From: Sage Weil <sage@newdream.net>
Date: Sat, 19 Jun 2021 16:56:18 +0000 (-0400)
Subject: mgr/telemetry: redact python crash dump in telemetry
X-Git-Tag: v17.1.0~1552^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=1ecda507eb35d9ff0b056d68b2f3b47e8bc2afb8;p=ceph.git

mgr/telemetry: redact python crash dump in telemetry

Include the exception value in teh crash dump, but redact it in telemetry.
That way the operator can see it (it's useful info!) but we don't risk
sharing identifying data via telemetry.

Signed-off-by: Sage Weil <sage@newdream.net>
---

diff --git a/src/mgr/PyModule.cc b/src/mgr/PyModule.cc
index fc03d68df1fd..c554ff1d00aa 100644
--- a/src/mgr/PyModule.cc
+++ b/src/mgr/PyModule.cc
@@ -106,8 +106,7 @@ std::string handle_pyerror(
     PyObject *l = get_managed_object(formatted_list, boost::python::tag);
     if (PyList_Check(l)) {
       // skip first line, which is: "Traceback (most recent call last):\n"
-      // omit last line, which contains a runtime value that may be identifying!
-      for (unsigned i = 1; i < PyList_Size(l) - 1; ++i) {
+      for (unsigned i = 1; i < PyList_Size(l); ++i) {
 	PyObject *val = PyList_GET_ITEM(l, i);
 	std::string s = PyUnicode_AsUTF8(val);
 	s.resize(s.size() - 1);  // strip off newline character
diff --git a/src/pybind/mgr/telemetry/module.py b/src/pybind/mgr/telemetry/module.py
index 6f36f87ff26e..79c29b89811c 100644
--- a/src/pybind/mgr/telemetry/module.py
+++ b/src/pybind/mgr/telemetry/module.py
@@ -306,7 +306,10 @@ class Module(MgrModule):
             if errno:
                 continue
             c = json.loads(crashinfo)
+
+            # redact hostname
             del c['utsname_hostname']
+
             # entity_name might have more than one '.', beware
             (etype, eid) = c.get('entity_name', '').split('.', 1)
             m = hashlib.sha1()
@@ -315,6 +318,12 @@ class Module(MgrModule):
             m.update(eid.encode('utf-8'))
             m.update(self.salt.encode('utf-8'))
             c['entity_name'] = etype + '.' + m.hexdigest()
+
+            # redact final line of python tracebacks, as the exception
+            # payload may contain identifying information
+            if 'mgr_module' in c:
+                c['backtrace'][-1] = '<redacted>'
+
             crashlist.append(c)
         return crashlist