[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <68486fcf-325f-fbd3-adb4-14666d477917@i-love.sakura.ne.jp>
Date: Fri, 24 May 2019 19:35:28 +0900
From: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
LKML <linux-kernel@...r.kernel.org>,
Petr Mladek <pmladek@...e.com>,
Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH] printk: Monitor change of console loglevel.
On 2019/05/24 16:55, Dmitry Vyukov wrote:
> On Thu, May 23, 2019 at 11:57 AM Tetsuo Handa
> <penguin-kernel@...ove.sakura.ne.jp> wrote:
>>
>> Well, the culprit of this problem might be syz_execute_func().
>>
>> https://twitter.com/ed_maste/status/1131165065485398016
>>
>> Then, blacklisting specific syscalls/arguments might not work.
>> We will need to guard specific paths on the kernel side using
>> some kernel config option...
>
> Yes, that's a nasty issue. We could stop running random code, or
> setuid into nobody, but then we will lose lots of test coverage...
>
I think that guarding specific paths on the kernel side is better.
TOMOYO already added CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING for
avoid emitting WARNING: string and getting more test coverage. There are
other codes emitting WARNING: string that confuses syzbot. If we guard
critical paths like reboot/poweroff request that will destroy the target
VM instance, we can get more test coverage while reducing pointless reports.
Powered by blists - more mailing lists