL added by fgets for each line.
>> + */
>> + if (p && ((strlen(p) - 1) == strlen(symname))) {
>> + found = sscanf(line, "%lx", &addr);
>> + if (found == 1)
>> + break;
>> + }
>> + }
>> + fclose(fp);
>>
>> - ret = SAFE_FILE_LINES_SCANF(filename, fmt, &addr, &type, &read);
>> - if (ret)
>> + if (found != 1)
>> return 0;
>>
>> return addr;
>> @@ -322,6 +341,11 @@ static void run(void)
>>
>> /* read address of saved_cmdline_addr */
>> addr = saved_cmdline_addr;
>> + if (!addr) {
>> + tst_res(TBROK | TERRNO, "saved_cmdline_addr is 0\n");
>> + return;
>> + }
>> +
>> size = sizeof(addr);
>> for (i = 0; i < size; i++) {
>> ret = readbyte(spec_fd, addr);
>> --
>> 2.7.4
>>
>>
>> --
>> Mailing list info: https://lists.linux.it/listinfo/ltp
>>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-08-21 8:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-20 14:25 [LTP] [PATCH] cve: Fix kernel symbol finding for meltdown case zhe.he
2019-08-20 15:17 ` Jan Stancek
2019-08-21 8:26 ` He Zhe
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.