Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1194209imu;
        Thu, 13 Dec 2018 10:52:52 -0800 (PST)
X-Google-Smtp-Source: AFSGD/X2NAiAGRtWmRjt/i/NrKUcyRlwbfd6iRJ+G34U6x+357TaALYs952gP55YfCqjdjDEQIj4
X-Received: by 2002:a17:902:5ac2:: with SMTP id g2mr24715514plm.313.1544727172220;
        Thu, 13 Dec 2018 10:52:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1544727172; cv=none;
        d=google.com; s=arc-20160816;
        b=znTjHse3Nru6Xm0cD89fp7ru2cdm9svAyakWI5py8nJRaRWDTUh2JXx/NhsmHV8+x7
         7iTUh5cWdronneLTvyEewyRZxzItk/FgE87Xe1YLysKOUfZOycWosaScApXDPvpoWQIx
         UjI9/fJkKz5J5TxwZ3HtpOAgxMPKrqvi0lxKRoopSNoWS+tYK1pvIeNz0WZ5TaTJi4P0
         nAX4x9htiPg+UY9DnBth1CycU9n5JhqLxtlN2AE0u6+REYWQcGx8owvV+TkIo1fLXB6/
         CTZ282PqjltxYtdLVWUUI9TUmuLrYulZ1LvOsofeP2wOuUDfkTS47LeIrDnT6pP2UxX1
         4JQA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=niCubtYfxFSKOR2dSB7k7qTr6i2oYYU5iKHTmU5n8j8=;
        b=jEkPq8oOOFHm2H8H5bctnVLzhbdvmSugvbClMn4/3cGOtwDMztMFOKeH+POKn2/1tl
         5bEh4GPZwXHvg1r32bw3cR631uwP5/8+J30QzRtszlIaeAETc2VmHk9KaLsAFwqHzqFI
         5TMLX7ALkwnMWN4RUU0jz2A4DMUvn7evRKUaXbIrhTTzBuZjQ05jZYPoXAZYQrZ+Skjs
         pSheaVeCJMps9gdhIpSWKt3z1CFy3oYUVe3d1rZrRT/TN0k7upRs9WpER4zcd5NHFcF0
         TO3x84yzeFPeZYtDBdosFZnnjm7WUM1qakVDKLH9j4wtpEXqPV2zfFV+BINmLu7mEFBy
         OEfg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f90si2135758plb.362.2018.12.13.10.52.37;
        Thu, 13 Dec 2018 10:52:52 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727556AbeLMSvc (ORCPT <rfc822;chaneybenjamini@gmail.com>
        + 99 others); Thu, 13 Dec 2018 13:51:32 -0500
Received: from 178.115.242.59.static.drei.at ([178.115.242.59]:52521 "EHLO
        mail.osadl.at" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726457AbeLMSvc (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Dec 2018 13:51:32 -0500
Received: by mail.osadl.at (Postfix, from userid 1001)
        id 9BBCA5C22C4; Thu, 13 Dec 2018 19:51:26 +0100 (CET)
Date:   Thu, 13 Dec 2018 19:51:26 +0100
From:   Nicholas Mc Guire <der.herr@hofr.at>
To:     Joe Lawrence <joe.lawrence@redhat.com>
Cc:     Nicholas Mc Guire <hofrat@osadl.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Jessica Yu <jeyu@kernel.org>, Jiri Kosina <jikos@kernel.org>,
        Miroslav Benes <mbenes@suse.cz>,
        Petr Mladek <pmladek@suse.com>, live-patching@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2 V2] livepatch: handle kzalloc failure properly
Message-ID: <20181213185126.GA24202@osadl.at>
References: <1544709956-16701-1-git-send-email-hofrat@osadl.org>
 <1544709956-16701-2-git-send-email-hofrat@osadl.org>
 <daf5bf66-3bcc-476c-6237-0e46028cb269@redhat.com>
 <20181213153954.GA9816@osadl.at>
 <2d712c92-e661-a32c-06cf-4de93ad93f77@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <2d712c92-e661-a32c-06cf-4de93ad93f77@redhat.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Dec 13, 2018 at 11:39:25AM -0500, Joe Lawrence wrote:
> On 12/13/2018 10:39 AM, Nicholas Mc Guire wrote:
> > On Thu, Dec 13, 2018 at 09:14:18AM -0500, Joe Lawrence wrote:
> >> On 12/13/2018 09:05 AM, Nicholas Mc Guire wrote:
> >>> kzalloc() return should be checked. On dummy_alloc() failing
> >>> in kzalloc() NULL should be returned.
> >>>
> >>> Signed-off-by: Nicholas Mc Guire <hofrat@osadl.org>
> >>> ---
> >>>
> >>> Problem was located with an experimental coccinelle script
> >>>
> >>> V2: returning NULL is ok but not without cleanup - thanks to
> >>>     Petr Mladek <pmladek@suse.com> for catching this.
> >>>
> >>> Patch was compile tested with: x86_64_defconfig + FTRACE=y
> >>> FUNCTION_TRACER=y, EXPERT=y, LATENCYTOP=y, SAMPLES=y, SAMPLE_LIVEPATCH=y
> >>> (with a number of unrelated sparse warnings on symbols not being static)
> >>>
> >>> Patch is against 4.20-rc6 (localversion-next is next-20181213)
> >>>
> >>>  samples/livepatch/livepatch-shadow-mod.c | 4 ++++
> >>>  1 file changed, 4 insertions(+)
> >>>
> >>> diff --git a/samples/livepatch/livepatch-shadow-mod.c b/samples/livepatch/livepatch-shadow-mod.c
> >>> index 4c54b25..4aa8a88 100644
> >>> --- a/samples/livepatch/livepatch-shadow-mod.c
> >>> +++ b/samples/livepatch/livepatch-shadow-mod.c
> >>> @@ -118,6 +118,10 @@ noinline struct dummy *dummy_alloc(void)
> >>>  
> >>>  	/* Oops, forgot to save leak! */
> >>>  	leak = kzalloc(sizeof(int), GFP_KERNEL);
> >>> +	if (!leak) {
> >>> +		kfree(d);
> >>> +		return NULL;
> >>> +	}
> >>>  
> >>>  	pr_info("%s: dummy @ %p, expires @ %lx\n",
> >>>  		__func__, d, d->jiffies_expire);
> >>>
> >>
> >> Hi Nicholas,
> >>
> >> Thanks for finding and fixing these up... can we either squash these two
> >> patches into a single commit or give them unique subject lines?  Code
> >> looks good (including Petr's suggested fix) otherwise.
> >>
> > yup - makes sense to pop it into a single patch - I assumed that this
> > would not be acceptable - so I actually split it up :)
> > I?ll send a V3 then.
> 
> I don't know if there is a hard rule, but I always thought that unique
> subject lines were desired to avoid grep/search confusion.
>
the duplicated subjectline was my mistake 
 
> As far as one or two commits, I'd prefer a single commit since these are
> so small.  Personal preference, you could just say that you're fixing
> samples/livepatch as a whole.
> 
> > 
> > BTW: wanted to fix up the sparse warnings but I think thats not going
> > to be that simple as the functions/structs sparse complains about
> > are actually being shared:
> 
> Ok, these are welcome too, separate commit...
> 
> >   CHECK   samples/livepatch/livepatch-shadow-fix1.c
> > samples/livepatch/livepatch-shadow-fix1.c:74:14: warning: symbol 'livepatch_fix1_dummy
> > alloc' was not declared. Should it be static?
> > samples/livepatch/livepatch-shadow-fix1.c:116:6: warning: symbol 'livepatch_fix1_dummy
> > free' was not declared. Should it be static?
> > 
> >   CHECK   samples/livepatch/livepatch-shadow-mod.c
> > samples/livepatch/livepatch-shadow-mod.c:99:1: warning: symbol 'dummy_list' was not declared. Should it be static?
> > samples/livepatch/livepatch-shadow-mod.c:100:1: warning: symbol 'dummy_list_mutex' was not declared. Should it be static?
> > samples/livepatch/livepatch-shadow-mod.c:107:23: warning: symbol 'dummy_alloc' was not declared. Should it be static?
> > samples/livepatch/livepatch-shadow-mod.c:132:15: warning: symbol 'dummy_free' was not declared. Should it be static?
> > samples/livepatch/livepatch-shadow-mod.c:140:15: warning: symbol 'dummy_check' was not declared. Should it be static?
> > 
> > so to clean that appropriate declarations should probably
> > go into a .h file. Technically its maybe not important as this
> > is not production code - it would though be nice if sample
> > code is sparse/smatch/cocci clean.
> > 
> > would it be acceptable to clean this up with an additional
> > livepatch-shadow-mod.h ?
> 
> I'm not a C language expert, but as I understand it: static functions
> are only a namespacing game for the compiler.  So I think it is safe to
> pass around and call function pointers to static functions between
> compilation units.  At least I see this throughout the kernel, so that
> is my assumption :)
>
I?m not into the details of livepatch but if I declare e.g. dummy_check
static as proposed by sparse and then check the relocs I no longer see
it: 

Without the changes sparse proposes dummy_check is visible
hofrat@debian:~/linux-next/samples/livepatch# readelf --relocs livepatch-shadow-mod.ko  | grep dummy_check
000000000193  002f00000002 R_X86_64_PC32     0000000000000110 dummy_check - 4

When I then try to load livepatch-shadow-fix1.ko which does not have
dummy_check in its klp_func array its ok but livepatch-shadow-fix2.ko
wich has an entry will fail to load. So while this may work with other modules
I think in the live-patch case its not that simple due to the inner workings
of resolving symbols via klp_object and klp_func array.

So I?ll leave that sparse cleanup to someone who understand the inner
workinsgs of livepatch - before I make a mess of it....

thx!
hofrat