Write_schemata() uses fprintf() to write a bitmask into a schemata file inside resctrl FS. It checks fprintf() return value but it doesn't check fclose() return value. Error codes from fprintf() such as write errors, are buffered and flushed back to the user only after fclose() is executed which means any invalid bitmask can be written into the schemata file.
Rewrite write_schemata() to use syscalls instead of stdio file operations to avoid the buffering.
The resctrlfs.c file defines functions that interact with the resctrl FS while resctrl_val.c file defines functions that perform measurements on the cache. Run_benchmark() fits logically into the second file before resctrl_val() function that uses it.
Move run_benchmark() from resctrlfs.c to resctrl_val.c and remove redundant part of the kernel-doc comment. Make run_benchmark() static and remove it from the header file.
Patch series is based on [1] which is based on [2] which are based on ksefltest next branch.
Changelog v4: - Change git signature from Wieczor-Retman Maciej to Maciej Wieczor-Retman. - Rebase onto [1] which is based on [2]. (Reinette) - Add fcntl.h explicitly to provide glibc backward compatibility. (Reinette)
Changelog v3: - Use snprintf() return value instead of strlen() in write_schemata(). (Ilpo) - Make run_benchmark() static and remove it from the header file. (Reinette) - Added Ilpo's reviewed-by tag to Patch 2/2. - Patch messages and cover letter rewording.
Changelog v2: - Change sprintf() to snprintf() in write_schemata(). - Redo write_schemata() with syscalls instead of stdio functions. - Fix typos and missing dots in patch messages. - Branch printf attribute patch to a separate series.
[v1] https://lore.kernel.org/all/cover.1692880423.git.maciej.wieczor-retman@intel... [v2] https://lore.kernel.org/all/cover.1693213468.git.maciej.wieczor-retman@intel... [v3] https://lore.kernel.org/all/cover.1693575451.git.maciej.wieczor-retman@intel...
[1] https://lore.kernel.org/all/20230915154438.82931-1-ilpo.jarvinen@linux.intel... [2] https://lore.kernel.org/all/20230904095339.11321-1-ilpo.jarvinen@linux.intel...
Maciej Wieczor-Retman (2): selftests/resctrl: Fix schemata write error check selftests/resctrl: Move run_benchmark() to a more fitting file
tools/testing/selftests/resctrl/resctrl.h | 1 - tools/testing/selftests/resctrl/resctrl_val.c | 50 +++++++++++ tools/testing/selftests/resctrl/resctrlfs.c | 82 ++++--------------- 3 files changed, 67 insertions(+), 66 deletions(-)
base-commit: 3b3e8a34b1d50c2c5c6b030dab7682b123162cb4
Writing bitmasks to the schemata can fail when the bitmask doesn't adhere to constraints defined by what a particular CPU supports. Some example of constraints are max length or having contiguous bits. The driver should properly return errors when any rule concerning bitmask format is broken.
Resctrl FS returns error codes from fprintf() only when fclose() is called. Current error checking scheme allows invalid bitmasks to be written into schemata file and the selftest doesn't notice because the fclose() error code isn't checked.
Substitute fopen(), flose() and fprintf() with open(), close() and write() to avoid error code buffering between fprintf() and fclose().
Remove newline character from the schema string after writing it to the schemata file so it prints correctly before function return.
Pass the string generated with strerror() to the "reason" buffer so the error message is more verbose. Extend "reason" buffer so it can hold longer messages.
Signed-off-by: Maciej Wieczor-Retman maciej.wieczor-retman@intel.com --- Changelog v4: - Unify error checking between open() and write(). (Reinette) - Add fcntl.h for glibc backward compatiblitiy. (Reinette)
Changelog v3: - Rename fp to fd. (Ilpo) - Remove strlen, strcspn and just use the snprintf value instead. (Ilpo)
Changelog v2: - Rewrite patch message. - Double "reason" buffer size to fit longer error explanation. - Redo file interactions with syscalls instead of stdio functions.
tools/testing/selftests/resctrl/resctrlfs.c | 30 ++++++++++++--------- 1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@ * Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com, * Fenghua Yu fenghua.yu@intel.com */ +#include <fcntl.h> #include <limits.h>
#include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) { - char controlgroup[1024], schema[1024], reason[64]; - int resource_id, ret = 0; - FILE *fp; + char controlgroup[1024], schema[1024], reason[128]; + int resource_id, fd, schema_len = -1, ret = 0;
if (strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) && strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)) && @@ -520,27 +520,31 @@ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val)
if (!strncmp(resctrl_val, CAT_STR, sizeof(CAT_STR)) || !strncmp(resctrl_val, CMT_STR, sizeof(CMT_STR))) - sprintf(schema, "%s%d%c%s", "L3:", resource_id, '=', schemata); + schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n", + "L3:", resource_id, '=', schemata); if (!strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) || !strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR))) - sprintf(schema, "%s%d%c%s", "MB:", resource_id, '=', schemata); + schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n", + "MB:", resource_id, '=', schemata);
- fp = fopen(controlgroup, "w"); - if (!fp) { - sprintf(reason, "Failed to open control group"); + fd = open(controlgroup, O_WRONLY); + if (!fd) { + snprintf(reason, sizeof(reason), + "open() failed : %s", strerror(errno)); ret = -1;
goto out; } - - if (fprintf(fp, "%s\n", schema) < 0) { - sprintf(reason, "Failed to write schemata in control group"); - fclose(fp); + if (write(fd, schema, schema_len) < 0) { + snprintf(reason, sizeof(reason), + "write() failed : %s", strerror(errno)); + close(fd); ret = -1;
goto out; } - fclose(fp); + close(fd); + schema[schema_len - 1] = 0;
out: ksft_print_msg("Write schema "%s" to resctrl FS%s%s\n",
On Fri, 22 Sep 2023, Maciej Wieczor-Retman wrote:
Writing bitmasks to the schemata can fail when the bitmask doesn't adhere to constraints defined by what a particular CPU supports. Some example of constraints are max length or having contiguous bits. The driver should properly return errors when any rule concerning bitmask format is broken.
Resctrl FS returns error codes from fprintf() only when fclose() is called. Current error checking scheme allows invalid bitmasks to be written into schemata file and the selftest doesn't notice because the fclose() error code isn't checked.
Substitute fopen(), flose() and fprintf() with open(), close() and write() to avoid error code buffering between fprintf() and fclose().
Remove newline character from the schema string after writing it to the schemata file so it prints correctly before function return.
Pass the string generated with strerror() to the "reason" buffer so the error message is more verbose. Extend "reason" buffer so it can hold longer messages.
Signed-off-by: Maciej Wieczor-Retman maciej.wieczor-retman@intel.com
Changelog v4:
- Unify error checking between open() and write(). (Reinette)
- Add fcntl.h for glibc backward compatiblitiy. (Reinette)
Changelog v3:
- Rename fp to fd. (Ilpo)
- Remove strlen, strcspn and just use the snprintf value instead. (Ilpo)
Changelog v2:
- Rewrite patch message.
- Double "reason" buffer size to fit longer error explanation.
- Redo file interactions with syscalls instead of stdio functions.
tools/testing/selftests/resctrl/resctrlfs.c | 30 ++++++++++++--------- 1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@
- Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com,
- Fenghua Yu fenghua.yu@intel.com
*/ +#include <fcntl.h> #include <limits.h> #include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) {
- char controlgroup[1024], schema[1024], reason[64];
- int resource_id, ret = 0;
- FILE *fp;
char controlgroup[1024], schema[1024], reason[128];
int resource_id, fd, schema_len = -1, ret = 0;
if (strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) && strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)) &&
@@ -520,27 +520,31 @@ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) if (!strncmp(resctrl_val, CAT_STR, sizeof(CAT_STR)) || !strncmp(resctrl_val, CMT_STR, sizeof(CMT_STR)))
sprintf(schema, "%s%d%c%s", "L3:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
if (!strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) || !strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)))"L3:", resource_id, '=', schemata);
sprintf(schema, "%s%d%c%s", "MB:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
"MB:", resource_id, '=', schemata);
- fp = fopen(controlgroup, "w");
- if (!fp) {
sprintf(reason, "Failed to open control group");
- fd = open(controlgroup, O_WRONLY);
- if (!fd) {
snprintf(reason, sizeof(reason),
ret = -1;"open() failed : %s", strerror(errno));
goto out; }
- if (fprintf(fp, "%s\n", schema) < 0) {
sprintf(reason, "Failed to write schemata in control group");
fclose(fp);
- if (write(fd, schema, schema_len) < 0) {
snprintf(reason, sizeof(reason),
"write() failed : %s", strerror(errno));
ret = -1;close(fd);
goto out; }
- fclose(fp);
- close(fd);
- schema[schema_len - 1] = 0;
out: ksft_print_msg("Write schema "%s" to resctrl FS%s%s\n",
Thanks for fixing this.
Reviewed-by: Ilpo Järvinen ilpo.jarvinen@linux.intel.com
Hi Maciej,
On 9/22/2023 1:10 AM, Maciej Wieczor-Retman wrote:
Writing bitmasks to the schemata can fail when the bitmask doesn't adhere to constraints defined by what a particular CPU supports. Some example of constraints are max length or having contiguous bits. The driver should properly return errors when any rule concerning bitmask format is broken.
Resctrl FS returns error codes from fprintf() only when fclose() is called. Current error checking scheme allows invalid bitmasks to be written into schemata file and the selftest doesn't notice because the fclose() error code isn't checked.
Substitute fopen(), flose() and fprintf() with open(), close() and write() to avoid error code buffering between fprintf() and fclose().
Remove newline character from the schema string after writing it to the schemata file so it prints correctly before function return.
Pass the string generated with strerror() to the "reason" buffer so the error message is more verbose. Extend "reason" buffer so it can hold longer messages.
Signed-off-by: Maciej Wieczor-Retman maciej.wieczor-retman@intel.com
Changelog v4:
- Unify error checking between open() and write(). (Reinette)
- Add fcntl.h for glibc backward compatiblitiy. (Reinette)
Changelog v3:
- Rename fp to fd. (Ilpo)
- Remove strlen, strcspn and just use the snprintf value instead. (Ilpo)
Changelog v2:
- Rewrite patch message.
- Double "reason" buffer size to fit longer error explanation.
- Redo file interactions with syscalls instead of stdio functions.
tools/testing/selftests/resctrl/resctrlfs.c | 30 ++++++++++++--------- 1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@
- Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com,
- Fenghua Yu fenghua.yu@intel.com
*/ +#include <fcntl.h> #include <limits.h> #include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) {
- char controlgroup[1024], schema[1024], reason[64];
- int resource_id, ret = 0;
- FILE *fp;
- char controlgroup[1024], schema[1024], reason[128];
- int resource_id, fd, schema_len = -1, ret = 0;
I am trying to understand the schema_len initialization. Could you please elaborate why you chose -1? I'm a bit concerned with the robustness here with it being used as an unsigned integer in write() and also the negative array index later.
if (strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) && strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)) && @@ -520,27 +520,31 @@ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) if (!strncmp(resctrl_val, CAT_STR, sizeof(CAT_STR)) || !strncmp(resctrl_val, CMT_STR, sizeof(CMT_STR)))
sprintf(schema, "%s%d%c%s", "L3:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
if (!strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) || !strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)))"L3:", resource_id, '=', schemata);
sprintf(schema, "%s%d%c%s", "MB:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
"MB:", resource_id, '=', schemata);
- fp = fopen(controlgroup, "w");
- if (!fp) {
sprintf(reason, "Failed to open control group");
- fd = open(controlgroup, O_WRONLY);
- if (!fd) {
Be careful ... the error checking appropriate to the original pointer needs a double check with this new usage. According to "man 2 open" - open() returns -1 on error so I expect that this should rather be: if (fd < 0) { or if (fd == -1) {
The rest looks good to me.
Reinette
Hi, thanks for the review!
On 2023-09-27 at 15:15:06 -0700, Reinette Chatre wrote:
Hi Maciej,
On 9/22/2023 1:10 AM, Maciej Wieczor-Retman wrote:
Writing bitmasks to the schemata can fail when the bitmask doesn't adhere to constraints defined by what a particular CPU supports. Some example of constraints are max length or having contiguous bits. The driver should properly return errors when any rule concerning bitmask format is broken.
Resctrl FS returns error codes from fprintf() only when fclose() is called. Current error checking scheme allows invalid bitmasks to be written into schemata file and the selftest doesn't notice because the fclose() error code isn't checked.
Substitute fopen(), flose() and fprintf() with open(), close() and write() to avoid error code buffering between fprintf() and fclose().
Remove newline character from the schema string after writing it to the schemata file so it prints correctly before function return.
Pass the string generated with strerror() to the "reason" buffer so the error message is more verbose. Extend "reason" buffer so it can hold longer messages.
Signed-off-by: Maciej Wieczor-Retman maciej.wieczor-retman@intel.com
Changelog v4:
- Unify error checking between open() and write(). (Reinette)
- Add fcntl.h for glibc backward compatiblitiy. (Reinette)
Changelog v3:
- Rename fp to fd. (Ilpo)
- Remove strlen, strcspn and just use the snprintf value instead. (Ilpo)
Changelog v2:
- Rewrite patch message.
- Double "reason" buffer size to fit longer error explanation.
- Redo file interactions with syscalls instead of stdio functions.
tools/testing/selftests/resctrl/resctrlfs.c | 30 ++++++++++++--------- 1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@
- Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com,
- Fenghua Yu fenghua.yu@intel.com
*/ +#include <fcntl.h> #include <limits.h> #include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) {
- char controlgroup[1024], schema[1024], reason[64];
- int resource_id, ret = 0;
- FILE *fp;
- char controlgroup[1024], schema[1024], reason[128];
- int resource_id, fd, schema_len = -1, ret = 0;
I am trying to understand the schema_len initialization. Could you please elaborate why you chose -1? I'm a bit concerned with the robustness here with it being used as an unsigned integer in write() and also the negative array index later.
My idea was that if the initial value for schema_len was 0, then if resctrl_val wouldn't equal any of MBA_STR, MBM_STR, CAT_STR, CMT_STR values schema_len would stay zero and write nothing.
I think it would be difficult to debug such an error because even later in ksft_print_msg the requested schema would get printed as if there was no error. In the case I mentioned above the function will just error out which I assume could be helpful.
Other solutions that can accomplish the same goal would be checking write() not only for negative values but also for zero (since in here this is pretty much an error). Or checking schema_len for only positive values after the block of code where it gets assigned a value from sprintf.
Are any of the above safer or more logical in your opinion?
if (strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) && strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)) && @@ -520,27 +520,31 @@ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) if (!strncmp(resctrl_val, CAT_STR, sizeof(CAT_STR)) || !strncmp(resctrl_val, CMT_STR, sizeof(CMT_STR)))
sprintf(schema, "%s%d%c%s", "L3:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
if (!strncmp(resctrl_val, MBA_STR, sizeof(MBA_STR)) || !strncmp(resctrl_val, MBM_STR, sizeof(MBM_STR)))"L3:", resource_id, '=', schemata);
sprintf(schema, "%s%d%c%s", "MB:", resource_id, '=', schemata);
schema_len = snprintf(schema, sizeof(schema), "%s%d%c%s\n",
"MB:", resource_id, '=', schemata);
- fp = fopen(controlgroup, "w");
- if (!fp) {
sprintf(reason, "Failed to open control group");
- fd = open(controlgroup, O_WRONLY);
- if (!fd) {
Be careful ... the error checking appropriate to the original pointer needs a double check with this new usage. According to "man 2 open" - open() returns -1 on error so I expect that this should rather be: if (fd < 0) { or if (fd == -1) {
The rest looks good to me.
Thanks for catching this, that is very helpful.
Hi Maciej,
On 9/27/2023 11:46 PM, Maciej Wieczór-Retman wrote:
On 2023-09-27 at 15:15:06 -0700, Reinette Chatre wrote:
On 9/22/2023 1:10 AM, Maciej Wieczor-Retman wrote:
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@
- Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com,
- Fenghua Yu fenghua.yu@intel.com
*/ +#include <fcntl.h> #include <limits.h> #include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) {
- char controlgroup[1024], schema[1024], reason[64];
- int resource_id, ret = 0;
- FILE *fp;
- char controlgroup[1024], schema[1024], reason[128];
- int resource_id, fd, schema_len = -1, ret = 0;
I am trying to understand the schema_len initialization. Could you please elaborate why you chose -1? I'm a bit concerned with the robustness here with it being used as an unsigned integer in write() and also the negative array index later.
My idea was that if the initial value for schema_len was 0, then if resctrl_val wouldn't equal any of MBA_STR, MBM_STR, CAT_STR, CMT_STR
Ensuring that resctrl_val is equal to one of these seems to be the first thing write_schemata() does.
values schema_len would stay zero and write nothing.
Your alternative writes "-1". write() is declared as: ssize_t write(int fd, const void *buf, size_t count);
note that "count" is size_t, which is an unsigned value. Providing it -1 is thus a very large number and likely to cause overflow. In fact if I even try to compile a program where the compiler can figure out count will be -1 it fails the compile (stringop-overflow).
I think it would be difficult to debug such an error because even later in ksft_print_msg the requested schema would get printed as if there was no error. In the case I mentioned above the function will just error out which I assume could be helpful.
You seem to rely on write() to cleanly catch giving it bad data.
Other solutions that can accomplish the same goal would be checking write() not only for negative values but also for zero (since in here this is pretty much an error). Or checking schema_len for only positive values after the block of code where it gets assigned a value from sprintf.
Are any of the above safer or more logical in your opinion?
There is no error checking on schema_len. After it has been initialized it can be checked for errors and write_schemata() can be exited immediately if an error was encountered without attempting the write().
Reinette
On 2023-09-28 at 14:25:23 -0700, Reinette Chatre wrote:
Hi Maciej,
On 9/27/2023 11:46 PM, Maciej Wieczór-Retman wrote:
On 2023-09-27 at 15:15:06 -0700, Reinette Chatre wrote:
On 9/22/2023 1:10 AM, Maciej Wieczor-Retman wrote:
diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index 3a8111362d26..edc8fc6e44b0 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -8,6 +8,7 @@
- Sai Praneeth Prakhya sai.praneeth.prakhya@intel.com,
- Fenghua Yu fenghua.yu@intel.com
*/ +#include <fcntl.h> #include <limits.h> #include "resctrl.h" @@ -490,9 +491,8 @@ int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, */ int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val) {
- char controlgroup[1024], schema[1024], reason[64];
- int resource_id, ret = 0;
- FILE *fp;
- char controlgroup[1024], schema[1024], reason[128];
- int resource_id, fd, schema_len = -1, ret = 0;
I am trying to understand the schema_len initialization. Could you please elaborate why you chose -1? I'm a bit concerned with the robustness here with it being used as an unsigned integer in write() and also the negative array index later.
My idea was that if the initial value for schema_len was 0, then if resctrl_val wouldn't equal any of MBA_STR, MBM_STR, CAT_STR, CMT_STR
Ensuring that resctrl_val is equal to one of these seems to be the first thing write_schemata() does.
Right, sorry, then I guess initializing it to zero isn't a problem.
values schema_len would stay zero and write nothing.
Your alternative writes "-1". write() is declared as: ssize_t write(int fd, const void *buf, size_t count);
note that "count" is size_t, which is an unsigned value. Providing it -1 is thus a very large number and likely to cause overflow. In fact if I even try to compile a program where the compiler can figure out count will be -1 it fails the compile (stringop-overflow).
I tried compiling and running by passing a value with scanf to write() (so the compiler doesn't know it's a negative one) just to check if it behaves and write() was returning a negative one. But yes, the fact it's unsigned means it's not a reliable way to catch this error.
I think it would be difficult to debug such an error because even later in ksft_print_msg the requested schema would get printed as if there was no error. In the case I mentioned above the function will just error out which I assume could be helpful.
You seem to rely on write() to cleanly catch giving it bad data.
Other solutions that can accomplish the same goal would be checking write() not only for negative values but also for zero (since in here this is pretty much an error). Or checking schema_len for only positive values after the block of code where it gets assigned a value from sprintf.
Are any of the above safer or more logical in your opinion?
There is no error checking on schema_len. After it has been initialized it can be checked for errors and write_schemata() can be exited immediately if an error was encountered without attempting the write().
Okay, thanks a lot for pointing all this out. I'll do just a less than one check and move the initial value to zero.
resctrlfs.c contains mostly functions that interact in some way with resctrl FS entries while functions inside resctrl_val.c deal with measurements and benchmarking.
run_benchmark() is located in resctrlfs.c even though it's purpose is not interacting with the resctrl FS but to execute cache checking logic.
Move run_benchmark() to resctrl_val.c just before resctrl_val() that makes use of run_benchmark(). Make run_benchmark() static since it's not used between multiple files anymore.
Remove return comment from kernel-doc since the function is type void.
Reviewed-by: Ilpo Järvinen ilpo.jarvinen@linux.intel.com Reviewed-by: Reinette Chatre reinette.chatre@intel.com Signed-off-by: Maciej Wieczor-Retman maciej.wieczor-retman@intel.com --- Changelog v4: - Reword patch message very slightly. (Reinette)
Changelog v3: - Make run_benchmark() static and remove it from the header. (Reinette) - Remove return void kernel-doc comment. (Ilpo) - Added Ilpo's reviewed-by tag.
tools/testing/selftests/resctrl/resctrl.h | 1 - tools/testing/selftests/resctrl/resctrl_val.c | 50 ++++++++++++++++++ tools/testing/selftests/resctrl/resctrlfs.c | 52 ------------------- 3 files changed, 50 insertions(+), 53 deletions(-)
diff --git a/tools/testing/selftests/resctrl/resctrl.h b/tools/testing/selftests/resctrl/resctrl.h index 8578a8b4e145..a33f414f6019 100644 --- a/tools/testing/selftests/resctrl/resctrl.h +++ b/tools/testing/selftests/resctrl/resctrl.h @@ -86,7 +86,6 @@ int validate_bw_report_request(char *bw_report); bool validate_resctrl_feature_request(const char *resource, const char *feature); char *fgrep(FILE *inf, const char *str); int taskset_benchmark(pid_t bm_pid, int cpu_no); -void run_benchmark(int signum, siginfo_t *info, void *ucontext); int write_schemata(char *ctrlgrp, char *schemata, int cpu_no, char *resctrl_val); int write_bm_pid_to_resctrl(pid_t bm_pid, char *ctrlgrp, char *mongrp, diff --git a/tools/testing/selftests/resctrl/resctrl_val.c b/tools/testing/selftests/resctrl/resctrl_val.c index a9fe61133119..0577e983067a 100644 --- a/tools/testing/selftests/resctrl/resctrl_val.c +++ b/tools/testing/selftests/resctrl/resctrl_val.c @@ -625,6 +625,56 @@ measure_vals(struct resctrl_val_param *param, unsigned long *bw_resc_start) return 0; }
+/* + * run_benchmark - Run a specified benchmark or fill_buf (default benchmark) + * in specified signal. Direct benchmark stdio to /dev/null. + * @signum: signal number + * @info: signal info + * @ucontext: user context in signal handling + */ +static void run_benchmark(int signum, siginfo_t *info, void *ucontext) +{ + int operation, ret, memflush; + char **benchmark_cmd; + size_t span; + bool once; + FILE *fp; + + benchmark_cmd = info->si_ptr; + + /* + * Direct stdio of child to /dev/null, so that only parent writes to + * stdio (console) + */ + fp = freopen("/dev/null", "w", stdout); + if (!fp) + PARENT_EXIT("Unable to direct benchmark status to /dev/null"); + + if (strcmp(benchmark_cmd[0], "fill_buf") == 0) { + /* Execute default fill_buf benchmark */ + span = strtoul(benchmark_cmd[1], NULL, 10); + memflush = atoi(benchmark_cmd[2]); + operation = atoi(benchmark_cmd[3]); + if (!strcmp(benchmark_cmd[4], "true")) + once = true; + else if (!strcmp(benchmark_cmd[4], "false")) + once = false; + else + PARENT_EXIT("Invalid once parameter"); + + if (run_fill_buf(span, memflush, operation, once)) + fprintf(stderr, "Error in running fill buffer\n"); + } else { + /* Execute specified benchmark */ + ret = execvp(benchmark_cmd[0], benchmark_cmd); + if (ret) + perror("wrong\n"); + } + + fclose(stdout); + PARENT_EXIT("Unable to run specified benchmark"); +} + /* * resctrl_val: execute benchmark and measure memory bandwidth on * the benchmark diff --git a/tools/testing/selftests/resctrl/resctrlfs.c b/tools/testing/selftests/resctrl/resctrlfs.c index edc8fc6e44b0..2a9dd0258528 100644 --- a/tools/testing/selftests/resctrl/resctrlfs.c +++ b/tools/testing/selftests/resctrl/resctrlfs.c @@ -294,58 +294,6 @@ int taskset_benchmark(pid_t bm_pid, int cpu_no) return 0; }
-/* - * run_benchmark - Run a specified benchmark or fill_buf (default benchmark) - * in specified signal. Direct benchmark stdio to /dev/null. - * @signum: signal number - * @info: signal info - * @ucontext: user context in signal handling - * - * Return: void - */ -void run_benchmark(int signum, siginfo_t *info, void *ucontext) -{ - int operation, ret, memflush; - char **benchmark_cmd; - size_t span; - bool once; - FILE *fp; - - benchmark_cmd = info->si_ptr; - - /* - * Direct stdio of child to /dev/null, so that only parent writes to - * stdio (console) - */ - fp = freopen("/dev/null", "w", stdout); - if (!fp) - PARENT_EXIT("Unable to direct benchmark status to /dev/null"); - - if (strcmp(benchmark_cmd[0], "fill_buf") == 0) { - /* Execute default fill_buf benchmark */ - span = strtoul(benchmark_cmd[1], NULL, 10); - memflush = atoi(benchmark_cmd[2]); - operation = atoi(benchmark_cmd[3]); - if (!strcmp(benchmark_cmd[4], "true")) - once = true; - else if (!strcmp(benchmark_cmd[4], "false")) - once = false; - else - PARENT_EXIT("Invalid once parameter"); - - if (run_fill_buf(span, memflush, operation, once)) - fprintf(stderr, "Error in running fill buffer\n"); - } else { - /* Execute specified benchmark */ - ret = execvp(benchmark_cmd[0], benchmark_cmd); - if (ret) - perror("wrong\n"); - } - - fclose(stdout); - PARENT_EXIT("Unable to run specified benchmark"); -} - /* * create_grp - Create a group only if one doesn't exist * @grp_name: Name of the group
Hi Maciej,
On 9/22/2023 1:09 AM, Maciej Wieczor-Retman wrote:
The resctrlfs.c file defines functions that interact with the resctrl FS while resctrl_val.c file defines functions that perform measurements on the cache. Run_benchmark() fits logically into the second file before resctrl_val() function that uses it.
nitpick ... if there are comments in one patch of the series please consider if it applies to other places in the series.
Move run_benchmark() from resctrlfs.c to resctrl_val.c and remove redundant part of the kernel-doc comment. Make run_benchmark() static and remove it from the header file.
Patch series is based on [1] which is based on [2] which are based on ksefltest next branch.
ksefltest -> kselftest
Reinette
Thanks for catching these, I'll remember to do that the next time.
On 2023-09-27 at 15:16:18 -0700, Reinette Chatre wrote:
Hi Maciej,
On 9/22/2023 1:09 AM, Maciej Wieczor-Retman wrote:
The resctrlfs.c file defines functions that interact with the resctrl FS while resctrl_val.c file defines functions that perform measurements on the cache. Run_benchmark() fits logically into the second file before resctrl_val() function that uses it.
nitpick ... if there are comments in one patch of the series please consider if it applies to other places in the series.
Move run_benchmark() from resctrlfs.c to resctrl_val.c and remove redundant part of the kernel-doc comment. Make run_benchmark() static and remove it from the header file.
Patch series is based on [1] which is based on [2] which are based on ksefltest next branch.
ksefltest -> kselftest
Reinette
linux-kselftest-mirror@lists.linaro.org