| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Sep 2021 13:24:45 -0500
From: Andrew Halaney <ahalaney@...hat.com>
To: jim.cromie@...il.com
Cc: Jason Baron <jbaron@...mai.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] dyndbg: make dyndbg a known cli param
On Fri, Sep 10, 2021 at 11:14:45AM -0600, jim.cromie@...il.com wrote:
> On Thu, Sep 9, 2021 at 3:34 PM Jason Baron <jbaron@...mai.com> wrote:
>
> >
> >
> > On 9/9/21 12:17 PM, Andrew Halaney wrote:
> > > Right now dyndbg shows up as an unknown parameter if used on boot:
> > >
> > > Unknown command line parameters: dyndbg=module params +p ; module
> > sys +p
> > >
> > > That's because it is unknown, it doesn't sit in the __param
> > > section, so the processing done to warn users supplying an unknown
> > > parameter doesn't think it is legitimate.
> > >
>
>
> your usage is incorrect for what youre trying to do in that example
> what you need is:
>
> params.dyndbg=+p sys.dyndbg=+p
>
> dyndbg is properly unknown as a kernel param, it isnt one.
> ( it was called a "fake" module param when added.)
> $module.dyndbg is good, since its after the $module. (and the dot)
> it also then inherits the "scan bootargs for relevant ones on module load"
> behavior
>
>
That example is (slightly altered) from
Documentation/admin-guide/dynamic-debug-howto.rst,
I can change the example used to be a little less confusing (using the
module keyword is confusing, I could use something like
func or file instead of what the docs use as an example).
Is that what you're after, a better example usage of dyndbg= being
whined about in dmesg for the commit message, or am I misunderstanding?
I agree that dyndbg right now (both dyndbg= and $module.dyndbg=) are
"fake" params, but I'd like to remove that message for dyndbg= as it is
misleading. The code for module loading luckily already handles it all
properly and doesn't warn on proper usage:
static int unknown_module_param_cb(char *param, char *val, const char *modname,
void *arg)
{
struct module *mod = arg;
int ret;
if (strcmp(param, "async_probe") == 0) {
mod->async_probe_requested = true;
return 0;
}
/* Check for magic 'dyndbg' arg */
ret = ddebug_dyndbg_module_param_cb(param, val, modname);
if (ret != 0)
pr_warn("%s: unknown parameter '%s' ignored\n", modname, param);
return 0;
}
>
>
>
> >
> > > Install a dummy handler to register it. This was chosen instead of the
> > > approach the (deprecated) ddebug_query param takes, which is to
> > > have a real handler that copies the string taking up a KiB memory.
> > >
> > > Fixes: 86d1919a4fb0 ("init: print out unknown kernel parameters")
> > > Signed-off-by: Andrew Halaney <ahalaney@...hat.com>
> > > ---
> > >
> > > This is the last valid param I know of that was getting flagged on boot
> > > if used correctly. Please let me know if the alternative approach of
> > > actually copying the string is preferred and I'll spin that up instead.
> > >
> >
> > Hi Andrew,
> >
> > So I think you are referring to the string copying that ddebug_query= does.
> > I don't think that works for 'dyndbg=' b/c its actually looking through
> > the entire command line for stuff like <module_name>.dyndbg="blah".
> >
> > So I think what you prposed below makes sense, we could perhaps add a note
> > as to why it's a noop. As I mentioned it needs to look through the entire
> > string.
> >
> >
> > > Sort of an aside, but what's the policy for removing deprecated cli
> > > params? ddebug_query has been deprecated for a very long time now, but I
> > > am not sure if removing params like that is considered almost as bad as
> > > breaking userspace considering some systems might update their kernels
> > > but not the bootloader supplying the param.
> >
> > I think it's probably ok to remove at this point, especially now that
> > we are going to flag it as unknown, right? So I feel like that change
> > can logically go with this series if you want as a separate patch.
> >
> > Thanks,
> >
> > -Jason
> >
> >
> > >
> > > lib/dynamic_debug.c | 12 ++++++++++++
> > > 1 file changed, 12 insertions(+)
> > >
> > > diff --git a/lib/dynamic_debug.c b/lib/dynamic_debug.c
> > > index cb5abb42c16a..84c16309cc63 100644
> > > --- a/lib/dynamic_debug.c
> > > +++ b/lib/dynamic_debug.c
> > > @@ -761,6 +761,18 @@ static __init int ddebug_setup_query(char *str)
> > >
> > > __setup("ddebug_query=", ddebug_setup_query);
> > >
> > > +/*
> > > + * Install a noop handler to make dyndbg look like a normal kernel cli
> > param.
> > > + * This avoids warnings about dyndbg being an unknown cli param when
> > supplied
> > > + * by a user.
> > > + */
> > > +static __init int dyndbg_setup(char *str)
> > > +{
> > > + return 1;
> > > +}
> > > +
> > > +__setup("dyndbg=", dyndbg_setup);
> > > +
> > > /*
> > > * File_ops->write method for <debugfs>/dynamic_debug/control. Gathers
> > the
> > > * command text from userspace, parses and executes it.
> > >
> >
Powered by blists - more mailing lists