From: Josh Poimboeuf <jpoimboe@redhat.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>,
Thomas Gleixner <tglx@linutronix.de>,
Kees Cook <keescook@chromium.org>,
"H . Peter Anvin" <hpa@zytor.com>,
Nilay Vaish <nilayvaish@gmail.com>,
the arch/x86 maintainers <x86@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Andy Lutomirski <luto@amacapital.net>,
Ingo Molnar <mingo@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Brian Gerst <brgerst@gmail.com>,
Byungchul Park <byungchul.park@lge.com>,
Peter Zijlstra <peterz@infradead.org>
Subject: Re: [PATCH 3/6] x86/dumpstack: make printk_stack_address() more generally useful
Date: Fri, 26 Aug 2016 00:56:58 -0500 [thread overview]
Message-ID: <20160826055658.igc5dghceuwwb6vu@treble> (raw)
In-Reply-To: <CA+55aFw4hfHMNn_vPGwKjUafV42C+H5ba4S29iJvk225etZ1pg@mail.gmail.com>
On Thu, Aug 25, 2016 at 09:40:12PM -0700, Linus Torvalds wrote:
> On Thu, Aug 25, 2016 at 8:19 PM, Josh Poimboeuf <jpoimboe@redhat.com> wrote:
> > So yes, dmesg_restrict sounds useful to me. It's a way to prevent users
> > from seeing kernel addresses without affecting my ability to debug
> > issues. For a locked down system, why would non-root users need to
> > access dmesg anyway?
>
> That's the point. It is only useful for locked-down systems.
>
> But that also means that IT IS NOT USEFUL AS A SECURITY ARGUMENT -
> since it's simply not relevant to most systems out there.
>
> Most systems aren't locked down.
Ok, so maybe removing kernel text addresses from the stack dump wouldn't
be the end of the world.
But I still don't quite understand your statement that dmesg_restrict is
only useful for locked down systems.
To prevent kernel address disclosure, it seems we already rely on the
user setting kptr_restrict today, otherwise I can do cat
/proc/self/stack and the game is already lost, right?
So what's the difference between expecting the user to set kptr_restrict
vs dmesg_restrict?
--
Josh
next prev parent reply other threads:[~2016-08-26 5:58 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-24 16:50 [PATCH 0/6] x86/dumpstack: more stack dump improvements Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 1/6] perf/x86: check perf_callchain_store() error Josh Poimboeuf
2016-09-08 9:48 ` [tip:x86/asm] perf/x86: Check " tip-bot for Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 2/6] oprofile/x86: add regs->ip to oprofile trace Josh Poimboeuf
2016-08-30 11:30 ` Robert Richter
2016-09-08 9:48 ` [tip:x86/asm] oprofile/x86: Add " tip-bot for Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 3/6] x86/dumpstack: make printk_stack_address() more generally useful Josh Poimboeuf
2016-08-24 17:28 ` Joe Perches
2016-08-24 18:43 ` Josh Poimboeuf
2016-08-24 19:07 ` Joe Perches
2016-08-24 19:24 ` Josh Poimboeuf
2016-08-24 19:57 ` Joe Perches
2016-08-24 18:03 ` Linus Torvalds
2016-08-24 18:22 ` Peter Zijlstra
2016-08-24 18:37 ` Linus Torvalds
2016-08-24 19:37 ` Josh Poimboeuf
2016-08-25 17:49 ` Josh Poimboeuf
2016-08-25 20:41 ` Kees Cook
2016-08-25 21:07 ` Josh Poimboeuf
[not found] ` <CA+55aFy3sgA4=ZPhiDWiRMvWj9QPhUd0JBdUr1hm_6G0aSC6uw@mail.gmail.com>
2016-08-26 2:19 ` Kees Cook
2016-08-26 3:19 ` Josh Poimboeuf
2016-08-26 4:40 ` Linus Torvalds
2016-08-26 5:56 ` Josh Poimboeuf [this message]
[not found] ` <CA+55aFy8FPRiEr-4p++TGj+keTNsg781q1E1FQZ7z4+nAs0ZaQ@mail.gmail.com>
2016-08-26 13:30 ` Josh Poimboeuf
2016-08-31 16:53 ` Josh Poimboeuf
2016-08-31 17:15 ` Linus Torvalds
2016-09-01 13:09 ` Josh Poimboeuf
2016-09-01 16:30 ` Linus Torvalds
2016-09-08 9:49 ` [tip:x86/asm] x86/dumpstack: Make " tip-bot for Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 4/6] x86/dumpstack: add get_stack_pointer() and get_frame_pointer() Josh Poimboeuf
2016-09-08 9:49 ` [tip:x86/asm] x86/dumpstack: Add " tip-bot for Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 5/6] x86/dumpstack: remove unnecessary stack pointer arguments Josh Poimboeuf
2016-09-08 9:50 ` [tip:x86/asm] x86/dumpstack: Remove " tip-bot for Josh Poimboeuf
2016-08-24 16:50 ` [PATCH 6/6] x86/dumpstack: allow preemption in show_stack_log_lvl() and dump_trace() Josh Poimboeuf
2016-09-08 7:04 ` Ingo Molnar
2016-09-08 21:47 ` Josh Poimboeuf
2016-09-08 21:49 ` [PATCH v2] " Josh Poimboeuf
2016-09-13 18:29 ` Ingo Molnar
2016-09-13 19:38 ` Josh Poimboeuf
2016-09-14 17:39 ` [tip:x86/asm] x86/dumpstack: Allow " tip-bot for Josh Poimboeuf
2016-09-09 6:11 ` [PATCH 6/6] x86/dumpstack: allow " Ingo Molnar
2016-09-01 13:13 ` [PATCH 0/6] x86/dumpstack: more stack dump improvements Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160826055658.igc5dghceuwwb6vu@treble \
--to=jpoimboe@redhat.com \
--cc=brgerst@gmail.com \
--cc=byungchul.park@lge.com \
--cc=fweisbec@gmail.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=nilayvaish@gmail.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.