lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 16 Jul 2019 00:05:30 +0200
From:   Vasily Gorbik <gor@...ux.ibm.com>
To:     Petr Tesarik <PTesarik@...e.com>
Cc:     Christian Borntraeger <borntraeger@...ibm.com>,
        Heiko Carstens <heiko.carstens@...ibm.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Philipp Rudo <prudo@...ux.ibm.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Laura Abbott <labbott@...hat.com>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
        Raymund Will <rw@...e.com>
Subject: Re: [PATCH 2/2] s390: add Linux banner to the compressed image

On Sun, Jul 14, 2019 at 03:52:52PM +0000, Petr Tesarik wrote:
> On Sun, 14 Jul 2019 16:35:33 +0200
> Vasily Gorbik <gor@...ux.ibm.com> wrote:
> 
> > On Fri, Jul 12, 2019 at 07:21:01PM +0200, Petr Tesarik wrote:
> > > Various tools determine the kernel version from a given binary by
> > > scanning for the Linux banner string. This does not work if the
> > > banner string is compressed, but we can link it once more into the
> > > uncompressed portion of bzImage.
> 
> > But even before discussing solutions I would like to understand the
> > problem first. Which specific tools are you referring to? What are they
> > good for? And how do they get the kernel version from other architectures
> > compressed images?
> 
> The tool I'm aware of is called get_kernel_version. It's built as part
> of openSUSE aaa_base and is used at install time. I'm not quite sure
> how it is used, but I have added Raymund Will to Cc; he can provide
> more information. There's also an open bug for it:
> 
>   https://bugzilla.opensuse.org/show_bug.cgi?id=1139939

Oh, I see, found it, thanks. Very interesting tool.
https://github.com/openSUSE/aaa_base/blob/master/get_kernel_version.c

And the only usage of this tool I found is to get the kernel version of
/boot/image (on s390) to run depmod during
yast-installation/src/clients/network_finish.rb

I also see that queries to rpm are already done from
yast-yast2/library/system/src/modules/Kernel.rb
Wouldn't it be more reliable (and portable) to just get the kernel
version from rpm metadata? Without using unreliable tools? Or find some
other solution, since this is the only use case for the tool?
$ rpm -qf --qf '%{VERSION}-%{RELEASE}.%{ARCH}\n' /boot/vmlinuz-5.1.17-300.fc30.x86_64
5.1.17-300.fc30.x86_64
[it looks like openSUSE kernel rpms don't have metadata to reconstruct
full kernel version currently, but that could be improved?]

Anyhow, I'm not opposed to an idea to make it possible to detect the
kernel version from bzImage. But it should be reliable. So, see the
follow on patch I'm sending.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ