lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Wed, 15 Jan 2014 10:12:23 -0500
From:	Vivek Goyal <vgoyal@...hat.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux kernel mailing list <linux-kernel@...r.kernel.org>,
	Kexec Mailing List <kexec@...ts.infradead.org>,
	Greg KH <gregkh@...e.de>,
	"Ken'ichi Ohmichi" <oomichi@....nes.nec.co.jp>,
	Dan Aloni <da-x@...atomic.org>
Subject: Re: [PATCH] kdump: Fix exported size of vmcoreinfo note

On Tue, Jan 14, 2014 at 03:35:54PM -0800, Andrew Morton wrote:
> On Tue, 14 Jan 2014 14:33:11 -0500 Vivek Goyal <vgoyal@...hat.com> wrote:
> 
> > Right now we seem to be exporting the max data size contained inside
> > vmcoreinfo note. But this does not include the size of meta data around
> > vmcore info data. Like name of the note and starting and ending elf_note.
> > 
> > I think user space expects total size and that size is put in PT_NOTE
> > elf header. Things seem to be fine so far because we are not using
> > vmcoreinfo note to the maximum capacity. But as it starts filling up,
> > to capacity, at some point of time, problem will be visible.
> 
> urgh.  This is what we get for adding undocumented interfaces.
> 
> Looking through the fd59d231f81cb0287 changelog and the various email
> threads it points to I can find no mention of what vmcoreinfo is
> *supposed* to contain.  It was just kinda silently tossed in there.
> 
> So as a remedial step, could we please get this and any associated
> interfaces written down in a way which people can very belatedly
> review?

Sure. I will send another patch to add some documentation for vmcoreinfo
in Documentation/ABI/testing/* in a separate patch.

> 
> Phrases like "I think user space expects" and "Things seem to be fine
> so far" don't inspire a ton of confidence.  What are the chances of
> userspace breakage here?  Would it be safer/saner to leave vmcoreinfo
> alone and add a new vmcoreinfo2 with the altered behaviour?

I don't think user space will be broken with this change. So there is
no need to introduce vmcoreinfo2. This change is safe and backward 
compatible. More explanation on why this change is safe is below.

vmcoreinfo contains information about kernel which user space needs to
know to do things like filtering. For example, various kernel config
options or information about size or offset of some data structures etc.
All this information is commmunicated to user space with an ELF note
present in ELF /proc/vmcore file.

Currently vmcoreinfo data size is 4096. With some elf note meta data
around it, actual size is 4132 bytes. But we are using barely 25% of
that size. Rest is empty. So even if we tell user space that size of
ELf note is 4096 and not 4132, nothing will be broken becase after
around 1000 bytes, everything is zero anyway.

But once we start filling up the note to the capacity, and not report
the full size of note, bad things will start happening. Either some data
will be lost or tools will be confused that they did not fine the zero
note at the end.

So I think this change is safe and should not break existing tools.

Thanks
Vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ