lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YKPkkiCX6gdSa/rI@smile.fi.intel.com>
Date:   Tue, 18 May 2021 19:00:18 +0300
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Chris Down <chris@...isdown.name>
Cc:     linux-kernel@...r.kernel.org, Petr Mladek <pmladek@...e.com>,
        Jessica Yu <jeyu@...nel.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        John Ogness <john.ogness@...utronix.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Johannes Weiner <hannes@...xchg.org>,
        Kees Cook <keescook@...omium.org>,
        Rasmus Villemoes <linux@...musvillemoes.dk>, kernel-team@...com
Subject: Re: [PATCH v6 3/4] printk: Userspace format indexing support

On Tue, May 18, 2021 at 03:07:44PM +0100, Chris Down wrote:
> Andy Shevchenko writes:

...

> > > +	return mod ? mod->name : "vmlinux";
> > 
> > First of all, you have several occurrences of the "vmlinux" literal.
> > Second, can't you get it from somewhere else? Is it even guaranteed that the
> > name is always the same?
> 
> Hmm, I don't know if it's guaranteed, but we already have similar logic in
> (as one example) livepatch, which seems to suggest it's not obviously wrong:
> 
>     % grep -R '"vmlinux"' kernel/livepatch/
>     kernel/livepatch/core.c:                       sympos, name, objname ? objname : "vmlinux");
>     kernel/livepatch/core.c:        bool sec_vmlinux = !strcmp(sec_objname, "vmlinux");
>     kernel/livepatch/core.c:                sym_vmlinux = !strcmp(sym_objname, "vmlinux");
>     kernel/livepatch/core.c:        if (strcmp(objname ? objname : "vmlinux", sec_objname))
>     kernel/livepatch/core.c:        name = klp_is_module(obj) ? obj->name : "vmlinux";
>     kernel/livepatch/core.c:                                klp_is_module(obj) ? obj->name : "vmlinux");
>     kernel/livepatch/core.c:                                klp_is_module(obj) ? obj->name : "vmlinux");
>     kernel/livepatch/core.c:        if (!strcmp(mod->name, "vmlinux")) {
> 
> Is there another name or method you'd prefer? :-)
> 
> As for the literals, are you saying that you prefer that it's symbolised as
> a macro or static char, or do you know of an API where this kind of name can
> be canonically accessed?

I have heard that modern GCC (at least) can utilize same constant literals in a
single compilation unit, so it won't be duplicated.

But more serious here is the guarantees of the name. Shouldn't it come from
KBuild / Makefile into some header like version do?

livepatch has to be fixed accordingly.

...

> > > +#define seq_escape_printf_format(s, src) \
> > > +	seq_escape_str(s, src, ESCAPE_ANY | ESCAPE_NAP | ESCAPE_APPEND, "\"\\")
> > 
> > Hmm... But after your ESCAPE_SPECIAL update why " is in @only?
> > Not sure about back slash either.
> 
> Good question! It's because ESCAPE_NAP (used to reduce scope of
> ESCAPE_OCTAL) will cause double quote and backslash to be ignored for
> quoting otherwise, even with ESCAPE_SPECIAL from ESCAPE_ANY.

Ah, makes sense. Yep, it's a bit complicated, but okay, perhaps it needs a
comment near to the macro.

> I touched on this briefly in the changelog for the patch adding the quote to
> ESCAPE_SPECIAL:
> 
> From "string_helpers: Escape double quotes in escape_special":
> > One can of course, alternatively, use ESCAPE_APPEND with a quote in
> > @only, but without this patch quotes are coerced into hex or octal which
> > can hurt readability quite significantly.
> 
> Maybe you know of a more intuitive way to deal with this? :-)

...

> > > +static int __init pi_init(void)

> > No __exit? (There is a corresponding call for exit)
> 
> Hmm, can't printk only be built in to the kernel, so it can't be unloaded?
> At least it looks that way from Kconfig. Maybe I'm missing something and
> there's some other way that might be invoked?

While it's true, it may help in these cases:
 1) getting things done in a clean way
 2) finding bugs during boot cycle
 3) (possibly) making better debugging in virtual environments
 4) (also possibly) clean up something which shouldn't be seen by the next
    (unsecure) kernel, like kexec.

I'm not sure about these, but it what comes to my mind.

-- 
With Best Regards,
Andy Shevchenko


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ