Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 26 Apr 2020 12:07:48 +0000
From: Patrick Schleizer <adrelanos@...eup.net>
To: lkrg-users@...ts.openwall.com
Subject: Re: LKRG unfit for installation by default in Whonix /
 Kicksecure due to kernel boot console output - usability issue

Adam Zabrocki:
>
https://bitbucket.org/Adam_pi3/lkrg-main/commits/f2ab708a675c94e239583a1b496d728082218651


I see a lot code duplication there.

"Lost module:\nname[%s] module at addr[0x%lx] module core[0x%lx] with
size[0x%x] hash[0x%llx]\n",

etc.

As a non-literate in C programming I am not sure my suggestion makes
sense but could this log output be refactored into a shared function or
macro?

> Maybe we should use P_LKRG_WARN? for 
> now it will be P_LKRG_INFO.


Not sure. I guess P_LKRG_INFO is OK because nobody but the most experts
will be able to deduce "system compromised" or anything from these
module load messages. But if they are, nothing is lost for them. Not
using P_LKRG_WARN might make it easier to add a dmesg log parser and/or
lkrg GUI showing only likely system compromise (or false-positive).

> Please let me know if that helps.


This looks excellent! Also git commit messages are very informative.

Will test soon and report if found any issues.

Kind regards,
Patrick

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.