| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 19 Dec 2010 12:17:53 -0800 From: Tony Luck <tony.luck@...el.com> To: Borislav Petkov <bp@...en8.de>, Tony Luck <tony.luck@...il.com>, Linus Torvalds <torvalds@...ux-foundation.org>, "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org, tglx@...utronix.de, mingo@...e.hu, greg@...ah.com, akpm@...ux-foundation.org, ying.huang@...el.com, David Miller <davem@...emloft.net>, Alan Cox <alan@...rguk.ukuu.org.uk>, Jim Keniston <jkenisto@...ux.vnet.ibm.com>, Kyungmin Park <kmpark@...radead.org>, Geert Uytterhoeven <geert@...ux-m68k.org> Subject: Re: [concept & "good taste" review] persistent store On Sun, Dec 19, 2010 at 1:17 AM, Borislav Petkov <bp@...en8.de> wrote: > Before we go and delve into priority-sorting the oopses in the pstore, > let me ask this: how big an actual persistent storage device are we > talking? I'm not sure how big the store is on my system ... the ACPI/ERST interface on this machine limits each entry to just under 8KB. But that isn't inherent to to ERST, both larger and smaller values would be an option. 8K seems quite useful for kmsg_dump purposes as it grabs a significant number of lines leading up to the oops/panic. After I dropped the "stupid" part about not saving OOPs, I ran a test on Friday where I instigated a dozen or so OOPses, and all were saved without ERST complaining. There is a "how big is the store" call in the protocol - so the only option is to keep writing until a failure occurs. I will try this when I'm next in the office, > Because if it is big enough - for some value of 'big' - we could try to > never let it fill up. With the price per GByte of flash memory - the answer *ought* to be some huge value > If want to save space we might even do something > crazy like compressing the oops info. In the rare event it fills up or > hits some 'almost-full' watermarks, we can kick some userspace daemon > to start writing the oopses to fs and clear the pstore. This all should > happen in the case where all you get is non-critical warnings and the > system is still alive. This is a good point. In the case that the OOPs that was recorded to persistent store wasn't fatal - then the normal daemons will log it to /var/log/messages. So in the general case, if the system finds that it isn't dead a few seconds after logging something - it is most likely safe to assume that the persistent store copy isn't vital, as the data should be available elsewhere. > However, in the critical cases, you get a single "stream" of oopses with > the first one being the most important one and then you panic. And in > most cases that stream is only a couple of oopses long. For that, the > pstore should be big enough to easily contain it. Yes. At least it is for my test system. I know I can fit a dozen messages. > So, I think what we could do is keep our big enough pstore with enough > free space for a bunch of oopses in case we panic. In the remaining > cases, we write them out thus freeing some more space. Some feedback from syslogd (or whatever it is that gets things from dmesg into /var/log/messages) would help here ... though to be really useful it might need "fsync" to /var/log/messages, which might not be a welcome addition. -Tony -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists