Re: 8250 serial console fixes -- issue

[Glen Turner]

[Noting that I know next-to-nothing about kernel programming,
 but I have been down this particular road before...]

Russell King wrote:
> Maybe flush_old_exec() should be a little more careful
> about what it copies, changing non-alphanumeric characters
> to '?' ?

I'm not sure it can do that, if the kernel policy is to
be 8-bit clean (to allow UTF-8 to work without coding
UTF-8 knowledge into the kernel).

What the code could do is not printk() user-influenced strings
at all. For example, mm/oom_kill.c could print just the process
ID here:

  printk(KERN_ERR "Out of Memory: Killed process %d (%s).\n",
         p->pid, p->comm);


The usual solution to this problem is to mark user-derived
strings as tainted and then check for the taint attribute
when strings are requested to be output.  But since this
is a kernel I don't suppose you'd be keen doing that :-)

I suppose you need a policy decision -- are strings scrubbed
on input (I've coded this once and it is really quite tricky).
And then do you need a scrubbed and non-scrubbed version of
p->comm (as comparing scrubbed p->comm for equality is
problematic and probably expolitable). Or do you simply not
output strings which have been tainted by contact with users.

--
 Glen Turner         Tel: (08) 8303 3936 or +61 8 8303 3936
 Australia's Academic & Research Network  www.aarnet.edu.au
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/