lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Apr 2020 06:38:34 +0000
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Masami Hiramatsu <mhiramat@...nel.org>
Cc:     Vlastimil Babka <vbabka@...e.cz>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        Iurii Zaikin <yzaikin@...gle.com>,
        linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
        linux-mm@...ck.org, Ivan Teterevkov <ivan.teterevkov@...anix.com>,
        Michal Hocko <mhocko@...nel.org>,
        David Rientjes <rientjes@...gle.com>,
        Matthew Wilcox <willy@...radead.org>,
        "Eric W . Biederman" <ebiederm@...ssion.com>,
        "Guilherme G . Piccoli" <gpiccoli@...onical.com>,
        Alexey Dobriyan <adobriyan@...il.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Christian Brauner <christian.brauner@...ntu.com>
Subject: Re: [PATCH v2 0/3] support setting sysctl parameters from kernel
 command line

On Thu, Apr 16, 2020 at 03:02:06PM +0900, Masami Hiramatsu wrote:
> Hi Luis,
> 
> On Wed, 15 Apr 2020 06:30:41 +0000
> Luis Chamberlain <mcgrof@...nel.org> wrote:
> > Currently the maximum config size size is 32KB and the total key-words
> > (not     key-value entries) must be under 1024 nodes.  Note: this is not
> > the number of entries but nodes, an entry must consume more than 2 nodes
> > (a key-word and a value). So theoretically, it will be up to 512
> > key-value pairs. If keys contains 3 words in average, it can contain 256
> > key-value pairs. In most cases, the number of config items will be under
> > 100 entries and smaller than 8KB, so it would be enough.  If the node
> > number exceeds 1024, parser returns an error even if the file       size
> > is smaller than 32KB.  Anyway, since bootconfig command verifies it when
> > appending a boot config       to initrd image, user can notice it before
> > boot.  
> > ```
> > *recommending* bootconfig due to the limitation of cmdline seems
> > sensible, however if we advise that.. wouldn't the space for 512
> > theoretical entries full up rather fast?
> 
> Yeah, I think it is easier to hit the node number limitation rather
> than fill up the space. However, since the bootconfig supports comments,
> if user writes enough readable config file, I think it's probably the
> right balance :)
> If you think the 512 entries is too small, it is easy to expand it
> upto 32K (64K nodes). But it may consume 512KB memory only for the
> node (meta) data. Current 1024 nodes consumes 8KB (8bytes/node), so
> compared with the max data size (32KB), I think it is a better balance.

Yeah, and well at least x86 / x86_64 sets COMMAND_LINE_SIZE to 2048
right now (2 KB), that'd hit the limit of abuse of cmdline pretty fast
too. I see no way to scale this reasonably if people abuse syctls on
the command line but to use bootconfig and bite the bullet on size,
to keep sanity.

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ