lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 21 Jun 2021 10:54:06 +0200
From:   Petr Mladek <pmladek@...e.com>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        Chris Down <chris@...isdown.name>
Cc:     linux-kernel@...r.kernel.org, Jessica Yu <jeyu@...nel.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        John Ogness <john.ogness@...utronix.de>,
        Steven Rostedt <rostedt@...dmis.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Johannes Weiner <hannes@...xchg.org>,
        Kees Cook <keescook@...omium.org>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>, kernel-team@...com
Subject: Re: [PATCH v7 0/5] printk: Userspace format indexing support

On Thu 2021-06-17 12:10:43, Petr Mladek wrote:
> On Tue 2021-06-15 17:52:20, Chris Down wrote:
> > We have a number of systems industry-wide that have a subset of their
> > functionality that works as follows:
> > 
> > 1. Receive a message from local kmsg, serial console, or netconsole;
> > 2. Apply a set of rules to classify the message;
> > 3. Do something based on this classification (like scheduling a
> >    remediation for the machine), rinse, and repeat.
> > 
> > This provides a solution to the issue of silently changed or deleted
> > printks: we record pointers to all printk format strings known at
> > compile time into a new .printk_index section, both in vmlinux and
> > modules. At runtime, this can then be iterated by looking at
> > <debugfs>/printk/index/<module>, which emits the following format, both
> > readable by humans and able to be parsed by machines:
> > 
> >     $ head -1 vmlinux; shuf -n 5 vmlinux
> >     # <level[,flags]> filename:line function "format"
> >     <5> block/blk-settings.c:661 disk_stack_limits "%s: Warning: Device %s is misaligned\n"
> >     <4> kernel/trace/trace.c:8296 trace_create_file "Could not create tracefs '%s' entry\n"
> >     <6> arch/x86/kernel/hpet.c:144 _hpet_print_config "hpet: %s(%d):\n"
> >     <6> init/do_mounts.c:605 prepare_namespace "Waiting for root device %s...\n"
> >     <6> drivers/acpi/osl.c:1410 acpi_no_auto_serialize_setup "ACPI: auto-serialization disabled\n"
> > 
> > This mitigates the majority of cases where we have a highly-specific
> > printk which we want to match on, as we can now enumerate and check
> > whether the format changed or the printk callsite disappeared entirely
> > in userspace. This allows us to catch changes to printks we monitor
> > earlier and decide what to do about it before it becomes problematic.
> > 
> > There is no additional runtime cost for printk callers or printk itself,
> > and the assembly generated is exactly the same.
> > 
> > Chris Down (5):
> >   string_helpers: Escape double quotes in escape_special
> >   printk: Straighten out log_flags into printk_info_flags
> >   printk: Rework parse_prefix into printk_parse_prefix
> >   printk: Userspace format indexing support
> >   printk: index: Add indexing support to dev_printk
> 
> The patchset looks ready for linux-next from my POV. I could fixup the
> messages as suggested by Andy when pushing.
> 
> Well, I would still like to get acks from:
> 
>    + Andy for the 1st patch
>    + Jessica for the changes in the module loader code in 4th patch.

They provided the Acks, so that we could push it.

Andrew, this patchset depends on seq_file and string_helpers changes
that are in -mm tree:

lib-string_helpers-switch-to-use-bit-macro.patch
lib-string_helpers-move-escape_np-check-inside-else-branch-in-a-loop.patch
lib-string_helpers-drop-indentation-level-in-string_escape_mem.patch
lib-string_helpers-introduce-escape_na-for-escaping-non-ascii.patch
lib-string_helpers-introduce-escape_nap-to-escape-non-ascii-and-non-printable.patch
lib-string_helpers-allow-to-append-additional-characters-to-be-escaped.patch
lib-test-string_helpers-print-flags-in-hexadecimal-format.patch
lib-test-string_helpers-get-rid-of-trailing-comma-in-terminators.patch
lib-test-string_helpers-add-test-cases-for-new-features.patch
maintainers-add-myself-as-designated-reviewer-for-generic-string-library.patch
seq_file-introduce-seq_escape_mem.patch
seq_file-add-seq_escape_str-as-replica-of-string_escape_str.patch
seq_file-convert-seq_escape-to-use-seq_escape_str.patch
nfsd-avoid-non-flexible-api-in-seq_quote_mem.patch
seq_file-drop-unused-_escape_mem_ascii.patch


Would you mind to take this patchset via -mm tree as well, please?

You were not in CC. Should Chris send v8 with all the Acks and
you in CC?

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ