| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Oct 2010 23:58:38 -0400 From: Steven Rostedt <rostedt@...dmis.org> To: Rusty Russell <rusty@...tcorp.com.au> Cc: LKML <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>, Frederic Weisbecker <fweisbec@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH v2][GIT PULL] tracing: Prevent unloadable modules from using trace_bprintk() On Fri, 2010-10-22 at 14:13 +1030, Rusty Russell wrote: > > > > > > I think disabling use in modules is lazy, > > > > and safer. > > Well then just delete trace_bprintk altogether. Even safer! Reminds me of the argument against lowering the speed limit to 55. "it's safer"... "Then lower it to zero, even safer!" > > > > Can't you detect this on module unload and fix it up? Or delay freeing the > > > module until the trace ring is emptied? > > > > One possibility is to magically make all string formats used in > > trace_printk into its own section, and keep it allocated until the ring > > buffer is empty. Or, we can just do that with the module's entire string > > section, since we know whether or not that module has a trace_printk in > > it or not. > > Exactly. Set a flag in the module if it resolves trace_printk, and defer freeing > the module in that case. This shouldn't be that hard... Here's my worry. 1) Some module with tracepoints is loaded at boot up. 2) The user does tracing and forgets about it (ring buffer filled) 3) Unloads module (don't free) 4) loads module with trace points 5) unloads module (don't free) etc, etc memory leak. Thus this is not that trivial. We probably need to have a way to lock a module when its tracepoint is activated, and only unlock it when the ring buffer is emptied. Do we want to prevent the module from being unloaded while the ring buffer is full (after that module has been traced?), or do we let the module be unloaded, but just prevent this one section from being freed? -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists