lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 25 May 2021 17:19:20 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc:     Rasmus Villemoes <linux@...musvillemoes.dk>,
        Chris Down <chris@...isdown.name>,
        linux-kernel@...r.kernel.org, Jessica Yu <jeyu@...nel.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        John Ogness <john.ogness@...utronix.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Johannes Weiner <hannes@...xchg.org>,
        Kees Cook <keescook@...omium.org>, kernel-team@...com
Subject: Re: [PATCH v6 3/4] printk: Userspace format indexing support

On Thu 2021-05-20 12:25:55, Andy Shevchenko wrote:
> On Wed, May 19, 2021 at 08:59:06AM +0200, Rasmus Villemoes wrote:
> > On 18/05/2021 18.00, Andy Shevchenko wrote:
> > > On Tue, May 18, 2021 at 03:07:44PM +0100, Chris Down wrote:
> > >>>> +static int __init pi_init(void)
> > > 
> > >>> No __exit? (There is a corresponding call for exit)
> > >>
> > >> Hmm, can't printk only be built in to the kernel, so it can't be unloaded?
> > >> At least it looks that way from Kconfig. Maybe I'm missing something and
> > >> there's some other way that might be invoked?
> > > 
> > > While it's true, it may help in these cases:
> > >  1) getting things done in a clean way
> > 
> > Huh?
> > 
> > >  2) finding bugs during boot cycle
> > 
> > What bugs would code that doesn't get executed find?
> > 
> > >  3) (possibly) making better debugging in virtual environments
> > 
> > How?
> > 
> > >  4) (also possibly) clean up something which shouldn't be seen by the next
> > >     (unsecure) kernel, like kexec.
> > 
> > Tearing down a few debugfs files wouldn't touch a lot of memory, the
> > printk format strings are very unlikely to be sensitive, and I highly
> > doubt __exit code is kept around and run at kexec time anyway.
> 
> I admit that I'm on a learning curve in this area, and perhaps it was unclear
> from the above that the list I gave is what I think may or might be relevant.
> 
> > IOW, please do not bloat the kernel image with __exit code in things
> > which cannot be built modular.
> 
> Why we have exitcall in the code which can't be modular? Is somebody going to
> clean that up? (Ex. `git grep -w __exitcall`)

Most exit calls are in "um" arch code. AFAIK, it is a kernel that can be
booted in userspace. And it is very special.

Anyway, this functionality (printk index) do not need any special
handling during suspend, reboot, halt, or other system state
changes.

It only has to be initialized during boot at the right time.
It is after debugfs is initialized and before modules can be
loaded.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ