lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180307132535.g7c2jro5n7okavbh@treble>
Date:   Wed, 7 Mar 2018 07:25:35 -0600
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        X86 ML <x86@...nel.org>, Andy Lutomirski <luto@...capital.net>,
        Peter Zijlstra <peterz@...radead.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 5/9] x86/dumpstack: Improve opcodes dumping in the Code:
 section

On Wed, Mar 07, 2018 at 11:13:14AM +0100, Borislav Petkov wrote:
> And that is fine if I do a 64-byte default, on-stack buffer but that
> code_bytes= thing can be 2 pages max which is yuck. No way I'm doing
> on-stack buffers then.

How about we just remove the 'code_bytes=' option?  (Or at the very
least, reduce its possible range to a reasonable max?)

I doubt anybody actually uses it.  I'd never heard of it before, nor
have I ever seen an oops with a long code dump.  I can't fathom why
somebody would even need it.  64 bytes is plenty, and an 8k code dump
just sounds insane.

It comes from the following commit:

commit 86c418374223be3f328b5522545196db02c8ceda
Author: Chuck Ebbert <cebbert@...hat.com>
Date:   Tue Feb 13 13:26:25 2007 +0100

    [PATCH] i386: add option to show more code in oops reports

    Sometimes developers need to see more object code in an oops report,
    e.g. when kernel may be corrupted at runtime.

    Add the "code_bytes" option for this.

    Signed-off-by: Chuck Ebbert <cebbert@...hat.com>
    Signed-off-by: Andi Kleen <ak@...e.de>
    Cc: Andi Kleen <ak@...e.de>
    Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>

But I've never seen a case where somebody needed to use it.

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ