2019-10-07 10:09:11

by Yunfeng Ye

[permalink] [raw]
Subject: [PATCH v2] arm64: armv8_deprecated: Checking return value for memory allocation

There are no return value checking when using kzalloc() and kcalloc() for
memory allocation. so add it.

Signed-off-by: Yunfeng Ye <[email protected]>
---
v1 -> v2:
- return error code when memory allocation failure

arch/arm64/kernel/armv8_deprecated.c | 57 +++++++++++++++++++++++++++---------
1 file changed, 43 insertions(+), 14 deletions(-)

diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c
index 2ec09de..2284fcb 100644
--- a/arch/arm64/kernel/armv8_deprecated.c
+++ b/arch/arm64/kernel/armv8_deprecated.c
@@ -168,12 +168,15 @@ static int update_insn_emulation_mode(struct insn_emulation *insn,
return ret;
}

-static void __init register_insn_emulation(struct insn_emulation_ops *ops)
+static int __init register_insn_emulation(struct insn_emulation_ops *ops)
{
unsigned long flags;
struct insn_emulation *insn;

insn = kzalloc(sizeof(*insn), GFP_KERNEL);
+ if (!insn)
+ return -ENOMEM;
+
insn->ops = ops;
insn->min = INSN_UNDEF;

@@ -197,6 +200,7 @@ static void __init register_insn_emulation(struct insn_emulation_ops *ops)

/* Register any handlers if required */
update_insn_emulation_mode(insn, INSN_UNDEF);
+ return 0;
}

static int emulation_proc_handler(struct ctl_table *table, int write,
@@ -224,7 +228,7 @@ static int emulation_proc_handler(struct ctl_table *table, int write,
return ret;
}

-static void __init register_insn_emulation_sysctl(void)
+static int __init register_insn_emulation_sysctl(void)
{
unsigned long flags;
int i = 0;
@@ -233,6 +237,8 @@ static void __init register_insn_emulation_sysctl(void)

insns_sysctl = kcalloc(nr_insn_emulated + 1, sizeof(*sysctl),
GFP_KERNEL);
+ if (!insns_sysctl)
+ return -ENOMEM;

raw_spin_lock_irqsave(&insn_emulation_lock, flags);
list_for_each_entry(insn, &insn_emulation, node) {
@@ -251,6 +257,7 @@ static void __init register_insn_emulation_sysctl(void)
raw_spin_unlock_irqrestore(&insn_emulation_lock, flags);

register_sysctl("abi", insns_sysctl);
+ return 0;
}

/*
@@ -617,25 +624,47 @@ static int t16_setend_handler(struct pt_regs *regs, u32 instr)
*/
static int __init armv8_deprecated_init(void)
{
- if (IS_ENABLED(CONFIG_SWP_EMULATION))
- register_insn_emulation(&swp_ops);
+ int ret = 0;
+ int err = 0;
+
+ if (IS_ENABLED(CONFIG_SWP_EMULATION)) {
+ ret = register_insn_emulation(&swp_ops);
+ if (ret) {
+ pr_err("register insn emulation swp: fail\n");
+ err = ret;
+ }
+ }

- if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION))
- register_insn_emulation(&cp15_barrier_ops);
+ if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION)) {
+ ret = register_insn_emulation(&cp15_barrier_ops);
+ if (ret) {
+ pr_err("register insn emulation cpu15_barrier: fail\n");
+ err = ret;
+ }
+ }

if (IS_ENABLED(CONFIG_SETEND_EMULATION)) {
- if(system_supports_mixed_endian_el0())
- register_insn_emulation(&setend_ops);
- else
+ if (system_supports_mixed_endian_el0()) {
+ ret = register_insn_emulation(&setend_ops);
+ if (ret) {
+ pr_err("register insn emulation setend: fail\n");
+ err = ret;
+ }
+ } else {
pr_info("setend instruction emulation is not supported on this system\n");
+ }
}

- cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
- "arm64/isndep:starting",
- run_all_insn_set_hw_mode, NULL);
- register_insn_emulation_sysctl();
+ if (nr_insn_emulated) {
+ cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
+ "arm64/isndep:starting",
+ run_all_insn_set_hw_mode, NULL);
+ ret = register_insn_emulation_sysctl();
+ if (ret)
+ err = ret;
+ }

- return 0;
+ return err;
}

core_initcall(armv8_deprecated_init);
--
1.8.3.1


2019-10-07 15:37:45

by Will Deacon

[permalink] [raw]
Subject: Re: [PATCH v2] arm64: armv8_deprecated: Checking return value for memory allocation

On Mon, Oct 07, 2019 at 06:06:35PM +0800, Yunfeng Ye wrote:
> There are no return value checking when using kzalloc() and kcalloc() for
> memory allocation. so add it.
>
> Signed-off-by: Yunfeng Ye <[email protected]>
> ---
> v1 -> v2:
> - return error code when memory allocation failure
>
> arch/arm64/kernel/armv8_deprecated.c | 57 +++++++++++++++++++++++++++---------
> 1 file changed, 43 insertions(+), 14 deletions(-)
>
> diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c
> index 2ec09de..2284fcb 100644
> --- a/arch/arm64/kernel/armv8_deprecated.c
> +++ b/arch/arm64/kernel/armv8_deprecated.c
> @@ -168,12 +168,15 @@ static int update_insn_emulation_mode(struct insn_emulation *insn,
> return ret;
> }
>
> -static void __init register_insn_emulation(struct insn_emulation_ops *ops)
> +static int __init register_insn_emulation(struct insn_emulation_ops *ops)
> {
> unsigned long flags;
> struct insn_emulation *insn;
>
> insn = kzalloc(sizeof(*insn), GFP_KERNEL);
> + if (!insn)
> + return -ENOMEM;
> +
> insn->ops = ops;
> insn->min = INSN_UNDEF;
>
> @@ -197,6 +200,7 @@ static void __init register_insn_emulation(struct insn_emulation_ops *ops)
>
> /* Register any handlers if required */
> update_insn_emulation_mode(insn, INSN_UNDEF);
> + return 0;
> }
>
> static int emulation_proc_handler(struct ctl_table *table, int write,
> @@ -224,7 +228,7 @@ static int emulation_proc_handler(struct ctl_table *table, int write,
> return ret;
> }
>
> -static void __init register_insn_emulation_sysctl(void)
> +static int __init register_insn_emulation_sysctl(void)
> {
> unsigned long flags;
> int i = 0;
> @@ -233,6 +237,8 @@ static void __init register_insn_emulation_sysctl(void)
>
> insns_sysctl = kcalloc(nr_insn_emulated + 1, sizeof(*sysctl),
> GFP_KERNEL);
> + if (!insns_sysctl)
> + return -ENOMEM;
>
> raw_spin_lock_irqsave(&insn_emulation_lock, flags);
> list_for_each_entry(insn, &insn_emulation, node) {
> @@ -251,6 +257,7 @@ static void __init register_insn_emulation_sysctl(void)
> raw_spin_unlock_irqrestore(&insn_emulation_lock, flags);
>
> register_sysctl("abi", insns_sysctl);
> + return 0;
> }
>
> /*
> @@ -617,25 +624,47 @@ static int t16_setend_handler(struct pt_regs *regs, u32 instr)
> */
> static int __init armv8_deprecated_init(void)
> {
> - if (IS_ENABLED(CONFIG_SWP_EMULATION))
> - register_insn_emulation(&swp_ops);
> + int ret = 0;
> + int err = 0;
> +
> + if (IS_ENABLED(CONFIG_SWP_EMULATION)) {
> + ret = register_insn_emulation(&swp_ops);
> + if (ret) {
> + pr_err("register insn emulation swp: fail\n");
> + err = ret;
> + }
> + }

Is there much point in continuing here? May as well just return ret, I
think. I also don't think you need to print anything, since kmalloc
should already have shouted.

> - if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION))
> - register_insn_emulation(&cp15_barrier_ops);
> + if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION)) {
> + ret = register_insn_emulation(&cp15_barrier_ops);
> + if (ret) {
> + pr_err("register insn emulation cpu15_barrier: fail\n");
> + err = ret;
> + }
> + }
>
> if (IS_ENABLED(CONFIG_SETEND_EMULATION)) {
> - if(system_supports_mixed_endian_el0())
> - register_insn_emulation(&setend_ops);
> - else
> + if (system_supports_mixed_endian_el0()) {
> + ret = register_insn_emulation(&setend_ops);
> + if (ret) {
> + pr_err("register insn emulation setend: fail\n");
> + err = ret;
> + }
> + } else {
> pr_info("setend instruction emulation is not supported on this system\n");
> + }
> }
>
> - cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
> - "arm64/isndep:starting",
> - run_all_insn_set_hw_mode, NULL);
> - register_insn_emulation_sysctl();
> + if (nr_insn_emulated) {
> + cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
> + "arm64/isndep:starting",
> + run_all_insn_set_hw_mode, NULL);
> + ret = register_insn_emulation_sysctl();
> + if (ret)
> + err = ret;
> + }

I'm dubious about leaving the cpuhp notifier registered if we fail here.
Can we simply reorder the logic so that the notifier is registered after
successfully calling register_insn_emulation_sysctl()?

Will

2019-10-08 02:38:35

by Yunfeng Ye

[permalink] [raw]
Subject: Re: [PATCH v2] arm64: armv8_deprecated: Checking return value for memory allocation



On 2019/10/7 23:37, Will Deacon wrote:
> On Mon, Oct 07, 2019 at 06:06:35PM +0800, Yunfeng Ye wrote:
>> There are no return value checking when using kzalloc() and kcalloc() for
>> memory allocation. so add it.
>>
>> Signed-off-by: Yunfeng Ye <[email protected]>
>> ---
>> v1 -> v2:
>> - return error code when memory allocation failure
>>
>> arch/arm64/kernel/armv8_deprecated.c | 57 +++++++++++++++++++++++++++---------
>> 1 file changed, 43 insertions(+), 14 deletions(-)
>>
>> diff --git a/arch/arm64/kernel/armv8_deprecated.c b/arch/arm64/kernel/armv8_deprecated.c
>> index 2ec09de..2284fcb 100644
>> --- a/arch/arm64/kernel/armv8_deprecated.c
>> +++ b/arch/arm64/kernel/armv8_deprecated.c
>> @@ -168,12 +168,15 @@ static int update_insn_emulation_mode(struct insn_emulation *insn,
>> return ret;
>> }
>>
>> -static void __init register_insn_emulation(struct insn_emulation_ops *ops)
>> +static int __init register_insn_emulation(struct insn_emulation_ops *ops)
>> {
>> unsigned long flags;
>> struct insn_emulation *insn;
>>
>> insn = kzalloc(sizeof(*insn), GFP_KERNEL);
>> + if (!insn)
>> + return -ENOMEM;
>> +
>> insn->ops = ops;
>> insn->min = INSN_UNDEF;
>>
>> @@ -197,6 +200,7 @@ static void __init register_insn_emulation(struct insn_emulation_ops *ops)
>>
>> /* Register any handlers if required */
>> update_insn_emulation_mode(insn, INSN_UNDEF);
>> + return 0;
>> }
>>
>> static int emulation_proc_handler(struct ctl_table *table, int write,
>> @@ -224,7 +228,7 @@ static int emulation_proc_handler(struct ctl_table *table, int write,
>> return ret;
>> }
>>
>> -static void __init register_insn_emulation_sysctl(void)
>> +static int __init register_insn_emulation_sysctl(void)
>> {
>> unsigned long flags;
>> int i = 0;
>> @@ -233,6 +237,8 @@ static void __init register_insn_emulation_sysctl(void)
>>
>> insns_sysctl = kcalloc(nr_insn_emulated + 1, sizeof(*sysctl),
>> GFP_KERNEL);
>> + if (!insns_sysctl)
>> + return -ENOMEM;
>>
>> raw_spin_lock_irqsave(&insn_emulation_lock, flags);
>> list_for_each_entry(insn, &insn_emulation, node) {
>> @@ -251,6 +257,7 @@ static void __init register_insn_emulation_sysctl(void)
>> raw_spin_unlock_irqrestore(&insn_emulation_lock, flags);
>>
>> register_sysctl("abi", insns_sysctl);
>> + return 0;
>> }
>>
>> /*
>> @@ -617,25 +624,47 @@ static int t16_setend_handler(struct pt_regs *regs, u32 instr)
>> */
>> static int __init armv8_deprecated_init(void)
>> {
>> - if (IS_ENABLED(CONFIG_SWP_EMULATION))
>> - register_insn_emulation(&swp_ops);
>> + int ret = 0;
>> + int err = 0;
>> +
>> + if (IS_ENABLED(CONFIG_SWP_EMULATION)) {
>> + ret = register_insn_emulation(&swp_ops);
>> + if (ret) {
>> + pr_err("register insn emulation swp: fail\n");
>> + err = ret;
>> + }
>> + }
>
> Is there much point in continuing here? May as well just return ret, I
> think. I also don't think you need to print anything, since kmalloc
> should already have shouted.
>
The registration of each instruction simulation is independent. I think
that one failure does not affect the registration of other instructions.
In addition, if return directly, is it need to unregister? Of course,
the first instruction registration can be directly returned, If the
following instruction registration fails, is it need unregister operation?
currently the unregistration of instruction simulation is not be implemented
yet.

The purpose of printing information is to replace the direct return, which
can distinguish which instruction failed to register. There is no need to print
information if it returns directly.

thanks.

>> - if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION))
>> - register_insn_emulation(&cp15_barrier_ops);
>> + if (IS_ENABLED(CONFIG_CP15_BARRIER_EMULATION)) {
>> + ret = register_insn_emulation(&cp15_barrier_ops);
>> + if (ret) {
>> + pr_err("register insn emulation cpu15_barrier: fail\n");
>> + err = ret;
>> + }
>> + }
>>
>> if (IS_ENABLED(CONFIG_SETEND_EMULATION)) {
>> - if(system_supports_mixed_endian_el0())
>> - register_insn_emulation(&setend_ops);
>> - else
>> + if (system_supports_mixed_endian_el0()) {
>> + ret = register_insn_emulation(&setend_ops);
>> + if (ret) {
>> + pr_err("register insn emulation setend: fail\n");
>> + err = ret;
>> + }
>> + } else {
>> pr_info("setend instruction emulation is not supported on this system\n");
>> + }
>> }
>>
>> - cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
>> - "arm64/isndep:starting",
>> - run_all_insn_set_hw_mode, NULL);
>> - register_insn_emulation_sysctl();
>> + if (nr_insn_emulated) {
>> + cpuhp_setup_state_nocalls(CPUHP_AP_ARM64_ISNDEP_STARTING,
>> + "arm64/isndep:starting",
>> + run_all_insn_set_hw_mode, NULL);
>> + ret = register_insn_emulation_sysctl();
>> + if (ret)
>> + err = ret;
>> + }
>
> I'm dubious about leaving the cpuhp notifier registered if we fail here.
> Can we simply reorder the logic so that the notifier is registered after
> successfully calling register_insn_emulation_sysctl()? thanks.
>
ok, I will reorder the logic.
And the same question: is it need to unregister the instruction emulation
if register_insn_emulation_sysctl() invoked fail?

> Will
>
> .
>

2019-10-08 10:26:06

by Will Deacon

[permalink] [raw]
Subject: Re: [PATCH v2] arm64: armv8_deprecated: Checking return value for memory allocation

On Tue, Oct 08, 2019 at 10:33:17AM +0800, Yunfeng Ye wrote:
> On 2019/10/7 23:37, Will Deacon wrote:
> > On Mon, Oct 07, 2019 at 06:06:35PM +0800, Yunfeng Ye wrote:
> >> @@ -617,25 +624,47 @@ static int t16_setend_handler(struct pt_regs *regs, u32 instr)
> >> */
> >> static int __init armv8_deprecated_init(void)
> >> {
> >> - if (IS_ENABLED(CONFIG_SWP_EMULATION))
> >> - register_insn_emulation(&swp_ops);
> >> + int ret = 0;
> >> + int err = 0;
> >> +
> >> + if (IS_ENABLED(CONFIG_SWP_EMULATION)) {
> >> + ret = register_insn_emulation(&swp_ops);
> >> + if (ret) {
> >> + pr_err("register insn emulation swp: fail\n");
> >> + err = ret;
> >> + }
> >> + }
> >
> > Is there much point in continuing here? May as well just return ret, I
> > think. I also don't think you need to print anything, since kmalloc
> > should already have shouted.
> >
> The registration of each instruction simulation is independent. I think
> that one failure does not affect the registration of other instructions.

Dunno, I think that if kmalloc() starts failing then it's time to give up!

> In addition, if return directly, is it need to unregister? Of course,
> the first instruction registration can be directly returned, If the
> following instruction registration fails, is it need unregister operation?
> currently the unregistration of instruction simulation is not be implemented
> yet.

That's an interesting one -- currently there isn't a way to unregister
an emulation hook afaict. We could add unregister_insn_emulation() to
remove the emulation hook from the insn_emulation list and free it, but
I'm actually now starting to prefer your initial patch after all. The only
way these failures will happen are either because the system is doomed
or kmalloc fault injection is being used; so keeping things simple rather
than add rarely executed complexity is probably best.

> The purpose of printing information is to replace the direct return, which
> can distinguish which instruction failed to register. There is no need to print
> information if it returns directly.

What do you expect people to do with that information?

Are you ok with me applying your original patch?

Will

2019-10-08 11:02:30

by Yunfeng Ye

[permalink] [raw]
Subject: Re: [PATCH v2] arm64: armv8_deprecated: Checking return value for memory allocation



On 2019/10/8 18:25, Will Deacon wrote:
> On Tue, Oct 08, 2019 at 10:33:17AM +0800, Yunfeng Ye wrote:
>> On 2019/10/7 23:37, Will Deacon wrote:
>>> On Mon, Oct 07, 2019 at 06:06:35PM +0800, Yunfeng Ye wrote:
>>>> @@ -617,25 +624,47 @@ static int t16_setend_handler(struct pt_regs *regs, u32 instr)
>>>> */
>>>> static int __init armv8_deprecated_init(void)
>>>> {
>>>> - if (IS_ENABLED(CONFIG_SWP_EMULATION))
>>>> - register_insn_emulation(&swp_ops);
>>>> + int ret = 0;
>>>> + int err = 0;
>>>> +
>>>> + if (IS_ENABLED(CONFIG_SWP_EMULATION)) {
>>>> + ret = register_insn_emulation(&swp_ops);
>>>> + if (ret) {
>>>> + pr_err("register insn emulation swp: fail\n");
>>>> + err = ret;
>>>> + }
>>>> + }
>>>
>>> Is there much point in continuing here? May as well just return ret, I
>>> think. I also don't think you need to print anything, since kmalloc
>>> should already have shouted.
>>>
>> The registration of each instruction simulation is independent. I think
>> that one failure does not affect the registration of other instructions.
>
> Dunno, I think that if kmalloc() starts failing then it's time to give up!
>
>> In addition, if return directly, is it need to unregister? Of course,
>> the first instruction registration can be directly returned, If the
>> following instruction registration fails, is it need unregister operation?
>> currently the unregistration of instruction simulation is not be implemented
>> yet.
>
> That's an interesting one -- currently there isn't a way to unregister
> an emulation hook afaict. We could add unregister_insn_emulation() to
> remove the emulation hook from the insn_emulation list and free it, but
> I'm actually now starting to prefer your initial patch after all. The only
> way these failures will happen are either because the system is doomed
> or kmalloc fault injection is being used; so keeping things simple rather
> than add rarely executed complexity is probably best.
>
>> The purpose of printing information is to replace the direct return, which
>> can distinguish which instruction failed to register. There is no need to print
>> information if it returns directly.
>
> What do you expect people to do with that information?
>
> Are you ok with me applying your original patch?
>
I agree, it is simple. thanks.

> Will
>
> .
>