lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1512382841.17323.11.camel@gmail.com>
Date:   Mon, 04 Dec 2017 15:50:41 +0530
From:   kaiwan.billimoria@...il.com
To:     "Tobin C. Harding" <me@...in.cc>
Cc:     Alexander Kapshuk <alexander.kapshuk@...il.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH] leaking_addresses: add support for 32-bit kernel
 addresses

On Mon, 2017-12-04 at 19:21 +1100, Tobin C. Harding wrote:
> On Mon, Dec 04, 2017 at 10:51:53AM +0530, Kaiwan N Billimoria wrote:
> > > ---
> > diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
> > index 9906dcf8b807..260b52e456f1 100755
> > --- a/scripts/leaking_addresses.pl
> > +++ b/scripts/leaking_addresses.pl
> > @@ -266,7 +266,7 @@ sub is_false_positive
> >  sub is_false_positive_ix86_32
> >  {
> >         my ($match) = @_;
> > -       state $page_offset = eval get_page_offset(); # only gets called once
> > +       state $page_offset = hex get_page_offset(); # only gets called once
> 
> I don't think this is valid ;) I meant use hex() to convert the string
> to an int so it doesn't throw the warning (inside get_page_offset()).

Yup, got it, thanks   :-p
Combined patch below:


---
 scripts/leaking_addresses.pl | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index 9906dcf8b807..a595a2c66b12 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -266,8 +266,7 @@ sub is_false_positive
 sub is_false_positive_ix86_32
 {
 	my ($match) = @_;
-	state $page_offset = eval get_page_offset(); # only gets called once
-
+	state $page_offset = get_page_offset(); # only gets called once
 	if ($match =~ '\b(0x)?(f|F){8}\b') {
 		return 1;
 	}
@@ -283,7 +282,7 @@ sub is_false_positive_ix86_32
 sub get_page_offset
 {
 	my $page_offset;
-	my $default_offset = "0xc0000000";
+	my $default_offset = hex("0xc0000000");
 	my @config_files;
 
 	# Allow --page-offset-32bit to override.
@@ -306,23 +305,23 @@ sub get_page_offset
 		} else {
 			$page_offset = parse_kernel_config_file($tmp_file);
 			if ($page_offset ne "") {
-				return $page_offset;
+				return hex($page_offset);
 			}
 		}
 		system("rm -f $tmp_file");
 	}
 
 	foreach my $config_file (@config_files) {
-		$config_file =~ s/\R*//g;
+		chomp $config_file;
 		$page_offset = parse_kernel_config_file($config_file);
 		if ($page_offset ne "") {
-			return $page_offset;
+			return hex($page_offset);
 		}
 	}
 
 	printf STDERR "\nFailed to parse kernel config files\n";
 	printf STDERR "*** NOTE ***\n";
-	printf STDERR "Falling back to PAGE_OFFSET = %s\n\n", $default_offset;
+	printf STDERR "Falling back to PAGE_OFFSET = 0x%x\n\n", $default_offset;
 
 	return $default_offset;
 }
-- 
2.14.3

Thanks,
Kaiwan.

> thanks,
> Tobin.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ