From: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
To: Linus Torvalds <torvalds@linux-foundation.org>,
"Ken'ichi Ohmichi" <oomichi@mxs.nes.nec.co.jp>,
Masaki Tachibana <mas-tachibana@vf.jp.nec.com>,
Kazuhito Hagio <k-hagio@ab.jp.nec.com>
Cc: Kees Cook <keescook@chromium.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] uts: Don't randomize "struct uts_namespace".
Date: Sat, 7 Jul 2018 08:10:08 +0900 [thread overview]
Message-ID: <271dcdcd-d622-552c-338a-5eeca5e2b4a0@i-love.sakura.ne.jp> (raw)
In-Reply-To: <CA+55aFzK5z4VQEMQAOqVHXpm+o_gd_eg5Vecck07E=WmoO6BFA@mail.gmail.com>
Hello Ken'ichi,
I noticed that makedumpfile ( https://sourceforge.net/p/makedumpfile/code/ )
can no longer detect kernel version correctly because "struct uts_namespace"
(which is exposed to userspace via vmcoreinfo) is subjected to randomization
by GCC_PLUGIN_RANDSTRUCT kernel config option since 4.13.
The code was introduced by below commit.
commit bfc8fe181c822ad0d8495ceda3c7109a407192f0
Author: ken1_ohmichi <ken1_ohmichi>
Date: Fri Dec 22 07:41:14 2006 +0000
linux-2.6.19 support.
On linux-2.6.18 or former, the release information could be gotten from
the symbol "system_utsname". But on linux-2.6.19, it can be done from the
symbol "init_uts_ns". A new makedumpfile can get the release information
from the existing symbol.
Can you detect kernel version without using "struct uts_namespace" ?
On 2018/07/07 1:11, Linus Torvalds wrote:
> On Fri, Jul 6, 2018 at 3:07 AM Tetsuo Handa
> <penguin-kernel@i-love.sakura.ne.jp> wrote:
>>
>> I noticed that makedumpfile utility is failing to check kernel version, for
>> it depends on offset of "struct uts_namespace"->name being sizeof(int).
>
> For something like this, we fix makedumpfile instead. This is not a
> "user program" using system calls etc, this is something that delves
> into the kernel dump and tries to make sense of it.
>
> Where is the makedumpfile source code? What is it trying to do, and why?
>
> One option is to just say "hey, you can't make much sense of a
> randomized kernel dump anyway, so don't even try".
>
> Linus
>
next prev parent reply other threads:[~2018-07-06 23:10 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-06 10:07 [PATCH] uts: Don't randomize "struct uts_namespace" Tetsuo Handa
2018-07-06 16:11 ` Linus Torvalds
2018-07-06 23:10 ` Tetsuo Handa [this message]
2018-07-11 14:07 ` Fwd: " Tetsuo Handa
2018-07-11 16:31 ` Kazuhito Hagio
2018-07-11 16:31 ` Kazuhito Hagio
2018-07-06 23:19 ` Kees Cook
2018-07-06 23:35 ` Tetsuo Handa
2018-07-07 0:55 ` Eric W. Biederman
2018-07-07 0:55 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=271dcdcd-d622-552c-338a-5eeca5e2b4a0@i-love.sakura.ne.jp \
--to=penguin-kernel@i-love.sakura.ne.jp \
--cc=k-hagio@ab.jp.nec.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mas-tachibana@vf.jp.nec.com \
--cc=oomichi@mxs.nes.nec.co.jp \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.