. Removed kernel.patch since it is no longer required

. Changed SOCK_STREAM to SOCK_DGRAM in syslog.c

 . klogd will only change the console log level if `-c' is supplied

 . syslogd.c by Bill Nottingham <notting@redhat.com>

   Um, if the directory is invalid, the bind() call in
   create_unix_socket fails. Without the return -1, we return the
   invalid fd that we just closed.  When syslogd then starts
   listening, select goes into a hard loop getting EBADF, IIRC.

 . klogd.c by Troels Walsted Hansen <troels@thule.no>

   I found a bug in the sysklogd package version 1.4. When it
   encounters a zero byte in the kernel logging output, the text
   parser enters a busy loop. I came upon it when the 3c59x driver
   from kernel 2.4.0 started outputting two zero bytes for the product
   code of my laptop's 3Com card. It could be argued that the kernel
   should never output zero bytes in the logging info, but obviously
   that will happen from time to time.

   I fear this bug might be considered a security issue as well, if
   the kernel can be coerced to output a zero byte somehow, all kernel
   logging will stop.

   Wolfgang Oertl <Wolfgang.Oertl@uibk.ac.at> had a similar bugfix
   idea

 . klogd.c by Thomas Roessler <roessler@does-not-exist.org>

   Additionally, the patch prevents LogLine from being invoked with a
   negative counter as an argument.
This commit is contained in:
Joey Schulze 2001-03-11 19:35:52 +00:00
parent dffa03bda1
commit c6edf85cd6
6 changed files with 37 additions and 76 deletions

11
CHANGES
View File

@ -1,3 +1,14 @@
Version 1.4.1
. klogd will set the console log level only if `-c' is given on the
commandline, not overwriting local settings in `/etc/sysctl.conf'.
. Bugfix: klogd will use SOCK_DGRM as well, re-enables kernel logging
. Bugfix: Don't make syslogd fail with broken `-a'
. Bugfix: klogd will skip zero bytes and not enter a busy loop anymore
. Thomas Roessler <roessler@does-not-exist.org>
- Patch to prevent LogLine() from being invoked with a negative
counter as an argument.
Version 1.4
. Skip newline when reading in klog messages

View File

@ -1,70 +0,0 @@
diff -u --recursive --new-file v1.3.42/linux/arch/alpha/kernel/process.c linux/arch/alpha/kernel/process.c
--- v1.3.42/linux/arch/alpha/kernel/process.c Tue Oct 10 18:46:30 1995
+++ linux/arch/alpha/kernel/process.c Sat Nov 18 12:23:19 1995
@@ -57,8 +57,8 @@
void show_regs(struct pt_regs * regs)
{
- printk("\nps: %04lx pc: %016lx\n", regs->ps, regs->pc);
- printk("rp: %016lx sp: %p\n", regs->r26, regs+1);
+ printk("\nps: %04lx pc: [<%016lx>]\n", regs->ps, regs->pc);
+ printk("rp: [<%016lx>] sp: %p\n", regs->r26, regs+1);
printk(" r0: %016lx r1: %016lx r2: %016lx r3: %016lx\n",
regs->r0, regs->r1, regs->r2, regs->r3);
printk(" r4: %016lx r5: %016lx r6: %016lx r7: %016lx\n",
diff -u --recursive --new-file v1.3.42/linux/arch/alpha/kernel/traps.c linux/arch/alpha/kernel/traps.c
--- v1.3.42/linux/arch/alpha/kernel/traps.c Wed Sep 27 15:59:56 1995
+++ linux/arch/alpha/kernel/traps.c Sat Nov 18 12:22:52 1995
@@ -25,8 +25,8 @@
return;
printk("%s(%d): %s %ld\n", current->comm, current->pid, str, err);
sp = (unsigned long) (regs+1);
- printk("pc = %lx ps = %04lx\n", regs->pc, regs->ps);
- printk("rp = %lx sp = %lx\n", regs->r26, sp);
+ printk("pc = [<%lx>] ps = %04lx\n", regs->pc, regs->ps);
+ printk("rp = [<%lx>] sp = %lx\n", regs->r26, sp);
printk("r0=%lx r1=%lx r2=%lx r3=%lx\n",
regs->r0, regs->r1, regs->r2, regs->r3);
printk("r8=%lx\n", regs->r8);
diff -u --recursive --new-file v1.3.42/linux/arch/i386/kernel/process.c linux/arch/i386/kernel/process.c
--- v1.3.42/linux/arch/i386/kernel/process.c Wed Nov 8 07:11:29 1995
+++ linux/arch/i386/kernel/process.c Sat Nov 18 12:08:28 1995
@@ -124,7 +124,7 @@
void show_regs(struct pt_regs * regs)
{
printk("\n");
- printk("EIP: %04x:%08lx",0xffff & regs->cs,regs->eip);
+ printk("EIP: %04x:[<%08lx>]",0xffff & regs->cs,regs->eip);
if (regs->cs & 3)
printk(" ESP: %04x:%08lx",0xffff & regs->ss,regs->esp);
printk(" EFLAGS: %08lx\n",regs->eflags);
diff -u --recursive --new-file v1.3.42/linux/arch/i386/kernel/traps.c linux/arch/i386/kernel/traps.c
--- v1.3.42/linux/arch/i386/kernel/traps.c Wed Nov 8 07:11:30 1995
+++ linux/arch/i386/kernel/traps.c Tue Nov 21 08:34:54 1995
@@ -27,7 +27,7 @@
asmlinkage int system_call(void);
asmlinkage void lcall7(void);
-struct desc_struct default_ldt;
+struct desc_struct default_ldt;
static inline void console_verbose(void)
{
@@ -113,7 +113,7 @@
console_verbose();
printk("%s: %04lx\n", str, err & 0xffff);
printk("CPU: %d\n", smp_processor_id());
- printk("EIP: %04x:%08lx\nEFLAGS: %08lx\n", 0xffff & regs->cs,regs->eip,regs->eflags);
+ printk("EIP: %04x:[<%08lx>]\nEFLAGS: %08lx\n", 0xffff & regs->cs,regs->eip,regs->eflags);
printk("eax: %08lx ebx: %08lx ecx: %08lx edx: %08lx\n",
regs->eax, regs->ebx, regs->ecx, regs->edx);
printk("esi: %08lx edi: %08lx ebp: %08lx esp: %08lx\n",
@@ -153,7 +153,7 @@
((addr >= module_start) && (addr <= module_end))) {
if (i && ((i % 8) == 0))
printk("\n ");
- printk("%08lx ", addr);
+ printk("[<%08lx>] ", addr);
i++;
}
}

13
klogd.8
View File

@ -148,11 +148,16 @@ the syslogd daemon. This prevents 'nuisance' messages such as line
printer out of paper or disk change detected from cluttering the
console.
By default the
When
.B \-c
is given on the commandline the
.B klogd
daemon executes a system call to inhibit all
kernel messages (except for panics) from being displayed on the
console. The \fB\-c\fR switch can be used to alter this behavior. The
daemon will execute a system call to inhibit all kernel messages from
being displayed on the console. Former versions always issued this
system call and defaulted to all kernel messages except for panics.
This is handled differently nowardays so
.B klogd
doesn't need to set this value anymore. The
argument given to the \fB\-c\fR switch specifies the priority level of
messages which will be directed to the console. Note that messages of
a priority value LOWER than the indicated number will be directed to

View File

@ -142,7 +142,13 @@ how older versions behave, so you might have to turn this on.
.BI "\-s " "domainlist"
Specify a domainname that should be stripped off before
logging. Multiple domains may be specified using the colon (``:'')
separator. Remember that the first match is used, not the best.
separator.
Please be advised that no sub-domains may be specified but only entire
domains. For example if
.B "\-s north.de"
is specified and the host logging resolves to satu.infodrom.north.de
no domain would be cut, you will have to specify two domains like:
.BR "\-s north.de:infodrom.north.de" .
.TP
.B "\-v"
Print version and exit.

View File

@ -44,6 +44,9 @@ static char sccsid[] = "@(#)syslog.c 5.28 (Berkeley) 6/27/90";
* patch which was announced in the linux-security mailing lists
* and incorporated into the libc version of syslog.c.
*
* Sun Mar 11 20:23:44 CET 2001: Martin Schulze <joey@infodrom.ffis.de>
* Use SOCK_DGRAM for loggin, renables it to work.
*
*/
#include <sys/types.h>
@ -208,7 +211,7 @@ openlog(ident, logstat, logfac)
strncpy(SyslogAddr.sa_data, _PATH_LOGNAME,
sizeof(SyslogAddr.sa_data));
if (LogStat & LOG_NDELAY) {
LogFile = socket(AF_UNIX, SOCK_STREAM, 0);
LogFile = socket(AF_UNIX, SOCK_DGRAM, 0);
/* fcntl(LogFile, F_SETFD, 1); */
}
}

View File

@ -436,6 +436,11 @@ static char sccsid[] = "@(#)syslogd.c 5.27 (Berkeley) 10/10/88";
* Removed unixm/unix domain sockets and switch to Datagram Unix
* Sockets. This should remove one possibility to play DoS with
* syslogd. Thanks to Olaf Kirch <okir@caldera.de> for the patch.
*
* Sun Mar 11 20:23:44 CET 2001: Martin Schulze <joey@infodrom.ffis.de>
* Don't return a closed fd if `-a' is called with a wrong path.
* Thanks to Bill Nottingham <notting@redhat.com> for providing
* a patch.
*/
@ -1200,6 +1205,7 @@ static int create_unix_socket(const char *path)
#ifndef SYSV
die(0);
#endif
return -1;
}
return fd;
}