lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 25 Nov 2012 04:28:02 +0000
From:	"Serge E. Hallyn" <serge@...lyn.com>
To:	Libo Chen <chenlibo.3@...il.com>
Cc:	"Serge E. Hallyn" <serge@...lyn.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	containers@...ts.linux-foundation.org, netdev@...r.kernel.org
Subject: Re: [PATCH RFC 3/5] printk: modify printk interface for
 syslog_namespace

Quoting Libo Chen (chenlibo.3@...il.com):
> On 2012/11/22 1:49, Serge E. Hallyn wrote:
> 
> > I notice that you haven't made any changes to the struct cont.  I
> > suspect this means that to-be-continued msgs from one ns can be
> > erroneously mixed with another ns.
> >
> Yes, I confirmed this problem. There will be erroneously mixed with another ns.
> Thank you very much.
> 
> > You said you don't mind putting the syslogns into the userns.  If
> > there's no reason not to do that, then we should do so as it will
> > remove a bunch of code (plus the use of a new CLONE flag) from your
> > patch, and the new syslog(NEW_NS) command from mine.
> >
> I agree with you, both are removable.
> 
> > Now IMO the ideal place for syslog_ns would be in the devices ns,
> > but that does not yet exist, and may never.  The bonus to that would
> > be that the consoles sort of belong there.  I avoid this by not
> > having consoles in child syslog namespaces.  You put the console in
> > the ns.  I haven't looked closely enough to see if what you do is
> > ok (will do so soon).
> >
> > WOuld you mind looking through my patch to see if it suffices for
> > your needs?  Where it does not, patches would be greatly appreciated
> > if simple enough.
> 
> follow your patch, I can see inject message by "dmesg call" in container, is right?

If I understand you right, yes.

> I am worry that I debug  or see messages from serial ports console in some embedded system,
> since console belongs to init_syslog,  so the message in container can`t be printed. 

Sorry, I don't understand which way you're going with that.  Could you
rephrase?  You want to prevent console messages from going to a
container?  (That should definately not happen)  Or something else?

> > Note I'm not at all wedded to my patchset.  I'm happy to go with
> > something else entirely.  My set was just a proof of concept.

thanks,
-serge
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ