Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp2638355rwb; Sat, 8 Oct 2022 11:19:15 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6IKunejxemSuRRn7VkhTW3/9/Z+X6UMS6R15Ah9foJ6NyN1vC3q1zsqxWINRZYQWeTWx1J X-Received: by 2002:a65:5b0d:0:b0:434:a7d2:9771 with SMTP id y13-20020a655b0d000000b00434a7d29771mr9776816pgq.356.1665253155289; Sat, 08 Oct 2022 11:19:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665253155; cv=none; d=google.com; s=arc-20160816; b=Sbu75o8fXTNYsgE85z9hhwfhjDY2Tp2uOOVGRzS17z+lmua7Xa6teD/OToTbv2aIVI C92CgLBseIwQBuBNH4xwlzfrxUx/QicfsyNhREmauDSvQSR4pgUC6ECSvT1TT57j0g2S jtbSyidgBCVbq0JS4pHc8+CcQmNOvhqQYoxY2jnh2PR3Z6cXCzLLmXaK0o3NVPRrVAfU DMCsRoaARXaDZNRMeWyfnCAjoSOEN78k+Uo39+BMm1M2DKM9aOme305cRiI/8NBAX14w yRdQLIPSjW1uCygn1d+SrfQn0Y3wJ+7VaQlokn9wCy5znWm4OnUWPaEe4td+bj/mnmPZ hcbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=mYoYpCWpfYEMUoMrJw5rH8AVlmRmZhyXK9IrW26Y3dE=; b=vyd3qmuutdExfQkRDMLFSwO4LmbC6CYKDxVcXofnqGaqf4wC7CKp3JX7UGKuJGvUWp jBRLqwpz/ALr+A1MUfTRtUukyF3azgA2QeZlWSWo6sCuQ9wky3c/EI4Iiz/Sibrc4VH9 YZ74h3lJLMS6Tpbl98hO1EEbNaU8ylMEQ47K+1dxVKOywBAonLsEvf7yqMGt06fl7sAg qNMGQ0G0gnWSRdt/u0tp9sXvnUoQiSq0ya7HlP45kvjlfNgXEznEKVlIj9hFFC+N65F9 LS9QfqVW8+G5j6IFUVyezjNk9wUCVuBGC1c1SMdiGf26ITxfhH5EExMKrbP4AE//3N7j r7XA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZuN2GEUc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b14-20020a65668e000000b0046107c067c7si1076456pgw.822.2022.10.08.11.18.59; Sat, 08 Oct 2022 11:19:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZuN2GEUc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230411AbiJHRxI (ORCPT + 99 others); Sat, 8 Oct 2022 13:53:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230309AbiJHRxE (ORCPT ); Sat, 8 Oct 2022 13:53:04 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4342142ADD; Sat, 8 Oct 2022 10:53:03 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id C703E60A56; Sat, 8 Oct 2022 17:53:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 34691C43470; Sat, 8 Oct 2022 17:53:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1665251582; bh=mYoYpCWpfYEMUoMrJw5rH8AVlmRmZhyXK9IrW26Y3dE=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=ZuN2GEUcv9z1nCTJu4sZA7GDSl9tntmKfc43yrwpV56KUS2ZHhuwjPMeyk1jsFmIP kWNOhdG4RUnuPnbX3wJ0EbzYz+3GJWSHEvrsCvua3Y5WOgBZZN1N4sE6of3orHPxws 6NuWsTcNiYHVLfVEFg28ZAsJ51+HIozx50XFaj7aOVqyCHOT8yYR4cdEDTr6Hy7TEN H7ti9Gwb55bb0eqw9mmTKvq5aQGxUymUddm8HmcTi66D3HOoAUWQdhDay4Gv2aUBFL d1mTouNgQbajacF836xjuVxdZ7x9Fi50MZhfdtBhgK1SWDFRbgB7rSJcEfRVn7athV dvCoEQ8dmKw/A== Received: by mail-lf1-f51.google.com with SMTP id g1so11305151lfu.12; Sat, 08 Oct 2022 10:53:02 -0700 (PDT) X-Gm-Message-State: ACrzQf1T2FhpKxUhUigN8higpVtYOqIiU/71kqm2huWGJy7igg5GV5cS soCRbGUcepU4TxC2okNI+r5PbAQCg9wGo4tRGos= X-Received: by 2002:a05:6512:314a:b0:4a2:d0b9:aa20 with SMTP id s10-20020a056512314a00b004a2d0b9aa20mr878824lfi.110.1665251579833; Sat, 08 Oct 2022 10:52:59 -0700 (PDT) MIME-Version: 1.0 References: <20221006224212.569555-1-gpiccoli@igalia.com> <20221006224212.569555-6-gpiccoli@igalia.com> <202210061634.758D083D5@keescook> <202210071234.D289C8C@keescook> <11e03e8d-7711-330d-e0d4-808ef9acec3a@igalia.com> In-Reply-To: From: Ard Biesheuvel Date: Sat, 8 Oct 2022 19:52:48 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 5/8] pstore: Fix long-term implicit conversions in the compression routines To: "Guilherme G. Piccoli" Cc: Kees Cook , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, kernel-dev@igalia.com, kernel@gpiccoli.net, anton@enomsg.org, ccross@android.com, tony.luck@intel.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 8 Oct 2022 at 18:04, Guilherme G. Piccoli wrote: > > On 08/10/2022 12:53, Ard Biesheuvel wrote: > > [...] > > So one thing I don't understand about these changes is why we need > > them in the first place. > > > > The zbufsize routines are all worst case routines, which means each > > one of those will return a value that exceeds the size parameter. > > > > We only use compression for dmesg, which compresses quite well. If it > > doesn't compress well, there is probably something wrong with the > > input data, so preserving it may not be as critical. And if > > compressing the data makes it bigger, can't we just omit the > > compression for that particular record? > > > > In summary, while adding zbufsize to the crypto API seems a reasonable > > thing to do, I don't see why we'd want to make use of it in pstore - > > can't we just use the decompressed size as the worst case compressed > > size for all algorithms, and skip the compression if it doesn't fit? > > > > Or am I missing something here? > > In a way (and if I understand you correctly - please let me know if not) > you are making lot of sense: why not just use the maximum size (which is > the full decompressed size + header) as the worst case in pstore and > skip these highly specialized routines that calculate the worst case for > each algorithm, right? > Yes > This is exactly what 842 (sw compress) is doing now. If that's > interesting and Kees agrees, and if nobody else plans on doing that, I > could work on it. > > Extra question (maybe silly on my side?): is it possible that > _compressed_ data is bigger than the original one? Isn't there any > "protection" on the compress APIs for that? In that case, it'd purely > waste of time / CPU cycles heheh > No, this is the whole point of those helper routines, as far as I can tell. Basically, if you put data that cannot be compressed losslessly (e.g., a H264 video) through a lossless compression routine, the resulting data will be bigger due to the overhead of the compression metadata. However, we are compressing ASCII text here, so using the uncompressed size as an upper bound for the compressed size is reasonable for any compression algorithm. And if dmesg output is not compressible, there must be something seriously wrong with it. So we could either just drop such input, or simply not bother compressing it if doing so would only take up more space. Given the low likelihood that we will ever hit this case, I'd say we just ignore those. Again, please correct me if I am missing something here (Kees?). Are there cases where we compress data that may be compressed already?