lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 2 Nov 2017 13:43:24 +0000
From:   "Roberts, William C" <william.c.roberts@...el.com>
To:     "Tobin C. Harding" <me@...in.cc>,
        Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
CC:     Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        "kernel-hardening@...ts.openwall.com" 
        <kernel-hardening@...ts.openwall.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Theodore Ts'o <tytso@....edu>,
        "Linus Torvalds" <torvalds@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Tycho Andersen <tycho@...ker.com>, "Tejun Heo" <tj@...nel.org>,
        Jordan Glover <Golden_Miller83@...tonmail.ch>,
        Greg KH <gregkh@...uxfoundation.org>,
        Petr Mladek <pmladek@...e.com>, Joe Perches <joe@...ches.com>,
        Ian Campbell <ijc@...lion.org.uk>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <wilal.deacon@....com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Chris Fries <cfries@...gle.com>,
        Dave Weinstein <olorin@...gle.com>,
        Daniel Micay <danielmicay@...il.com>,
        Djalal Harouni <tixxdz@...il.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH V8 0/2] printk: hash addresses printed with %p



> -----Original Message-----
> From: Tobin C. Harding [mailto:me@...in.cc]
> Sent: Thursday, November 2, 2017 3:15 AM
> To: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
> Cc: Sergey Senozhatsky <sergey.senozhatsky@...il.com>; kernel-
> hardening@...ts.openwall.com; Jason A. Donenfeld <Jason@...c4.com>;
> Theodore Ts'o <tytso@....edu>; Linus Torvalds <torvalds@...ux-
> foundation.org>; Kees Cook <keescook@...omium.org>; Paolo Bonzini
> <pbonzini@...hat.com>; Tycho Andersen <tycho@...ker.com>; Roberts,
> William C <william.c.roberts@...el.com>; Tejun Heo <tj@...nel.org>; Jordan
> Glover <Golden_Miller83@...tonmail.ch>; Greg KH
> <gregkh@...uxfoundation.org>; Petr Mladek <pmladek@...e.com>; Joe
> Perches <joe@...ches.com>; Ian Campbell <ijc@...lion.org.uk>; Catalin Marinas
> <catalin.marinas@....com>; Will Deacon <wilal.deacon@....com>; Steven
> Rostedt <rostedt@...dmis.org>; Chris Fries <cfries@...gle.com>; Dave
> Weinstein <olorin@...gle.com>; Daniel Micay <danielmicay@...il.com>; Djalal
> Harouni <tixxdz@...il.com>; linux-kernel@...r.kernel.org
> Subject: Re: [PATCH V8 0/2] printk: hash addresses printed with %p
> 
> On Thu, Nov 02, 2017 at 05:23:44PM +0900, Sergey Senozhatsky wrote:
> > On (11/01/17 10:35), Tobin C. Harding wrote:
> > [..]
> > > Yes. The question has been raised will we be here again in 6 years
> > > time trying to fix all the uses of %x. And there are already 29K
> > > uses of %[xX] in tree, which of these are leaking addresses? This is why Linus'
> > > has commented that really effort should be directed at finding the
> > > leaks as they happen (in procfs, sysfs, dmesg) instead of fixing
> > > this in the code.
> >
> > got it. thanks.
> >
> > > So far I haven't been able to come up with any meaningful way to do
> > > this on 32 bit machines. There is a patch adding a script to catch
> > > leaks on 64 bit machines in flight.
> >
> > who is expected to run that script?
> 
> If one person runs it and finds one leaking address, I'd say it wast worth writing. If
> a bunch of people with different set ups run it and we find a bunch of leaking
> addresses, WIN!

I wonder if the 0 day testing robot could run it....

> 
> Your comment did give me the idea of adding some output to the command
> offering an email address to send suspicious output for those who do not wish to
> investigate it further. I can put my email address if there is not a better option.
> 
> > BTW, can BPF/eBPF printk addresses?
> 
> I know absolutely zero about BPF/eBPF. I guess now is a good time to learn.
> 
> > > This patch needs to be a small part of a continued effort to stop
> > > the leaks if we want to have any hope of stopping them.
> > >
> > > If you have any suggestions on dealing with %x please do say. We
> > > have code changes, compiler warnings, and checkpatch - none of which
> > > immediately seem great.
> >
> > hm... just a huge pile of if's
> >
> > 	if (is_vmalloc_addr(addr))
> > 		do_hashing(addr);
> > 	else if (__module_address(addr))
> > 		do_hashing(addr);
> > 	else if (is_kernel(addr) || is_kernel_inittext(addr))
> > 	...
> >
> > but that's going to be really messy and "iffy".
> 
> This is the only suggestion we have so far.
> 
> thanks,
> Tobin.

Powered by blists - more mailing lists