Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Linux IT

Linux 6.12 To Optionally Display A QR Code During Kernel Panics (phoronix.com) 44

New submitter meisdug writes: A new feature has been submitted for inclusion in Linux 6.12, allowing the display of a QR code when a kernel panic occurs using the DRM Panic handler. This QR code can capture detailed error information that is often missed in traditional text-based panic messages, making it more user-friendly. The feature, written in Rust, is optional and can be enabled via a specific build switch. This implementation follows similar ideas from other operating systems and earlier discussions in the Linux community.
This discussion has been archived. No new comments can be posted.

Linux 6.12 To Optionally Display A QR Code During Kernel Panics

Comments Filter:
  • by Pseudonymous Powers ( 4097097 ) on Friday August 30, 2024 @02:42PM (#64749470)

    ANAKIN: And when there's a kernel panic, there should be a QR code displayed.

    PADME: Haha, yeah, accompanied by a human-readable URL, right?

    ANAKIN: ...

    PADME: Accompanied by a human-readable URL, right?

    • Yeah, jesus, I know people are all poo-poo now on the holy white shining light that is the Unix Way, but do you really want to give some machine readable code before you even dump the backtrace or give a human readable panic_string ?!? I hope the QR code is "in addition to" not replacing the parts I use all the time to do crash dump analysis. However, since we are talking about Linus and other kernel devs, I have no doubt they feel me on this one and since they don't have some dicklick manager saying "No no
      • by Junta ( 36770 )

        The QR code contents are the trace data. Given an option between OCR of a video image or a QR code, the QR code gets you to text easier.

        If you are using serial console, you are already golden. But folks relying on video console for debugging, a QR code is so much nicer than trying to transcribe or OCR it.

    • by Junta ( 36770 ) on Friday August 30, 2024 @02:54PM (#64749494)

      Note a QR code is not automatically a URL.

      Here's the QR code from the article decoded, well, part of it:
      [ 3.319019] RPC: Registered tcp-with-tls transport module.
      [ 3.319019] RPC: Registered tcp NFSv4.1 backchannel transport module.
      [ 3.606789] NET: Registered PF_QIPCRTR protocol family
      [ 6.181205] rfkill: input handler disabled
      [ 7.416796] input: spice vdagent tablet as /devices/virtual/input/input7
      [ 61.830264] sysrq: Trigger a crash
      [ 61.830271] Kernel panic - not syncing: sysrq triggered crash
      [ 61.830276] CPU: 6 PID: 2354 Comm: bash Not tainted 6.10.0-rc1+ #88
      [ 61.830278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20240524-2.fc39 05/24/2024
      [ 61.830280] Call Trace:
      [ 61.830282]
      [ 61.830285] dump_stack_lvl+0x2d/0x90

    • People act like they can just read a URL and tell de novo that it is malicious, but you need prior information about what URL to expect.

      In most cases, showing the plain text URL isn't actually infomrative.

      • Well, as someone else pointed out, the information in this case isn't even a URL. It's the last few lines of some sort of error log. I'm not a systems guy: when my kernel panics, I try rebooting once and, if that doesn't work I quit computers forever.

        Nonetheless, I stand by my assertion--well, previously, just an implication, but now I'm explicitly asserting it--that showing a QR code unaccompanied by human-readable text, in any context, is a deeply unkind, anti-usability, and frankly unprofessional thing

  • and email & text message would all be good features if any of those can be done by the OS on its way down
    • Re: (Score:2, Funny)

      by JamesTRexx ( 675890 )

      Don't worry, systemd will have a new feature which will catch the kernel panic and then restart the system into its systemd-virtual-machine-kernel service and keep everything running.

  • And how long until it's forgotten and bought by scammers or a porn site?

    • How long before a supply chain attack or local attack changes the URL to something nefarious?

      "My system crashed, then I scanned the QR code and my phone crashed too!"

      • How long before a supply chain attack or local attack changes the URL to something nefarious?

        "My system crashed, then I scanned the QR code and my phone crashed too!"

        Don't worry, Android and iOS are being updated to display a code you can punch into your PC browser ... oh, wait. :-)

        Up next: (a) phone number and (b) postal mailing address ...

      • by caseih ( 160668 )

        What URL? Did you read the article? The QR code contains the crash information itself. You scan it, copy it to the clipboard, paste it in a bug report.

        • Sure could be anything, including an attack. My eyes cannot easily decode it so that I know its safe.

          QR codes are dumb as dirt.

          • "Sure could be anything, including an attack."

            A sequence of characters is "an attack"?

            My eyes cannot easily decode it so that I know its safe.

            Well then you decode it, look at the contents, THEN you decide what to do with it? Like any normal person? I don't get it; where's the issue?

            • Yes, inputs to software can break that software, even when all of the inputs are valid/intended there can be bugs.

              Yes, lots of attacks start with inputs, including strings.

              Your device is not just decoding a QR code to text (in memory), it is also likely taking an action with the decoded data, like displaying the data or visiting a URL. There is an attack surface there.

              • And how incredibly broken do you think the software have to be to fail at decoding a picture of a QR code into an in-memory string and displaying the string? That sounds borderline paranoid, like being worried that pressing a specific short sequence of keys in Notepad will break it.
                • Unless your QR scanner app decides its not a string but a URL and then proceeds to connect to that URL, which hosts a zero day for your app/phone. This kind of shit really happens. The obfuscation created by the QR code is working against you and so are the convenience functions of your app.

    • by Junta ( 36770 ) on Friday August 30, 2024 @03:01PM (#64749520)

      This is a QR code that does *not* encode a URL. There's no server, there's no trace upload. It's the same textual panic data as you've always seen, but wrapped in a QR code so it's easier for someone to 'scrape' to text from a monitor or a virtual console screenshot.

      Feed the example QR code:
      https://www.phoronix.net/image... [phoronix.net]

      Into a qrcode scanner and you'll get a trace that is too much to paste in a comment, but ends with:
      [ 61.830352] entry_SYSCALL_64_after_hwframe+0x76/0x7e
      [ 61.830356] RIP: 0033:0x7f11316cb834
      [ 61.830360] Code: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d 15 f8 0d 00 00 74 13 b8 01 00 00 00 0f 05 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89
      [ 61.830361] RSP: 002b:00007ffc1b0593c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
      [ 61.830364] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f11316cb834
      [ 61.830365] RDX: 0000000000000002 RSI: 00005566aa3202e0 RDI: 0000000000000001
      [ 61.830366] RBP: 00007ffc1b0593f0 R08: 0000000000000073 R09: 00000000ffffffff
      [ 61.830367] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
      [ 61.830368] R13: 00005566aa3202e0 R14: 00007f11317a45c0 R15: 00007f11317a1f00
      [ 61.830371]
      [ 61.830543] Kernel Offset: 0x3a000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)

      Note how effortless it was for me to go from a screenshot of a panic to pasting plain text of it. That's the benefit. Serial consoles are more straightforward when the userbase is amenable, for for those dealing with monitors, this is a significantly better way to enable people to pass on the textual data.

    • Domain? Dude ... do you think that all QR codes lead to a link or something? A QR code is nothing more than an encoding of text.

  • by zuckie13 ( 1334005 ) on Friday August 30, 2024 @03:10PM (#64749542)

    Your Kernel panics
    Big beautiful QR code show sup on the screen (note - their page only shows this, not this in addition to the usual printout)
    You grab your phone to run it in a QR code scanner to decode it.
    This becomes the norm/expected for you.
    Then you click that link/run that malicious thing that makes you think there was a kernel panic and shows the same identical screen with that big beautiful QR code for you to decode
    You scan it and.............yeah.

    • It does not "become the norm". Regular users A) are never confronted to a kernel panic; B) don't run a kernel with the QR code thing activated. Only very developers and very advanced users will activate this option and are confronted to such panics.

      If you are a developer and you are getting kernel panics, what you do is get the text and paste it into an email. No URLs are involved and if you see an URL you know it was not a kernel panic.

      Mimicking a kernel panic isn't easy. Linux is designed to avoid such sc

      • by tlhIngan ( 30335 )

        The kernel QR code just contains the last lines of the printk buffer, as well as exception information. Detailed technical information anyone can scan with their phone and post to the support forums.

        The kernel panics and if you're lucky, you've got text you can snap a photo of and post to support, but that's annoying because the photo's text isn't searchable. Now they can post the problem and provide a kernel dump so people can more easily search through the information.

        The QR code can contain a URL if you

        • (the URL is settable via a kernel variable, so really, anyone can control what it is)

          Surely, "anyone with access to root-user privileges"? Which should be a pretty small subset of "anyone(really, anyone)".

          Mostly this is over my head, but I do remember the Alt-SysRq thing as a useful keyboard combo from using Xenix on Compaqs in ... 1989, IIRC. So that's potentially something useful I've got out of this topic.

    • by caseih ( 160668 )

      That's not how this works.

    • If someone is in a position to spoof a kernel panic handler, you have bigger problems than a QR code.

  • To contain actual useful information it would have to be fucking huge.. [looks at example in article].. Yea like that!

    So, is there still some text so the user can at least know the responsible module to blame? That example looks like it's hiding everything unless you have a phoney.
  • The post says:
    "This QR code can capture detailed error information that is often missed in traditional text-based panic messages, making it more user-friendly."

    I understand why a QR code, if it does indeed supply more info, is thus more useful, more utilitarian, more meaningful for debugging or crash analysis, etc. Even that might be subject to some debate, but anything that supplies more pertinent information rather than less is nominally useful.

    But, how is a QR code more "USER FRIENDLY"?
    Is that the opini

  • I don't have a monitor. My employer doesn't allow cameras in the plant.
    • I don't have a monitor. My employer doesn't allow cameras in the plant.

      If you don't have a monitor, it doesn't matter whether cameras are allowed or not, does it?

      OTOH it might work on a teletype

"Remember, extremism in the nondefense of moderation is not a virtue." -- Peter Neumann, about usenet

Working...