| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YMtB6Anv98O4mW9C@linux.fritz.box>
Date: Thu, 17 Jun 2021 14:36:56 +0200
From: Jessica Yu <jeyu@...nel.org>
To: Petr Mladek <pmladek@...e.com>
Cc: Chris Down <chris@...isdown.name>, linux-kernel@...r.kernel.org,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
John Ogness <john.ogness@...utronix.de>,
Steven Rostedt <rostedt@...dmis.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Johannes Weiner <hannes@...xchg.org>,
Kees Cook <keescook@...omium.org>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>, kernel-team@...com
Subject: Re: [PATCH v7 0/5] printk: Userspace format indexing support
+++ Petr Mladek [17/06/21 12:10 +0200]:
>On Tue 2021-06-15 17:52:20, Chris Down wrote:
>> We have a number of systems industry-wide that have a subset of their
>> functionality that works as follows:
>>
>> 1. Receive a message from local kmsg, serial console, or netconsole;
>> 2. Apply a set of rules to classify the message;
>> 3. Do something based on this classification (like scheduling a
>> remediation for the machine), rinse, and repeat.
>>
>> This provides a solution to the issue of silently changed or deleted
>> printks: we record pointers to all printk format strings known at
>> compile time into a new .printk_index section, both in vmlinux and
>> modules. At runtime, this can then be iterated by looking at
>> <debugfs>/printk/index/<module>, which emits the following format, both
>> readable by humans and able to be parsed by machines:
>>
>> $ head -1 vmlinux; shuf -n 5 vmlinux
>> # <level[,flags]> filename:line function "format"
>> <5> block/blk-settings.c:661 disk_stack_limits "%s: Warning: Device %s is misaligned\n"
>> <4> kernel/trace/trace.c:8296 trace_create_file "Could not create tracefs '%s' entry\n"
>> <6> arch/x86/kernel/hpet.c:144 _hpet_print_config "hpet: %s(%d):\n"
>> <6> init/do_mounts.c:605 prepare_namespace "Waiting for root device %s...\n"
>> <6> drivers/acpi/osl.c:1410 acpi_no_auto_serialize_setup "ACPI: auto-serialization disabled\n"
>>
>> This mitigates the majority of cases where we have a highly-specific
>> printk which we want to match on, as we can now enumerate and check
>> whether the format changed or the printk callsite disappeared entirely
>> in userspace. This allows us to catch changes to printks we monitor
>> earlier and decide what to do about it before it becomes problematic.
>>
>> There is no additional runtime cost for printk callers or printk itself,
>> and the assembly generated is exactly the same.
>>
>> Chris Down (5):
>> string_helpers: Escape double quotes in escape_special
>> printk: Straighten out log_flags into printk_info_flags
>> printk: Rework parse_prefix into printk_parse_prefix
>> printk: Userspace format indexing support
>> printk: index: Add indexing support to dev_printk
>
>The patchset looks ready for linux-next from my POV. I could fixup the
>messages as suggested by Andy when pushing.
>
>Well, I would still like to get acks from:
>
> + Andy for the 1st patch
> + Jessica for the changes in the module loader code in 4th patch.
Hi Petr, the module.{c,h} changes are fine by me:
Acked-by: Jessica Yu <jeyu@...nel.org>
Thank you,
Jessica
Powered by blists - more mailing lists