lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 20 Jul 2009 20:46:38 +0800
From:	Lai Jiangshan <laijs@...fujitsu.com>
To:	Andrew Morton <akpm@...ux-foundation.org>,
	Neil Horman <nhorman@...driver.com>,
	Vivek Goyal <vgoyal@...hat.com>,
	Brayan Arraes <brayan@...k.com.br>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	LKML <linux-kernel@...r.kernel.org>
Subject: [PATCH] sysrq, kdump: fix regression, revert "simplify sysrq-c handler"


1) This fix breaks our tools.
      This fix changes the ABI. panic_on_oops is default 0,
   and a lots system do not specify the boot option "panic",
   thus, Sysrq-c will not cause CrashDump(Kdump) as expected.

2) When CONFIG_KEXEC=n, Sysrq-c should become an invalid
   command like Sysrq-D(CONFIG_LOCKDEP, show-all-locks).
   But this fix makes it a valid command and let it do a
   hazard thing: cause a page fault(NULL dereference) in kernel.

So, we revert this fix.

|commit d6580a9f15238b87e618310c862231ae3f352d2d
|Author: Neil Horman <nhorman@...driver.com>
|Date:   Wed Jun 17 16:28:17 2009 -0700

|    kexec: sysrq: simplify sysrq-c handler

|    Currently the sysrq-c handler is bit over-engineered.  Its behavior is
|    dependent on a few compile time and run time factors that alter its
|    behavior which is really unnecessecary.

|    If CONFIG_KEXEC is not configured, sysrq-c, crashes the system with a NULL
|    pointer dereference.  If CONFIG_KEXEC is configured, it calls crash_kexec
|    directly, which implies that the kexec kernel will either be booted (if
|    its been previously loaded), or it will simply do nothing (the no kexec
|    kernel has been loaded).

|    It would be much easier to just simplify the whole thing to dereference a
|    NULL pointer all the time regardless of configuration.  That way, it will
|    always try to crash the system, and if a kexec kernel has been loaded into
|    reserved space, it will still boot from the page fault trap handler
|    (assuming panic_on_oops is set appropriately).


Signed-off-by: Lai Jiangshan <laijs@...fujitsu.com>
---
diff --git a/drivers/char/sysrq.c b/drivers/char/sysrq.c
index 0db3585..39a05b5 100644
--- a/drivers/char/sysrq.c
+++ b/drivers/char/sysrq.c
@@ -121,17 +121,20 @@ static struct sysrq_key_op sysrq_unraw_op = {
 #define sysrq_unraw_op (*(struct sysrq_key_op *)0)
 #endif /* CONFIG_VT */
 
-static void sysrq_handle_crash(int key, struct tty_struct *tty)
+#ifdef CONFIG_KEXEC
+static void sysrq_handle_crashdump(int key, struct tty_struct *tty)
 {
-	char *killer = NULL;
-	*killer = 1;
+	crash_kexec(get_irq_regs());
 }
 static struct sysrq_key_op sysrq_crashdump_op = {
-	.handler	= sysrq_handle_crash,
-	.help_msg	= "Crash",
-	.action_msg	= "Trigger a crash",
+	.handler	= sysrq_handle_crashdump,
+	.help_msg	= "Crashdump",
+	.action_msg	= "Trigger a crashdump",
 	.enable_mask	= SYSRQ_ENABLE_DUMP,
 };
+#else
+#define sysrq_crashdump_op (*(struct sysrq_key_op *)0)
+#endif
 
 static void sysrq_handle_reboot(int key, struct tty_struct *tty)
 {



   

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ