All of lore.kernel.org
 help / color / mirror / Atom feed
From: Shuah Khan <skhan@linuxfoundation.org>
To: corbet@lwn.net, keescook@chromium.org,
	gregkh@linuxfoundation.org, peterz@infradead.org
Cc: Shuah Khan <skhan@linuxfoundation.org>,
	linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-kselftest@vger.kernel.org
Subject: [PATCH 02/13] selftests:lib:test_seqnum_ops: add new test for seqnum_ops
Date: Tue, 10 Nov 2020 12:53:28 -0700	[thread overview]
Message-ID: <754c8befc6ec6deea20c01b9a663a818c5726b88.1605027593.git.skhan@linuxfoundation.org> (raw)
In-Reply-To: <cover.1605027593.git.skhan@linuxfoundation.org>

Add a new selftest for testing seqnum_ops. This test loads test_seqnum_ops
test module and unloads it. The test module runs tests and prints results
to dmesg.

There are a number of atomic_t usages in the kernel where atomic_t api
is used strictly for counting sequence numbers and other statistical
counters and not for managing object lifetime.

The purpose of these Sequence Number Ops is to clearly differentiate
atomic_t counter usages from atomic_t usages that guard object lifetimes,
hence prone to overflow and underflow errors.

The atomic_t api provides a wide range of atomic operations as a base
api to implement atomic counters, bitops, spinlock interfaces. The usages
also evolved into being used for resource lifetimes and state management.
The refcount_t api was introduced to address resource lifetime problems
related to atomic_t wrapping. There is a large overlap between the
atomic_t api used for resource lifetimes and just counters, stats, and
sequence numbers. It has become difficult to differentiate between the
atomic_t usages that should be converted to refcount_t and the ones that
can be left alone. Introducing seqnum_ops to wrap the usages that are
stats, counters, sequence numbers makes it easier for tools that scan
for underflow and overflow on atomic_t usages to detect overflow and
underflows to scan just the cases that are prone to errors.

Sequence Number api provides interfaces for simple atomic_t counter usages
that just count, and don't guard resource lifetimes. The seqnum_ops are
built on top of atomic_t api, providing a smaller subset of atomic_t
interfaces necessary to support atomic_t usages as simple counters.
This api has init/set/inc/dec/read and doesn't support other atomic_t
ops with the intent to restrict the use of these interfaces as simple
counting usages.

Sequence Numbers wrap around to INT_MIN when it overflows and should not
be used to guard resource lifetimes, device usage and open counts that
control state changes, and pm states. Overflowing to INT_MIN is consistent
with the atomic_t api, which it is built on top of.

Using seqnum to guard lifetimes could lead to use-after free when it
overflows and undefined behavior when used to manage state changes and
device usage/open states.

Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
---
 Documentation/core-api/seqnum_ops.rst          |  9 +++++++++
 MAINTAINERS                                    |  1 +
 include/linux/seqnum_ops.h                     |  2 ++
 tools/testing/selftests/lib/Makefile           |  1 +
 tools/testing/selftests/lib/config             |  1 +
 tools/testing/selftests/lib/test_seqnum_ops.sh | 10 ++++++++++
 6 files changed, 24 insertions(+)
 create mode 100755 tools/testing/selftests/lib/test_seqnum_ops.sh

diff --git a/Documentation/core-api/seqnum_ops.rst b/Documentation/core-api/seqnum_ops.rst
index 7a396c2cda19..3a9ddba985f2 100644
--- a/Documentation/core-api/seqnum_ops.rst
+++ b/Documentation/core-api/seqnum_ops.rst
@@ -115,3 +115,12 @@ Decrements sequence number and doesn't return the new value. ::
 
         seqnum32_dec() --> atomic_dec()
         seqnum64_dec() --> atomic64_dec()
+
+Where are the seqnum_ops and how to use and test them?
+------------------------------------------------------
+
+.. kernel-doc:: include/linux/seqnum_ops.h
+
+Please see lib/test_seqnum_ops.c for examples usages.
+Please find selftest: testing/selftests/lib/test_seqnum_ops.sh
+Please check dmesg for results after running test_seqnum_ops.sh.
diff --git a/MAINTAINERS b/MAINTAINERS
index c83a6f05610b..e6ae131836a5 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -15983,6 +15983,7 @@ L:	linux-kernel@vger.kernel.org
 S:	Maintained
 F:	include/linux/seqnum_ops.h
 F:	lib/test_seqnum_ops.c
+F:	tools/testing/selftests/lib/test_seqnum_ops.sh
 
 SIMPLE FIRMWARE INTERFACE (SFI)
 S:	Obsolete
diff --git a/include/linux/seqnum_ops.h b/include/linux/seqnum_ops.h
index b97c7f310beb..a1def2ad5bc2 100644
--- a/include/linux/seqnum_ops.h
+++ b/include/linux/seqnum_ops.h
@@ -28,6 +28,8 @@
  *
  * Reference and API guide:
  *	Documentation/core-api/seqnum_ops.rst for more information.
+ *	lib/test_seqnum_ops.c - example usages
+ *	tools/testing/selftests/lib/test_seqnum_ops.sh
  *
  */
 
diff --git a/tools/testing/selftests/lib/Makefile b/tools/testing/selftests/lib/Makefile
index a105f094676e..1818444f0e97 100644
--- a/tools/testing/selftests/lib/Makefile
+++ b/tools/testing/selftests/lib/Makefile
@@ -5,5 +5,6 @@
 all:
 
 TEST_PROGS := printf.sh bitmap.sh prime_numbers.sh strscpy.sh
+TEST_PROGS += test_seqnum_ops.sh
 
 include ../lib.mk
diff --git a/tools/testing/selftests/lib/config b/tools/testing/selftests/lib/config
index b80ee3f6e265..674ed2a2ac82 100644
--- a/tools/testing/selftests/lib/config
+++ b/tools/testing/selftests/lib/config
@@ -3,3 +3,4 @@ CONFIG_TEST_BITMAP=m
 CONFIG_PRIME_NUMBERS=m
 CONFIG_TEST_STRSCPY=m
 CONFIG_TEST_BITOPS=m
+CONFIG_TEST_SEQNUM_OPS=m
diff --git a/tools/testing/selftests/lib/test_seqnum_ops.sh b/tools/testing/selftests/lib/test_seqnum_ops.sh
new file mode 100755
index 000000000000..fdce16b220ba
--- /dev/null
+++ b/tools/testing/selftests/lib/test_seqnum_ops.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (c) 2020 Shuah Khan <skhan@linuxfoundation.org>
+# Copyright (c) 2020 The Linux Foundation
+#
+# Tests the Sequence Number Ops interfaces using test_seqnum_ops
+# kernel module
+#
+$(dirname $0)/../kselftest/module.sh "test_seqnum_ops" test_seqnum_ops
-- 
2.27.0


  parent reply	other threads:[~2020-11-10 19:54 UTC|newest]

Thread overview: 49+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-10 19:53 [PATCH 00/13] Introduce seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 01/13] seqnum_ops: Introduce Sequence Number Ops Shuah Khan
2020-11-10 20:41   ` Greg KH
2020-11-10 20:43     ` Greg KH
2020-11-11  0:18       ` Kees Cook
2020-11-11 19:23         ` Shuah Khan
2020-11-12 12:36           ` Matthew Wilcox
2020-11-12 16:17             ` Shuah Khan
2020-11-12 16:45               ` Greg KH
2020-11-12 16:59                 ` Shuah Khan
2020-11-12 21:27           ` Shuah Khan
2020-11-17 12:27             ` Peter Zijlstra
2020-11-10 21:03   ` Matthew Wilcox
2020-11-10 22:58     ` Shuah Khan
2020-11-11  0:20       ` Kees Cook
2020-11-11 15:42         ` Shuah Khan
2020-11-11  8:23   ` Peter Zijlstra
2020-11-11 15:56     ` Shuah Khan
2020-11-11 16:04       ` Peter Zijlstra
2020-11-11 17:34         ` Shuah Khan
2020-11-11 17:50           ` Peter Zijlstra
2020-11-11 18:28             ` Shuah Khan
2020-11-11 20:15               ` Peter Zijlstra
2020-11-12 13:29                 ` Greg KH
2020-11-10 19:53 ` Shuah Khan [this message]
2020-11-10 19:53 ` [PATCH 03/13] drivers/acpi: convert seqno seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 04/13] drivers/acpi/apei: convert seqno to seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 05/13] drivers/base/test/test_async_driver_probe: convert to use seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 06/13] drivers/char/ipmi: convert stats " Shuah Khan
2020-11-10 19:53 ` [PATCH 07/13] drivers/edac: convert pci counters to seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 08/13] drivers/oprofile: convert stats to use seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 09/13] drivers/staging/rtl8723bs: " Shuah Khan
2020-11-10 19:53   ` Shuah Khan
2020-11-10 19:53 ` [PATCH 10/13] usb: usbip/vhci: convert seqno to seqnum_ops Shuah Khan
2020-11-10 19:53 ` [PATCH 11/13] drivers/staging/rtl8188eu: convert stats to use seqnum_ops Shuah Khan
2020-11-10 19:53   ` Shuah Khan
2020-11-10 19:53 ` [PATCH 12/13] drivers/staging/unisys/visorhba: " Shuah Khan
2020-11-10 19:53   ` Shuah Khan
2020-11-10 20:42   ` Greg KH
2020-11-10 20:42     ` Greg KH
2020-11-10 21:02     ` Shuah Khan
2020-11-10 21:02       ` Shuah Khan
2020-11-10 19:53 ` [PATCH 13/13] security/integrity/ima: converts stats to seqnum_ops Shuah Khan
2020-11-11  8:51   ` kernel test robot
2020-11-10 20:44 ` [PATCH 00/13] Introduce seqnum_ops Alan Stern
2020-11-10 22:42   ` Shuah Khan
2020-11-11  4:33 ` Matthew Wilcox
2020-11-11 16:03   ` Shuah Khan
2020-11-11 16:41     ` Matthew Wilcox

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=754c8befc6ec6deea20c01b9a663a818c5726b88.1605027593.git.skhan@linuxfoundation.org \
    --to=skhan@linuxfoundation.org \
    --cc=corbet@lwn.net \
    --cc=gregkh@linuxfoundation.org \
    --cc=keescook@chromium.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=peterz@infradead.org \
    --subject='Re: [PATCH 02/13] selftests:lib:test_seqnum_ops: add new test for seqnum_ops' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.