lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFyZyBNBu2kw_DmAdpLJinL3GCQCzcurpa9sHnKU2qHpAw@mail.gmail.com>
Date:   Wed, 29 Nov 2017 13:05:39 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Joe Perches <joe@...ches.com>
Cc:     "Tobin C. Harding" <me@...in.cc>,
        Kees Cook <keescook@...omium.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] hash addresses printed with %p

On Wed, Nov 29, 2017 at 12:54 PM, Joe Perches <joe@...ches.com> wrote:
>
> I'd prefer a global sed of '%pK' to '%pxK' and remove '%pK' altogether

No, we really don't want %pK to become %pxK.

Most of the %pK users absolutely do not want the real hex address.
They are things like the socket pointers in /proc etc. The exact thing
that the hashing does well, and that %pK was so useless for.

Anyway, with the current tree, the "leaking_addresses script gives
almost no results for me (and I have kptr_restrict set to 0).

I haven't seen any breakage, but I may change my mind if bug reports
end up being illegible. And maybe I just haven't triggered anything
that might use a pointer.

Annotated perf disassembly is broken for me right now, but that
happens to me with alarming regularity because perf uses the wrong
vmlinux file or something, so it is probably not related (the kernel
symbol show up properly in the profile, I just don't get the
disassembly).

               Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ