. Removed kernel.patch since it is no longer required
. Changed SOCK_STREAM to SOCK_DGRAM in syslog.c . klogd will only change the console log level if `-c' is supplied . syslogd.c by Bill Nottingham <notting@redhat.com> Um, if the directory is invalid, the bind() call in create_unix_socket fails. Without the return -1, we return the invalid fd that we just closed. When syslogd then starts listening, select goes into a hard loop getting EBADF, IIRC. . klogd.c by Troels Walsted Hansen <troels@thule.no> I found a bug in the sysklogd package version 1.4. When it encounters a zero byte in the kernel logging output, the text parser enters a busy loop. I came upon it when the 3c59x driver from kernel 2.4.0 started outputting two zero bytes for the product code of my laptop's 3Com card. It could be argued that the kernel should never output zero bytes in the logging info, but obviously that will happen from time to time. I fear this bug might be considered a security issue as well, if the kernel can be coerced to output a zero byte somehow, all kernel logging will stop. Wolfgang Oertl <Wolfgang.Oertl@uibk.ac.at> had a similar bugfix idea . klogd.c by Thomas Roessler <roessler@does-not-exist.org> Additionally, the patch prevents LogLine from being invoked with a negative counter as an argument.
This commit is contained in:
parent
dffa03bda1
commit
c6edf85cd6
11
CHANGES
11
CHANGES
@ -1,3 +1,14 @@
|
||||
Version 1.4.1
|
||||
|
||||
. klogd will set the console log level only if `-c' is given on the
|
||||
commandline, not overwriting local settings in `/etc/sysctl.conf'.
|
||||
. Bugfix: klogd will use SOCK_DGRM as well, re-enables kernel logging
|
||||
. Bugfix: Don't make syslogd fail with broken `-a'
|
||||
. Bugfix: klogd will skip zero bytes and not enter a busy loop anymore
|
||||
. Thomas Roessler <roessler@does-not-exist.org>
|
||||
- Patch to prevent LogLine() from being invoked with a negative
|
||||
counter as an argument.
|
||||
|
||||
Version 1.4
|
||||
|
||||
. Skip newline when reading in klog messages
|
||||
|
70
kernel.patch
70
kernel.patch
@ -1,70 +0,0 @@
|
||||
diff -u --recursive --new-file v1.3.42/linux/arch/alpha/kernel/process.c linux/arch/alpha/kernel/process.c
|
||||
--- v1.3.42/linux/arch/alpha/kernel/process.c Tue Oct 10 18:46:30 1995
|
||||
+++ linux/arch/alpha/kernel/process.c Sat Nov 18 12:23:19 1995
|
||||
@@ -57,8 +57,8 @@
|
||||
|
||||
void show_regs(struct pt_regs * regs)
|
||||
{
|
||||
- printk("\nps: %04lx pc: %016lx\n", regs->ps, regs->pc);
|
||||
- printk("rp: %016lx sp: %p\n", regs->r26, regs+1);
|
||||
+ printk("\nps: %04lx pc: [<%016lx>]\n", regs->ps, regs->pc);
|
||||
+ printk("rp: [<%016lx>] sp: %p\n", regs->r26, regs+1);
|
||||
printk(" r0: %016lx r1: %016lx r2: %016lx r3: %016lx\n",
|
||||
regs->r0, regs->r1, regs->r2, regs->r3);
|
||||
printk(" r4: %016lx r5: %016lx r6: %016lx r7: %016lx\n",
|
||||
diff -u --recursive --new-file v1.3.42/linux/arch/alpha/kernel/traps.c linux/arch/alpha/kernel/traps.c
|
||||
--- v1.3.42/linux/arch/alpha/kernel/traps.c Wed Sep 27 15:59:56 1995
|
||||
+++ linux/arch/alpha/kernel/traps.c Sat Nov 18 12:22:52 1995
|
||||
@@ -25,8 +25,8 @@
|
||||
return;
|
||||
printk("%s(%d): %s %ld\n", current->comm, current->pid, str, err);
|
||||
sp = (unsigned long) (regs+1);
|
||||
- printk("pc = %lx ps = %04lx\n", regs->pc, regs->ps);
|
||||
- printk("rp = %lx sp = %lx\n", regs->r26, sp);
|
||||
+ printk("pc = [<%lx>] ps = %04lx\n", regs->pc, regs->ps);
|
||||
+ printk("rp = [<%lx>] sp = %lx\n", regs->r26, sp);
|
||||
printk("r0=%lx r1=%lx r2=%lx r3=%lx\n",
|
||||
regs->r0, regs->r1, regs->r2, regs->r3);
|
||||
printk("r8=%lx\n", regs->r8);
|
||||
diff -u --recursive --new-file v1.3.42/linux/arch/i386/kernel/process.c linux/arch/i386/kernel/process.c
|
||||
--- v1.3.42/linux/arch/i386/kernel/process.c Wed Nov 8 07:11:29 1995
|
||||
+++ linux/arch/i386/kernel/process.c Sat Nov 18 12:08:28 1995
|
||||
@@ -124,7 +124,7 @@
|
||||
void show_regs(struct pt_regs * regs)
|
||||
{
|
||||
printk("\n");
|
||||
- printk("EIP: %04x:%08lx",0xffff & regs->cs,regs->eip);
|
||||
+ printk("EIP: %04x:[<%08lx>]",0xffff & regs->cs,regs->eip);
|
||||
if (regs->cs & 3)
|
||||
printk(" ESP: %04x:%08lx",0xffff & regs->ss,regs->esp);
|
||||
printk(" EFLAGS: %08lx\n",regs->eflags);
|
||||
diff -u --recursive --new-file v1.3.42/linux/arch/i386/kernel/traps.c linux/arch/i386/kernel/traps.c
|
||||
--- v1.3.42/linux/arch/i386/kernel/traps.c Wed Nov 8 07:11:30 1995
|
||||
+++ linux/arch/i386/kernel/traps.c Tue Nov 21 08:34:54 1995
|
||||
@@ -27,7 +27,7 @@
|
||||
|
||||
asmlinkage int system_call(void);
|
||||
asmlinkage void lcall7(void);
|
||||
-struct desc_struct default_ldt;
|
||||
+struct desc_struct default_ldt;
|
||||
|
||||
static inline void console_verbose(void)
|
||||
{
|
||||
@@ -113,7 +113,7 @@
|
||||
console_verbose();
|
||||
printk("%s: %04lx\n", str, err & 0xffff);
|
||||
printk("CPU: %d\n", smp_processor_id());
|
||||
- printk("EIP: %04x:%08lx\nEFLAGS: %08lx\n", 0xffff & regs->cs,regs->eip,regs->eflags);
|
||||
+ printk("EIP: %04x:[<%08lx>]\nEFLAGS: %08lx\n", 0xffff & regs->cs,regs->eip,regs->eflags);
|
||||
printk("eax: %08lx ebx: %08lx ecx: %08lx edx: %08lx\n",
|
||||
regs->eax, regs->ebx, regs->ecx, regs->edx);
|
||||
printk("esi: %08lx edi: %08lx ebp: %08lx esp: %08lx\n",
|
||||
@@ -153,7 +153,7 @@
|
||||
((addr >= module_start) && (addr <= module_end))) {
|
||||
if (i && ((i % 8) == 0))
|
||||
printk("\n ");
|
||||
- printk("%08lx ", addr);
|
||||
+ printk("[<%08lx>] ", addr);
|
||||
i++;
|
||||
}
|
||||
}
|
13
klogd.8
13
klogd.8
@ -148,11 +148,16 @@ the syslogd daemon. This prevents 'nuisance' messages such as line
|
||||
printer out of paper or disk change detected from cluttering the
|
||||
console.
|
||||
|
||||
By default the
|
||||
When
|
||||
.B \-c
|
||||
is given on the commandline the
|
||||
.B klogd
|
||||
daemon executes a system call to inhibit all
|
||||
kernel messages (except for panics) from being displayed on the
|
||||
console. The \fB\-c\fR switch can be used to alter this behavior. The
|
||||
daemon will execute a system call to inhibit all kernel messages from
|
||||
being displayed on the console. Former versions always issued this
|
||||
system call and defaulted to all kernel messages except for panics.
|
||||
This is handled differently nowardays so
|
||||
.B klogd
|
||||
doesn't need to set this value anymore. The
|
||||
argument given to the \fB\-c\fR switch specifies the priority level of
|
||||
messages which will be directed to the console. Note that messages of
|
||||
a priority value LOWER than the indicated number will be directed to
|
||||
|
@ -142,7 +142,13 @@ how older versions behave, so you might have to turn this on.
|
||||
.BI "\-s " "domainlist"
|
||||
Specify a domainname that should be stripped off before
|
||||
logging. Multiple domains may be specified using the colon (``:'')
|
||||
separator. Remember that the first match is used, not the best.
|
||||
separator.
|
||||
Please be advised that no sub-domains may be specified but only entire
|
||||
domains. For example if
|
||||
.B "\-s north.de"
|
||||
is specified and the host logging resolves to satu.infodrom.north.de
|
||||
no domain would be cut, you will have to specify two domains like:
|
||||
.BR "\-s north.de:infodrom.north.de" .
|
||||
.TP
|
||||
.B "\-v"
|
||||
Print version and exit.
|
||||
|
5
syslog.c
5
syslog.c
@ -44,6 +44,9 @@ static char sccsid[] = "@(#)syslog.c 5.28 (Berkeley) 6/27/90";
|
||||
* patch which was announced in the linux-security mailing lists
|
||||
* and incorporated into the libc version of syslog.c.
|
||||
*
|
||||
* Sun Mar 11 20:23:44 CET 2001: Martin Schulze <joey@infodrom.ffis.de>
|
||||
* Use SOCK_DGRAM for loggin, renables it to work.
|
||||
*
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -208,7 +211,7 @@ openlog(ident, logstat, logfac)
|
||||
strncpy(SyslogAddr.sa_data, _PATH_LOGNAME,
|
||||
sizeof(SyslogAddr.sa_data));
|
||||
if (LogStat & LOG_NDELAY) {
|
||||
LogFile = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
LogFile = socket(AF_UNIX, SOCK_DGRAM, 0);
|
||||
/* fcntl(LogFile, F_SETFD, 1); */
|
||||
}
|
||||
}
|
||||
|
@ -436,6 +436,11 @@ static char sccsid[] = "@(#)syslogd.c 5.27 (Berkeley) 10/10/88";
|
||||
* Removed unixm/unix domain sockets and switch to Datagram Unix
|
||||
* Sockets. This should remove one possibility to play DoS with
|
||||
* syslogd. Thanks to Olaf Kirch <okir@caldera.de> for the patch.
|
||||
*
|
||||
* Sun Mar 11 20:23:44 CET 2001: Martin Schulze <joey@infodrom.ffis.de>
|
||||
* Don't return a closed fd if `-a' is called with a wrong path.
|
||||
* Thanks to Bill Nottingham <notting@redhat.com> for providing
|
||||
* a patch.
|
||||
*/
|
||||
|
||||
|
||||
@ -1200,6 +1205,7 @@ static int create_unix_socket(const char *path)
|
||||
#ifndef SYSV
|
||||
die(0);
|
||||
#endif
|
||||
return -1;
|
||||
}
|
||||
return fd;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user