Bug#845177: patch

2017-01-19 Thread Manuel Schölling 
Adam's patch is pretty trivial. I developed the new feature for the
kernel and agree that his patch solves the issue.
I also don't see any problems with this patch for kernels that have
CONFIG_VGACON_SOFT_SCROLLBACK=n.
We tested this escape sequence for kernels with and without
CONFIG_VGACON_SOFT_SCROLLBACK and
CONFIG_VGACON_SOFT_SCROLLBACK_PERSISTENT - there were no issues.

duko: Would be great if you could apply it in time!

Thanks!

Manuel

Bug#845177: [PATCH v10 3/4] console: Add persistent scrollback buffers for all VGA consoles

2017-01-19 Thread Adam Borowski 
On Thu, Jan 19, 2017 at 05:33:14PM +0100, Greg KH wrote:
> On Thu, Jan 19, 2017 at 05:12:15PM +0100, Manuel Schölling wrote:
> > On Thu, 2017-01-19 at 14:23 +0100, Greg KH wrote:
> > > On Fri, Jan 13, 2017 at 09:07:57PM +0100, Manuel Schölling wrote:
> > > > +     This feature might break your tool of choice to flush
> > > > the scrollback
> > > > +     buffer, e.g. clear(1) will work fine but Debian's
> > > > clear_console(1)
> > > > +     will be broken, which might cause security issues.
> > > > +     You can use the escape sequence \e[3J instead if this
> > > > feature is
> > > > +     activated.
> > > 
> > > This issue is the one that makes me the most worried.  Why doesn't
> > > clear_console() work anymore?  Why doesn't it use \e[3J ?
> > 
> > Well, clear_console() just switches from one console to another and
> > back again. It just assumes that the scrollback buffer is flushed when
> > switching.
> > My plan is to make a patch for clear_console() as soon as these patches
> > are in the kernel - it's chicken-and-egg problem.
> 
> I'd recommend that patch get to clear_console() first, having it use the
> new escape sequence, if it isn't supported, shouldn't cause any
> problems, right?

In that case, we need to hurry -- the last day for any non-serious fixes in
Debian is Jan 26, after that it'll be frozen for months, and any subsequent
changes won't get to stable users for around two years.

doko: would you consider, pretty please with a cherry on top, applying the
patch I've sent to this bug?  The privacy/security issue is pretty minor and
applies only to a tiny fraction of users, but I understand why Greg is
reluctant.

Manuel's scrollback changes won't go to 4.9, and won't be enabled by default
for the time being, but using a newer kernel on old userspace is something
really widespread, be it via bpo, containers on an updated host, etc.


Meow!
-- 
Autotools hint: to do a zx-spectrum build on a pdp11 host, type:
  ./configure --host=zx-spectrum --build=pdp11

Bug#845177: patch

2016-11-21 Thread Adam Borowski 
Control: tags -1 +patch

Here's the obvious patch.

It has an extra bonus of working even when the TERM variable is unset or set
to something that terminfo doesn't recognize.

Please apply before the freeze, if you do we'll be able to flip the default
for CONFIG_VGACON_SOFT_SCROLLBACK_PERSISTENT two years sooner.


Meow!
-- 
A true bird-watcher waves his tail while doing so.
diff -Nru bash-4.4/debian/clear_console.c bash-4.4/debian/clear_console.c
--- bash-4.4/debian/clear_console.c	2013-10-23 14:41:22.0 +0200
+++ bash-4.4/debian/clear_console.c	2016-11-21 21:31:17.0 +0100
@@ -172,6 +172,12 @@
   struct vt_stat vtstat;
 #endif
 
+  /* Linux console secure erase (since 2.6.39), this is sufficient there;
+ other terminals silently ignore this code.  If they don't and write junk
+ instead, well, we're clearing the screen anyway.
+   */ 
+  write(1, "\e[3J", 4);
+
   /* clear screen */
   setupterm((char *) 0, 1, (int *) 0);
   if (tputs(clear_screen, lines > 0 ? lines : 1, putch) == ERR)