Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 7 Nov 2017 17:44:13 -0500
From: Steven Rostedt <rostedt@...dmis.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Kees Cook <keescook@...omium.org>, "Tobin C. Harding" <me@...in.cc>,
 "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>, Andy Lutomirski
 <luto@...nel.org>, Joe Perches <joe@...ches.com>, Network Development
 <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>,
 "kernel-hardening@...ts.openwall.com"
 <kernel-hardening@...ts.openwall.com>, "Jason A. Donenfeld"
 <Jason@...c4.com>, "Theodore Ts'o" <tytso@....edu>, Paolo Bonzini
 <pbonzini@...hat.com>, Tycho Andersen <tycho@...ker.com>, "Roberts, William
 C" <william.c.roberts@...el.com>, Tejun Heo <tj@...nel.org>, Jordan Glover
 <Golden_Miller83@...tonmail.ch>, Greg KH <gregkh@...uxfoundation.org>, Petr
 Mladek <pmladek@...e.com>, Ian Campbell <ijc@...lion.org.uk>, Sergey
 Senozhatsky <sergey.senozhatsky@...il.com>, Catalin Marinas
 <catalin.marinas@....com>, Will Deacon <wilal.deacon@....com>, Chris Fries
 <cfries@...gle.com>, Dave Weinstein <olorin@...gle.com>, Daniel Micay
 <danielmicay@...il.com>, Djalal Harouni <tixxdz@...il.com>, Linux Kernel
 Mailing List <linux-kernel@...r.kernel.org>, Peter Zijlstra
 <peterz@...radead.org>
Subject: Re: [PATCH v3] scripts: add leaking_addresses.pl

On Tue, 7 Nov 2017 13:44:01 -0800
Linus Torvalds <torvalds@...ux-foundation.org> wrote:

> > Looking other places that stand out, it seems like
> > /proc/lockdep_chains and /proc/lockdep (CONFIG_LOCKDEP=y) has a ton of
> > %p usage. It's unclear to me if a hash is sufficient for meaningful
> > debugging there?  
> 
> Maybe not, but that is also _so_ esoteric that I suspect the right fix
> is to just make it root-only readable.

Also note, I don't believe anyone should be running a LOCKDEP
configured kernel in a production (secured) environment. As it adds
quite a bit of overhead. It's something you run on test environments to
make sure it doesn't detect any possible deadlocks.

> 
> I've never used it, we should check with people who have. I get the
> feeling that this is purely for PeterZ debugging.

I've used it. But then again, I also debug lockdep ;-)

> 
> The very first commit that introduced that code actually has a
> 
>     (FIXME: should go into debugfs)
> 
> so I suspect it never should have been user-readable to begin with. I
> guess it makes some things easier, but it really is *very* different
> from things like profiling.

Want me to whip up a patch to move the file?

-- Steve

> 
> Profiling you often *cannot* do as root - some things you profile
> really shouldn't be run as root, and might even refuse to do so. So
> requiring you to be root just to get a kernel profile is very bad.
> 
> But looking at lockdep stats? Yeah, 'sudo' isn't so big of a deal.
> 
> 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.