From: Kaiwan N Billimoria <kaiwan.billimoria@gmail.com>
To: Alexander Popov <alex.popov@linux.com>,
Jonathan Corbet <corbet@lwn.net>,
Linus Torvalds <torvalds@linux-foundation.org>,
Paul McKenney <paulmck@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Peter Zijlstra <peterz@infradead.org>,
Joerg Roedel <jroedel@suse.de>,
Maciej Rozycki <macro@orcam.me.uk>,
Muchun Song <songmuchun@bytedance.com>,
Viresh Kumar <viresh.kumar@linaro.org>,
Robin Murphy <robin.murphy@arm.com>,
Randy Dunlap <rdunlap@infradead.org>,
Lu Baolu <baolu.lu@linux.intel.com>,
Petr Mladek <pmladek@suse.com>, Kees Cook <keescook@chromium.org>,
Luis Chamberlain <mcgrof@kernel.org>, Wei Liu <wl@xen.org>,
John Ogness <john.ogness@linutronix.de>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Alexey Kardashevskiy <aik@ozlabs.ru>,
Christophe Leroy <christophe.leroy@csgroup.eu>,
Jann Horn <jannh@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Mark Rutland <mark.rutland@arm.com>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Steven Rostedt <rostedt@goodmis.org>,
Will Deacon <will@kernel.org>, Ard Biesheuvel <ardb@kernel.org>,
Laura Abbott <labbott@kernel.org>,
David S Miller <davem@davemloft.net>,
Borislav Petkov <bp@alien8.de>, Arnd Bergmann <arnd@arndb.de>,
Andrew Scull <ascull@google.com>, Marc Zyngier <maz@kernel.org>,
Jessica Yu <jeyu@kernel.org>, Iurii Zaikin <yzaikin@google.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Wang Qing <wangqing@vivo.com>, Mel Gorman <mgorman@suse.de>,
Mauro Carvalho Chehab <mchehab+huawei@kernel.org>,
Andrew Klychkov <andrew.a.klychkov@gmail.com>,
Mathieu Chouquet-Stringer <me@mathieu.digital>,
Daniel Borkmann <daniel@iogearbox.net>,
Stephen Kitt <steve@sk2.org>, Stephen Boyd <sboyd@kernel.org>,
Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
Mike Rapoport <rppt@kernel.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
kernel-hardening@lists.openwall.com,
linux-hardening@vger.kernel.org, linux-doc@vger.kernel.org,
linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org
Cc: notify@kernel.org
Subject: Re: [PATCH v2 0/2] Introduce the pkill_on_warn parameter
Date: Mon, 15 Nov 2021 13:42:12 +0530 [thread overview]
Message-ID: <d4bf6e277e1fc5dbd9026a8fdd705599de87ba6b.camel@gmail.com> (raw)
In-Reply-To: <20211027233215.306111-1-alex.popov@linux.com>
On Thu, 2021-10-28 at 02:32 +0300, Alexander Popov wrote:
> [...]
>
> From a security point of view, kernel warning messages provide a lot of
> useful information for attackers. Many GNU/Linux distributions allow
> unprivileged users to read the kernel log, so attackers use kernel
> warning infoleak in vulnerability exploits.
At the risk of being too simplistic, if the intention is to cut down infoleaks,
why not simply have a config (and/or sysctl) to toggle it - both at kernel build
as well as at runtime via a sysctl.
A minimal starting attempt at this, definitely incomplete (i've not actually written
the config anywhere, sorry, I'd just like to propose this as an idea for now) could
be something like this? (Am calling the kconfig CONFIG_TERSE_DIAGS_ONWARN):
---
kernel/panic.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/kernel/panic.c b/kernel/panic.c
index cefd7d82366f..bbf00b0a8110 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -587,10 +587,8 @@ void __warn(const char *file, int line, void *caller, unsigned taint,
if (args)
vprintk(args->fmt, args->args);
- print_modules();
-
- if (regs)
- show_regs(regs);
+ if (IS_ENABLED(CONFIG_TERSE_DIAGS_ONWARN))
+ return;
if (panic_on_warn) {
/*
@@ -603,6 +601,11 @@ void __warn(const char *file, int line, void *caller, unsigned taint,
panic("panic_on_warn set ...\n");
}
+ print_modules();
+
+ if (regs)
+ show_regs(regs);
+
if (!regs)
dump_stack();
--
2.25.1
Further, am unsure precisely which portions of diagnostic output would be useful
to retain when the config's on. Of course, this "patch" is very premature. Of course,
am open to suggestions on all of this,
Regards
prev parent reply other threads:[~2021-11-15 8:13 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-27 23:32 [PATCH v2 0/2] Introduce the pkill_on_warn parameter Alexander Popov
2021-10-27 23:32 ` [PATCH v2 1/2] bug: do refactoring allowing to add a warning handling action Alexander Popov
2021-10-27 23:32 ` [PATCH v2 2/2] sysctl: introduce kernel.pkill_on_warn Alexander Popov
2021-11-12 21:24 ` Steven Rostedt
2021-11-12 18:52 ` [PATCH v2 0/2] Introduce the pkill_on_warn parameter Alexander Popov
2021-11-12 21:26 ` Linus Torvalds
2021-11-13 18:14 ` Alexander Popov
2021-11-13 19:58 ` Linus Torvalds
2021-11-14 14:21 ` Marco Elver
2021-11-15 13:59 ` Lukas Bulwahn
2021-11-15 15:51 ` [ELISA Safety Architecture WG] " Gabriele Paoloni
2021-11-16 7:52 ` Alexander Popov
2021-11-16 8:01 ` Lukas Bulwahn
2021-11-16 8:41 ` Petr Mladek
2021-11-16 9:19 ` Lukas Bulwahn
2021-11-16 13:20 ` James Bottomley
2021-11-15 16:06 ` Steven Rostedt
2021-11-15 22:06 ` Kees Cook
2021-11-16 9:12 ` Alexander Popov
2021-11-16 18:41 ` Kees Cook
2021-11-16 19:00 ` Casey Schaufler
2021-11-18 17:32 ` Kees Cook
2021-11-18 18:30 ` Casey Schaufler
2021-11-18 20:29 ` Kees Cook
2021-11-16 13:07 ` James Bottomley
2021-11-20 12:17 ` Marco Elver
2021-11-22 16:21 ` Steven Rostedt
2021-11-16 6:37 ` Christophe Leroy
2021-11-16 8:34 ` Alexander Popov
2021-11-16 8:57 ` Lukas Bulwahn
2021-11-15 8:12 ` Kaiwan N Billimoria [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d4bf6e277e1fc5dbd9026a8fdd705599de87ba6b.camel@gmail.com \
--to=kaiwan.billimoria@gmail.com \
--cc=aik@ozlabs.ru \
--cc=akpm@linux-foundation.org \
--cc=alex.popov@linux.com \
--cc=andrew.a.klychkov@gmail.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=ascull@google.com \
--cc=baolu.lu@linux.intel.com \
--cc=bjorn.andersson@linaro.org \
--cc=bp@alien8.de \
--cc=christophe.leroy@csgroup.eu \
--cc=corbet@lwn.net \
--cc=daniel@iogearbox.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=jeyu@kernel.org \
--cc=john.ogness@linutronix.de \
--cc=jroedel@suse.de \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=luto@kernel.org \
--cc=macro@orcam.me.uk \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=mcgrof@kernel.org \
--cc=mchehab+huawei@kernel.org \
--cc=me@mathieu.digital \
--cc=mgorman@suse.de \
--cc=notify@kernel.org \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=rdunlap@infradead.org \
--cc=robin.murphy@arm.com \
--cc=rostedt@goodmis.org \
--cc=rppt@kernel.org \
--cc=sboyd@kernel.org \
--cc=songmuchun@bytedance.com \
--cc=steve@sk2.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tsbogend@alpha.franken.de \
--cc=viresh.kumar@linaro.org \
--cc=wangqing@vivo.com \
--cc=will@kernel.org \
--cc=wl@xen.org \
--cc=yzaikin@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).