From: Vlastimil Babka <vbabka@suse.cz>
To: Timur Tabi <timur@kernel.org>,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, torvalds@linux-foundation.org,
Petr Mladek <pmladek@suse.com>,
roman.fietze@magna.com, keescook@chromium.org,
Steven Rostedt <rostedt@goodmis.org>,
John Ogness <john.ogness@linutronix.de>,
linux-mm@kvack.org, Akinobu Mita <akinobu.mita@gmail.com>
Subject: Re: [PATCH 0/2] introduce DUMP_PREFIX_UNHASHED for hex dumps
Date: Tue, 26 Jan 2021 18:14:51 +0100 [thread overview]
Message-ID: <083dd940-60c1-4cc8-fc89-8815b253d5c5@suse.cz> (raw)
In-Reply-To: <cd9e7a31-e4f6-69d3-0648-c6228108b592@kernel.org>
On 1/26/21 5:59 PM, Timur Tabi wrote:
> On 1/26/21 10:47 AM, Vlastimil Babka wrote:
>> Given Linus' current stance later in this thread, could we revive the idea of a
>> boot time option, or at least a CONFIG (I assume a runtime toggle would be too
>> much, even if limited to !kernel_lockdown:) , that would disable all hashing?
>> It would be really useful for a development/active debugging, as evidenced
>> below. Thanks.
>
> So you're saying:
>
> if CONFIG_PRINTK_NEVER_HASH is disabled, then %p prints hashed addresses and %px
> prints unhashed.
>
> If CONFIG_PRINTK_NEVER_HASH is enabled, then %p and %px both print unhashed
> addresses.
Minimally, yes. KASLR is configurable like this, so why not printing of kernel
pointers?
> I like this idea, and I would accept it as a solution if I had to, but I still
> would also like for an option for print_hex_dump() to print unhashed addresses
> even when CONFIG_PRINTK_NEVER_HASH is disabled. I can't always recompile the
> entire kernel for my testing purposes.
Yeah, obviously a boot option would be nicer. The discussion Kees pointed to [1]
seemed to be about papering over problems with entropy? Not about making
development/debugging easier. But I understand it was not the first time and I
didn't check the older ones.
> The only drawback to this idea is: what happens if distros start enabling
> CONFIG_PRINTK_NEVER_HASH by default, just because it makes debugging easier?
There's tons of other options already where the choice is between security and
performance, and distros make their choice (including, again, KASLR itself).
Pointer hashing would be just another one.
If it was a boot option, I would personally be for leaving hashing enabled by
default, with opt-in boot option to disable it. Then if I'm instructing a user
to boot the distro kernel (without recompile) with e.g. slub_debug or
debug_pagealloc or page_owner in order to debug some issue, I would additionally
instruct them to add the 'no_pointer_hashing' parameter.
[1]
https://lore.kernel.org/lkml/CA+55aFwieC1-nAs+NFq9RTwaR8ef9hWa4MjNBWL41F-8wM49eA@mail.gmail.com/
next prev parent reply other threads:[~2021-01-27 0:35 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-16 22:09 [PATCH 0/2] introduce DUMP_PREFIX_UNHASHED for hex dumps Timur Tabi
2021-01-16 22:09 ` [PATCH 1/2] [v2] lib/hexdump: introduce DUMP_PREFIX_UNHASHED for unhashed addresses Timur Tabi
2021-01-18 10:03 ` Andy Shevchenko
2021-01-18 15:57 ` Timur Tabi
2021-01-18 17:14 ` Andy Shevchenko
2021-01-18 17:53 ` Timur Tabi
2021-01-16 22:09 ` [PATCH 2/2] mm/page_poison: use unhashed address in hexdump for check_poison_mem() Timur Tabi
2021-01-18 18:26 ` [PATCH 0/2] introduce DUMP_PREFIX_UNHASHED for hex dumps Matthew Wilcox
2021-01-18 19:03 ` Timur Tabi
2021-01-19 0:53 ` Sergey Senozhatsky
2021-01-19 1:47 ` Matthew Wilcox
2021-01-19 10:38 ` Sergey Senozhatsky
2021-01-19 19:45 ` Kees Cook
2021-01-26 16:47 ` Vlastimil Babka
2021-01-26 16:59 ` Timur Tabi
2021-01-26 17:14 ` Steven Rostedt
2021-01-26 17:14 ` Vlastimil Babka [this message]
2021-01-26 17:30 ` Timur Tabi
2021-01-26 17:39 ` Steven Rostedt
2021-01-26 17:40 ` Steven Rostedt
2021-01-26 19:23 ` John Ogness
2021-01-27 2:11 ` Sergey Senozhatsky
2021-01-27 3:22 ` Timur Tabi
2021-01-27 10:11 ` Petr Mladek
2021-01-27 10:38 ` Vlastimil Babka
2021-01-19 19:45 ` Kees Cook
2021-01-19 19:55 ` Timur Tabi
2021-01-19 20:10 ` Steven Rostedt
2021-01-19 20:49 ` Timur Tabi
2021-01-19 21:15 ` Steven Rostedt
2021-01-19 21:25 ` Timur Tabi
2021-01-20 9:19 ` Petr Mladek
2021-01-20 12:17 ` Matthew Wilcox
2021-01-20 19:39 ` Linus Torvalds
2021-01-19 20:18 ` Randy Dunlap
2021-01-20 20:28 ` Kees Cook
2021-01-19 2:30 ` Timur Tabi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=083dd940-60c1-4cc8-fc89-8815b253d5c5@suse.cz \
--to=vbabka@suse.cz \
--cc=akinobu.mita@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=john.ogness@linutronix.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pmladek@suse.com \
--cc=roman.fietze@magna.com \
--cc=rostedt@goodmis.org \
--cc=sergey.senozhatsky@gmail.com \
--cc=timur@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).