lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jan 2021 11:11:10 +0100 From: Petr Mladek <pmladek@...e.com> To: Steven Rostedt <rostedt@...dmis.org> Cc: Timur Tabi <timur@...nel.org>, Vlastimil Babka <vbabka@...e.cz>, Sergey Senozhatsky <sergey.senozhatsky@...il.com>, Matthew Wilcox <willy@...radead.org>, Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org, roman.fietze@...na.com, keescook@...omium.org, John Ogness <john.ogness@...utronix.de>, linux-mm@...ck.org, Akinobu Mita <akinobu.mita@...il.com> Subject: Re: [PATCH 0/2] introduce DUMP_PREFIX_UNHASHED for hex dumps On Tue 2021-01-26 12:40:32, Steven Rostedt wrote: > On Tue, 26 Jan 2021 12:39:12 -0500 > Steven Rostedt <rostedt@...dmis.org> wrote: > > > On Tue, 26 Jan 2021 11:30:02 -0600 > > Timur Tabi <timur@...nel.org> wrote: > > > > > On 1/26/21 11:14 AM, Vlastimil Babka wrote: > > > > If it was a boot option, I would personally be for leaving hashing enabled by > > > > default, with opt-in boot option to disable it. > > > > > > A boot option would solve all my problems. I wouldn't need to recompile > > > the kernel, and it would apply to all variations of printk. > > > > Should it be called "make-printk-insecure" Nit: This makes me feel that printk() might break (block) the system. Please, make it more clear that it is about unveiling some secret information, something like: "non-secret-printk" "non-confidental-printk" "unretricted-printk" I do not mind about the words order or using the "make-printk-non-secret" form. > And even if we make this a boot time option, perhaps we should still > include that nasty dmesg notice, which will let people know that the kernel > has unhashed values. +1 Best Regards, Petr
Powered by blists - more mailing lists