lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210302090811.620ae7d0@gandalf.local.home>
Date:   Tue, 2 Mar 2021 09:08:11 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Vlastimil Babka <vbabka@...e.cz>, Petr Mladek <pmladek@...e.com>,
        Marco Elver <elver@...gle.com>, Timur Tabi <timur@...nel.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Matthew Wilcox <willy@...radead.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        roman.fietze@...na.com, Kees Cook <keescook@...omium.org>,
        John Ogness <john.ogness@...utronix.de>,
        Akinobu Mita <akinobu.mita@...il.com>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Konovalov <andreyknvl@...gle.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Pavel Machek <pavel@....cz>,
        Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux MM <linux-mm@...ck.org>
Subject: Re: [PATCH 3/3] [v4] lib/vsprintf: no_hash_pointers prints all
 addresses as unhashed

On Tue, 2 Mar 2021 14:49:42 +0100
Geert Uytterhoeven <geert@...ux-m68k.org> wrote:

> > So this is basically a kernel tinyfication issue, right? Is that still pursued
> > today? Are there better config options suitable for this than CONFIG_DEBUG_KERNEL?  
> 
> As long as I hear about products running Linux on SoCs with 10 MiB of
> SRAM, I think the answer is yes.
> I'm not immediately aware of a better config option.  There are no more
> TINY options left, and EXPERT selects DEBUG_KERNEL.

Since the trace_printk() uses the same type of notice, I wonder if we could
make this into a helper function and just pass in the top part.

+	pr_warn("**********************************************************\n");
+	pr_warn("**   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **\n");
+	pr_warn("**                                                      **\n");


+	pr_warn("** This system shows unhashed kernel memory addresses   **\n");
+	pr_warn("** via the console, logs, and other interfaces. This    **\n");
+	pr_warn("** might reduce the security of your system.            **\n");

Only the above section is really unique. The rest can be a boiler plate.

-- Steve

+	pr_warn("**                                                      **\n");
+	pr_warn("** If you see this message and you are not debugging    **\n");
+	pr_warn("** the kernel, report this immediately to your system   **\n");
+	pr_warn("** administrator!                                       **\n");
+	pr_warn("**                                                      **\n");
+	pr_warn("**   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **\n");
+	pr_warn("**********************************************************\n");
+

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ