Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/Documentation/security/sak.rst 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) =========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) Linux Secure Attention Key (SAK) handling
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3) =========================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5) :Date: 18 March 2001
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6) :Author: Andrew Morton
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) An operating system's Secure Attention Key is a security tool which is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) provided as protection against trojan password capturing programs.  It
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) is an undefeatable way of killing all programs which could be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) masquerading as login applications.  Users need to be taught to enter
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) this key sequence before they log in to the system.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) From the PC keyboard, Linux has two similar but different ways of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) providing SAK.  One is the ALT-SYSRQ-K sequence.  You shouldn't use
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) this sequence.  It is only available if the kernel was compiled with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) sysrq support.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) The proper way of generating a SAK is to define the key sequence using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) ``loadkeys``.  This will work whether or not sysrq support is compiled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) into the kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) SAK works correctly when the keyboard is in raw mode.  This means that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) once defined, SAK will kill a running X server.  If the system is in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) run level 5, the X server will restart.  This is what you want to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) happen.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) What key sequence should you use? Well, CTRL-ALT-DEL is used to reboot
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) the machine.  CTRL-ALT-BACKSPACE is magical to the X server.  We'll
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) choose CTRL-ALT-PAUSE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) In your rc.sysinit (or rc.local) file, add the command::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) 	echo "control alt keycode 101 = SAK" | /bin/loadkeys
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) And that's it!  Only the superuser may reprogram the SAK key.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) .. note::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)   1. Linux SAK is said to be not a "true SAK" as is required by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)      systems which implement C2 level security.  This author does not
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)      know why.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)   2. On the PC keyboard, SAK kills all applications which have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47)      /dev/console opened.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)      Unfortunately this includes a number of things which you don't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50)      actually want killed.  This is because these applications are
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51)      incorrectly holding /dev/console open.  Be sure to complain to your
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)      Linux distributor about this!
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)      You can identify processes which will be killed by SAK with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)      command::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) 	# ls -l /proc/[0-9]*/fd/* | grep console
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 	l-wx------    1 root     root           64 Mar 18 00:46 /proc/579/fd/0 -> /dev/console
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)      Then::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) 	# ps aux|grep 579
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) 	root       579  0.0  0.1  1088  436 ?        S    00:43   0:00 gpm -t ps/2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)      So ``gpm`` will be killed by SAK.  This is a bug in gpm.  It should
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)      be closing standard input.  You can work around this by finding the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67)      initscript which launches gpm and changing it thusly:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)      Old::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) 	daemon gpm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73)      New::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) 	daemon gpm < /dev/null
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)      Vixie cron also seems to have this problem, and needs the same treatment.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79)      Also, one prominent Linux distribution has the following three
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80)      lines in its rc.sysinit and rc scripts::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) 	exec 3<&0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) 	exec 4>&1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) 	exec 5>&2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86)      These commands cause **all** daemons which are launched by the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87)      initscripts to have file descriptors 3, 4 and 5 attached to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88)      /dev/console.  So SAK kills them all.  A workaround is to simply
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)      delete these lines, but this may cause system management
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90)      applications to malfunction - test everything well.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91)
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.