From: Jason Cooper <jason@lakedaemon.net>
To: Levente Kurusa <levex@linux.com>
Cc: PJ Waskiewicz <pjwaskiewicz@gmail.com>,
Dirk Hohndel <hohndel@infradead.org>,
ksummit-discuss@lists.linuxfoundation.org,
Anton Arapov <arapov@gmail.com>
Subject: Re: [Ksummit-discuss] [TECH TOPIC] QR encoded oops for the kernel
Date: Mon, 12 May 2014 13:24:49 -0400 [thread overview]
Message-ID: <20140512172449.GB12708@titan.lakedaemon.net> (raw)
In-Reply-To: <20140512164921.GB3509@linux.com>
On Mon, May 12, 2014 at 06:49:21PM +0200, Levente Kurusa wrote:
> On Mon, May 12, 2014 at 11:53:20AM -0400, Jason Cooper wrote:
> > On Sun, May 11, 2014 at 07:18:24PM +0200, Levente Kurusa wrote:
...
> > > I guess we should also be careful with the bugzilla. We really don't
> > > want propertiary driver crashes added to the bugzilla automatically.
> >
> > Correct, but the data is still worth recording.
> >
> > > Nor do we want the same oops added twice, right?
> >
> > We don't want two bugzilla entries, but we do want to know how many
> > times this event has happened.
> >
> > > How would we differentiate between the two - essentially the same -
> > > oopses?
> >
> > Hmm, oops cookie? hex string of 32/64 bits read off of the entropy
> > pool? This would give us an accurate number of events even if a user
> > scans multiple times.
>
> Hmm, I've been wondering about this too. I guess 32 bits are enough to
> differentiate between oopses, and adding this to the QR code is
> relatively easy as well.
I was thinking directly in the oops. Never underestimate the tenacity
of a user. You'll get the qr-code scan, _and_ a bug report filed with a
grainy picture.
> What I wonder is how could we get the server back-end to not
> allow the same oopses from bad users.
>
> Having a link like:
>
> oops.kernel.org/submit_oops.php?qr=$ENTROPY$BASE64DATA
>
> would mean that malicious users could edit the $ENTROPY part and
> hence effectively report the same oops twice. Maybe some checksum?
> Or will it be too much for an already damaged kernel?
encoding it in the oops text makes this a lot more difficult. Plus,
what is the goal of the attacker in this scenario?
thx,
Jason.
next prev parent reply other threads:[~2014-05-12 17:24 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-11 4:14 Jason Cooper
2014-05-11 15:57 ` Sarah A Sharp
2014-05-11 16:29 ` Levente Kurusa
2014-05-11 16:37 ` Laurent Pinchart
2014-05-11 17:18 ` Levente Kurusa
2014-05-11 17:52 ` Teodora Băluţă
2014-05-11 21:49 ` Laurent Pinchart
2014-05-12 16:15 ` Jason Cooper
2014-05-12 16:36 ` Levente Kurusa
2014-05-12 16:53 ` H. Peter Anvin
2014-05-30 18:55 ` Steven Rostedt
2014-05-12 17:00 ` Johannes Berg
2014-05-12 17:46 ` Teodora Băluţă
[not found] ` <CACV2jQCV=rRFg-+x1B3H1=GM5rB_YWp1UU1p7xXkozHKv1Ewvg@mail.gmail.com>
2014-05-13 6:44 ` [Ksummit-discuss] Fwd: " Teodora Băluţă
2014-05-13 7:08 ` Josh Triplett
2014-05-13 15:52 ` Levente Kurusa
2014-05-13 18:42 ` Andy Lutomirski
2014-05-13 20:18 ` josh
2014-05-14 8:20 ` Johannes Berg
2014-05-14 15:52 ` Josh Triplett
2014-05-14 16:00 ` H. Peter Anvin
2014-05-14 16:09 ` Andy Lutomirski
2014-05-14 18:54 ` Josh Triplett
2014-05-14 20:00 ` Levente Kurusa
2014-05-14 20:24 ` Daniel Vetter
2014-05-19 11:59 ` David Herrmann
2014-05-14 22:55 ` Josh Triplett
2014-05-15 12:44 ` Levente Kurusa
2014-05-15 19:19 ` H. Peter Anvin
2014-05-15 19:18 ` H. Peter Anvin
2014-05-15 20:41 ` Levente Kurusa
2014-05-13 14:45 ` [Ksummit-discuss] " David Woodhouse
2014-05-15 19:21 ` H. Peter Anvin
2014-05-15 19:53 ` Jiri Kosina
2014-05-12 15:53 ` Jason Cooper
2014-05-12 16:49 ` Levente Kurusa
2014-05-12 17:09 ` H. Peter Anvin
2014-05-12 17:50 ` Teodora Băluţă
2014-05-13 11:25 ` Greg KH
2014-05-13 14:41 ` Sarah A Sharp
2014-05-13 15:05 ` Greg KH
2014-05-13 15:51 ` Sarah A Sharp
2014-05-13 15:59 ` Josh Boyer
2014-05-13 16:07 ` Theodore Ts'o
2014-05-13 17:43 ` Levente Kurusa
2014-05-13 18:14 ` Teodora Baluta
2014-05-15 14:24 ` Levente Kurusa
2014-05-15 16:02 ` Teodora Băluţă
2014-05-14 1:14 ` Josh Boyer
2014-05-15 17:01 ` Levente Kurusa
2014-05-15 17:11 ` Josh Boyer
2014-05-17 15:02 ` Levente Kurusa
2014-05-15 5:41 ` PJ Waskiewicz
2014-05-15 15:41 ` Theodore Ts'o
2014-05-17 16:36 ` Levente Kurusa
2014-05-20 14:47 ` Theodore Ts'o
2014-05-21 18:03 ` Levente Kurusa
2014-05-25 19:49 ` Teodora Băluţă
2014-05-15 19:24 ` H. Peter Anvin
2014-05-15 21:13 ` Levente Kurusa
2014-05-13 16:03 ` Greg KH
2014-05-12 17:24 ` Jason Cooper [this message]
2014-05-11 17:49 ` Sarah A Sharp
2014-05-12 10:13 ` Masami Hiramatsu
2014-05-12 2:38 ` H. Peter Anvin
2014-05-12 6:13 ` Josh Triplett
2014-05-12 9:23 ` David Woodhouse
2014-05-12 13:48 ` Lukáš Czerner
2014-05-12 16:24 ` Jason Cooper
2014-05-12 16:45 ` H. Peter Anvin
2014-05-12 16:22 ` Jason Cooper
2014-05-12 16:46 ` H. Peter Anvin
2014-05-12 17:32 ` Jason Cooper
2014-05-12 17:42 ` Sarah A Sharp
2014-05-12 15:46 ` Jason Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140512172449.GB12708@titan.lakedaemon.net \
--to=jason@lakedaemon.net \
--cc=arapov@gmail.com \
--cc=hohndel@infradead.org \
--cc=ksummit-discuss@lists.linuxfoundation.org \
--cc=levex@linux.com \
--cc=pjwaskiewicz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox