lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20160725111810.6230229d@gandalf.local.home>
Date:	Mon, 25 Jul 2016 11:18:10 -0400
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Dave Young <dyoung@...hat.com>
Cc:	Borislav Petkov <bp@...en8.de>,
	Andrew Morton <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>, Franck Bui <fbui@...e.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Ingo Molnar <mingo@...nel.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Uwe Kleine-König 
	<u.kleine-koenig@...gutronix.de>
Subject: Re: [PATCH -v4 2/2] printk: Add kernel parameter to control writes
 to /dev/kmsg

On Mon, 18 Jul 2016 16:17:12 +0800
Dave Young <dyoung@...hat.com> wrote:

> On 07/18/16 at 10:08am, Borislav Petkov wrote:
> > On Mon, Jul 18, 2016 at 03:38:45PM +0800, Dave Young wrote:  
> > > no printk.devkmsg= on kernel cmdline  
> > >    -> unlocked, default is off, writing to /dev/kmsg is forbidded
> > >       -> usespace set sysctl printk.devkmsg=on
> > >          -> writing to /dev/kmsg is allowed.  
> > 
> > And that helps how exactly?
> > 
> > I don't understand why you're harping on the ratelimiting. It is a sane
> > default for the *default* case. Userspace should switch to its own
> > logging scheme when it has started anyway.  
> 
> Because IMHO it is wrong, they can not be ratelimited because the writing could
> be from different userspace programs. Simply ratelimiting different sources of
> writing is pointless to me. One can only see messages they would like to see
> by luck, it is worse than off.
> 

[ sorry for coming in late, I've been on vacation ]

Note, this is a kernel resource that, IMHO should never had been
accessed by userspace in the first place. Perhaps we should create a
separate buffer for userspace instead. But until then, we need this
usage.

If ratelimit is triggered, then something is blasting the limited
resource of the kernel, and information will be lost. Most of the time,
it's the first lines that are needed to determine what happened, so if
something starts writing a lot into the buffer, you want to save what
was first written. That's the most critical part. Rate limiting will
help save the part you want to see most.

And it could have been the kernel that caused the issue. Rate limiting
userspace to preserve the kernel output is a good thing.

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ