| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Feb 2018 17:39:55 -0800
From: Kees Cook <keescook@...omium.org>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Al Viro <viro@...iv.linux.org.uk>,
Alexey Dobriyan <adobriyan@...il.com>,
Jonathan Corbet <corbet@....net>,
LKML <linux-kernel@...r.kernel.org>, linux-doc@...r.kernel.org
Subject: Re: [PATCH 3/3] taint: Add taint for randstruct
On Fri, Feb 16, 2018 at 1:02 PM, Andrew Morton
<akpm@...ux-foundation.org> wrote:
> On Thu, 15 Feb 2018 19:37:44 -0800 Kees Cook <keescook@...omium.org> wrote:
>
>> --- a/Documentation/sysctl/kernel.txt
>> +++ b/Documentation/sysctl/kernel.txt
>> @@ -991,6 +991,7 @@ ORed together. The letters are seen in "Tainted" line of Oops reports.
>> 16384 (L): A soft lockup has previously occurred on the system.
>> 32768 (K): The kernel has been live patched.
>> 65536 (X): Auxiliary taint, defined and used by for distros.
>> +131072 (T): The kernel was built with the struct randomization plugin.
>
> Uncle.
>
>
> From: Andrew Morton <akpm@...ux-foundation.org>
> Subject: Documentation/sysctl/kernel.txt: show taint codes in hex
>
> The decimal representation is getting a bit hard to follow.
The rationale, AIUI, is that /proc/sys/kernel/tainted prints the
values in decimal. If we change the docs to be hex and leave the
output decimal, that makes it even harder to examine.
If we change the proc output, will we break userspace? And if we
change it, maybe avoid numbers at all, and proc should bring the same
thing that Oops does (the letter codes)? (But then the sysctl would
need to parse the letters...)
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists