lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Aug 2022 08:50:24 +0300
From:   Alexey Dobriyan <adobriyan@...il.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, josh@...htriplett.org, deller@....de
Subject: Re: +
 lib-dump_stack-add-dump_stack_print_cmdline-and-wire-up-in-dump_stack_print_info.patch
 added to mm-nonmm-unstable branch

On Wed, Aug 17, 2022 at 12:55:40PM -0700, Andrew Morton wrote:
> Add the function dump_stack_print_cmdline() which can be used by arch code
> to print the command line of the current processs.  This function is
> useful in arch code when dumping information for a faulting process.
> 
> Wire this function up in the dump_stack_print_info() function to include
> the dumping of the command line for architectures which use
> dump_stack_print_info().
> 
> As an example, with this patch a failing glibc testcase (which uses
> ld.so.1 as starting program) up to now reported just "ld.so.1" failing:
> 
>  do_page_fault() command='ld.so.1' type=15 address=0x565921d8 in libc.so[f7339000+1bb000]
>  trap #15: Data TLB miss fault, vm_start = 0x0001a000, vm_end = 0x0001b000
> 
> and now it reports in addition:
> 
>  ld.so.1[1151] cmdline: /home/gnu/glibc/objdir/elf/ld.so.1 --library-path =
> /home/gnu/glibc/objdir:/home/gnu/glibc/objdir/math:/home/gnu/
>     /home/gnu/glibc/objdir/malloc/tst-safe-linking-malloc-hugetlb1
> 
> Josh Triplett noted that dumping such command line parameters into syslog
> may theoretically lead to information disclosure.  That's why this patch
> checks the value of the kptr_restrict sysctl variable and will not print
> any information if kptr_restrict==2, and will not show the program
> parameters if kptr_restrict==1.

This whole feature needs its own sysctl. How is "kernel pointer restriction"
is related to "dump full command line to syslog at segfault"?

I've checked my non-customised Fedora system and kptr_restrict is 0.
It looks like Centos and Ubuntu ship with kptr_restrict=1.

There was a patch recently to hide specific command line options from
/proc/*/cmdline because some programs accept passwords from the command
line.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ