lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 19 Feb 2018 19:36:43 +1100
From:   Michael Ellerman <mpe@...erman.id.au>
To:     Vaibhav Jain <vaibhav@...ux.vnet.ibm.com>,
        Balbir Singh <bsingharora@...il.com>
Cc:     "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
        Nicholas Piggin <npiggin@...il.com>,
        Paul Mackerras <paulus@...ba.org>,
        Douglas Miller <dougmill@...ux.vnet.ibm.com>,
        Pan Xinhui <xinhui.pan@...ux.vnet.ibm.com>,
        "open list\:LINUX FOR POWERPC \(32-BIT AND 64-BIT\)" 
        <linuxppc-dev@...ts.ozlabs.org>
Subject: Re: [PATCH] powerpc/xmon: Dont register sysrq key when kernel param xmon=off

Vaibhav Jain <vaibhav@...ux.vnet.ibm.com> writes:
> Michael Ellerman <mpe@...erman.id.au> writes:
>> <snip>
<snip>
>>
>> What would be nice is if we keep that behaviour, but any action you take
>> in xmon that requires xmon to remain resident, ie. setting a breakpoint,
>> calls a function which makes sure xmon_on = true and if it wasn't prints
>> a nice message saying "Turning xmon on due to breakpoint insertion" or
>> something.

> That makes sense to me and sounds workable. However we already have a
> debugfs interface to enable/disable xmon debugger hook. I can also tweak
> this interface to also register the sysrq key when xmon is enabled. This
> should provide the user the ability to still use xmon if they want to
> after the system has booted with xmon=off.

I agree that sounds sensible, but it has one fatal flaw IMO.

Currently you can boot a box with XMON_DEFAULT=n, and it will crash dump
and so on, but if the box gets stuck you can jump on the console and
drop into xmon with sysrq-x.

If we additionally require xmon to be enabled via debugfs every boot
that will break the above use case, and I don't want to do that.

So in short I think I like my idea better :)

cheers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ