| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 07 Dec 2017 13:17:52 -0800 From: Joe Perches <joe@...ches.com> To: "Tobin C. Harding" <me@...in.cc> Cc: Andy Whitcroft <apw@...onical.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 3/3] checkpatch: warn for use of %px On Fri, 2017-12-08 at 08:06 +1100, Tobin C. Harding wrote: > On Wed, Dec 06, 2017 at 02:37:08PM +1100, Tobin C. Harding wrote: > > Usage of the new %px specifier potentially leaks sensitive > > inforamtion. Printing kernel addresses exposes the kernel layout in > > memory, this is potentially exploitable. We have tools in the kernel to > > help us do the right thing. We can have checkpatch warn developers of > > potential dangers of using %px. > > > > Have checkpatch emit a warning for usage of specifier %px. > > > > Signed-off-by: Tobin C. Harding <me@...in.cc> > > Co-developed-by: Joe Perches <joe@...ches.com> > > Co-Developed-by: > > Woops. > > Joe I didn't quite understand what you meant when you said that this > could go in via any tree. I'm still learning the whole kernel tree > management thing. Don't checkpatch patches go in via Andy's tree? > > https://git.kernel.org/pub/scm/linux/kernel/git/apw/checkpatch.git/ No, not in quite awhile. Most checkpatch patches go through Andrew Morton's quilt/mm tree.
Powered by blists - more mailing lists