lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Feb 2018 01:07:23 -0800
From:   Josh Triplett <josh@...htriplett.org>
To:     "Luis R. Rodriguez" <mcgrof@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>,
        Greg KH <gregkh@...uxfoundation.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Shuah Khan <shuah@...nel.org>,
        Martin Fuzzey <mfuzzey@...keon.com>,
        Mimi Zohar <zohar@...ux.vnet.ibm.com>,
        David Howells <dhowells@...hat.com>, pali.rohar@...il.com,
        Takashi Iwai <tiwai@...e.de>, arend.vanspriel@...adcom.com,
        Rafał Miłecki <zajec5@...il.com>,
        nbroeking@...com, Vikram Mulukutla <markivx@...eaurora.org>,
        stephen.boyd@...aro.org, Mark Brown <broonie@...nel.org>,
        Dmitry Torokhov <dmitry.torokhov@...il.com>,
        David Woodhouse <dwmw2@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Abhay_Salunke@...l.com, bjorn.andersson@...aro.org,
        jewalt@...innovations.com, LKML <linux-kernel@...r.kernel.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: Re: [PATCH v2 11/11] test_firmware: test three firmware kernel
 configs using a proc knob

On Wed, Feb 28, 2018 at 01:32:37AM +0000, Luis R. Rodriguez wrote:
> On Tue, Feb 27, 2018 at 03:18:15PM -0800, Kees Cook wrote:
> > On Fri, Feb 23, 2018 at 6:46 PM, Luis R. Rodriguez <mcgrof@...nel.org> wrote:
> > > Since we now have knobs to twiddle what used to be set on kernel
> > > configurations we can build one base kernel configuration and modify
> > > behaviour to mimic such kernel configurations to test them.
> > >
> > > Provided you build a kernel with:
> > >
> > > CONFIG_TEST_FIRMWARE=y
> > > CONFIG_FW_LOADER=y
> > > CONFIG_FW_LOADER_USER_HELPER=y
> > > CONFIG_IKCONFIG=y
> > > CONFIG_IKCONFIG_PROC=y
> > >
> > > We should now be able test all possible kernel configurations
> > > when FW_LOADER=y. Note that when FW_LOADER=m we just don't provide
> > > the built-in functionality of the built-in firmware.
> > >
> > > If you're on an old kernel and either don't have /proc/config.gz
> > > (CONFIG_IKCONFIG_PROC) or haven't enabled CONFIG_FW_LOADER_USER_HELPER
> > > we cannot run these dynamic tests, so just run both scripts just
> > > as we used to before making blunt assumptions about your setup
> > > and requirements exactly as we did before.
> > >
> > > Signed-off-by: Luis R. Rodriguez <mcgrof@...nel.org>
> > 
> > Cool. Nice to have it all in one test build now. :)
> 
> Now what about we start discussing one kernel config only for the future?  The
> impact would be the size of the fallback mechanism. That should be a bit clear
> in terms of size impact after this series.
> 
> Wonder what Josh thinks as he help with tinyconfig. We could target v4.18 if
> its sensible.

Having any of these unconditionally compiled in seems likely to be a
significant impact, both directly and because of what else it would
implicitly prevent compiling out or removing. And the firmware loader,
for instance, is something that many kernels or hardware will not need
at all.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ