lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 6 Oct 2020 11:52:26 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Guenter Roeck <linux@...ck-us.net>
Cc:     Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Shreyas Joshi <shreyas.joshi@...mp.com>, rostedt@...dmis.org,
        shreyasjoshi15@...il.com, linux-kernel@...r.kernel.org,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH] printk: handle blank console arguments passed in.

On Mon 2020-10-05 20:35:59, Guenter Roeck wrote:
> On 10/5/20 7:59 PM, Sergey Senozhatsky wrote:
> > On (20/05/22 12:00), Petr Mladek wrote:
> >> On Fri 2020-05-22 16:53:06, Shreyas Joshi wrote:
> >>> If uboot passes a blank string to console_setup then it results in a trashed memory.
> >>> Ultimately, the kernel crashes during freeing up the memory. This fix checks if there
> >>> is a blank parameter being passed to console_setup from uboot.
> >>> In case it detects that the console parameter is blank then
> >>> it doesn't setup the serial device and it gracefully exits.
> >>>
> > Petr, this patch's causing regressions for us. We use blank console= boot
> > param to bypass dts. It appears that it'd be better to revert the change.
> > 
> Not just to bypass dts, it was also possible to use console= to disable consoles
> passed as config option, as well as other default console options. A quick test
> confirms that this affects all platforms/architectures, not just Chromebooks.
> Prior to this patch, it was possible to disable a default console with an
> empty "console=" parameter. This is no longer possible. This means that
> this patch results in a substantial (and, as far as I can see, completely
> undiscussed) functionality change.

Where is this behavior documented, please?

I do not see it anywhere (documentation, git log, google) and it is far from
obvious from the code. It seems that any random string would do the
same job, e.g. console=none.

Of course, we need to restore the original behavior when it breaks
existing systems. But I want to be sure that there is no better
solution.

And it makes perfect sense to disable all consoles or drop all defined
by dts. But I would prefer to make it more obvious way, for
example by parameters like:

   + console=none
   + no-console
   + no-dtd-console
   + no-default-console


JFYI, the console= parameter handling is a real historical mess. We are
always surprised what undefined behavior people depend on. For
example, see:

  + commit 33225d7b0ac9903c5701b ("printk: Correctly set CON_CONSDEV
    even when preferred console was not registered")

  + commit e369d8227fd211be3624 ("printk: Fix preferred console
    selection with multiple matches")

> I don't understand why (yet), but the patch also causes regressions with
> seemingly unrelated functionality, specifically with dm-verity on at least
> one Chromebook platform. I filed crbug.com/1135157 to track the problem,
> and reverted the patch from all our stable releases immediately after
> the last round of stable release merges.
> 
> On a side note, I don't see the problem presumably fixed with this
> patch in any of my tests.

Console drivers might provide a custom match() callback to handle
various aliases. I guess that some driver wrongly matches the empty
string stored in the array of preferred consoles.

There are likely other ways to fix the original problem.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ