| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Apr 2016 12:44:32 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...en8.de>,
Uwe Kleine-König
<u.kleine-koenig@...gutronix.de>
Subject: Re: [PATCH v2] printk: Add kernel parameter to disable writes to
/dev/kmsg
On Mon, 25 Apr 2016 21:24:35 +0200 Peter Zijlstra <peterz@...radead.org> wrote:
> On Mon, Apr 25, 2016 at 12:18:15PM -0700, Greg Kroah-Hartman wrote:
> > On Mon, Apr 25, 2016 at 09:06:51PM +0200, Peter Zijlstra wrote:
> > > On Mon, Apr 25, 2016 at 02:56:06PM -0400, Steven Rostedt wrote:
> > > > +static bool __read_mostly devkmsg_disabled;
> > > > +static int __init disable_devkmsg(char *str)
> > > > +{
> > > > + devkmsg_disabled = true;
> > > > + return 0;
> > > > +}
> > > > +__setup("printk.disable_kmsg_write", disable_devkmsg);
> > >
> > > Again, please default enable and use an easier name to toggle this.
> > > Userspace flooding this with junk is really insane.
> >
> > If you default enable, you break working systems today that want to log
> > stuff through this interface, sorry.
>
> Oh, you mean those 'working' systems that livelocked my box because I
> had console to serial enabled which could not keep up with the endless
> flood of shite?
>
> This systemd exposure has seriously eroded your sanity.
I'm trying to remember why we added /dev/kmsg in the first place - it
seems a quite stupid idea. Why the heck should userspace be able to
diddle with the kernel->userspace messaging stream? Sigh.
This:
commit e1b19d6e06a98874018c66990465dcc69b69c4bf
Author: Andrew Morton <akpm@....com.au>
Date: Tue Aug 13 06:12:54 2002 -0700
[PATCH] printk from userspace
The patch allows userspace to issue printk's, via sys_syslog().
The main use of this is within hpa's klibc - initial userspace needs a
way of logging information and this API allows that information to be
captured into the printk ringbuffer. It ends up in /var/log/messages.
Messages are truncated at 1024 characters by printk's vsprintf().
Requires CAP_SYS_ADMIN.
This later got reverted and was replaced with /dev/kmsg and /proc/kmsg.
I guess that's a legitimate enough reason but in retrospect we should
have found a way of just shutting it off after booting has completed.
Powered by blists - more mailing lists