lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAGXu5jJ1SfKmTtwN6JS42cXWN6v=pPrEyfcdJRH+=MTmh5hPKQ@mail.gmail.com>
Date:   Fri, 5 Jan 2018 16:11:07 -0800
From:   Kees Cook <keescook@...omium.org>
To:     "Tobin C. Harding" <me@...in.cc>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        kernel-hardening@...ts.openwall.com, kaiwan.billimoria@...il.com
Subject: Re: [PATCH] leaking_addresses: add files to skip

On Fri, Jan 5, 2018 at 2:59 PM, Tobin C. Harding <me@...in.cc> wrote:
> Script currently times out when parsing the following files:
>
>         /proc/kallsyms
>         /proc/sched_debug
>         /proc/PID/smaps

Seems like kallsyms would be one to absolutely scan... it shouldn't
cause hangs either.

-Kees

>
> None of these files leak kernel addresses. We can skip parsing them.
>
> Add entries to list of files to skip.
>
> Signed-off-by: Tobin C. Harding <me@...in.cc>
> ---
>  scripts/leaking_addresses.pl | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
> index ce5d58f3e619..32e2fc9fc8c3 100755
> --- a/scripts/leaking_addresses.pl
> +++ b/scripts/leaking_addresses.pl
> @@ -58,7 +58,9 @@ my @skip_parse_files_abs = ('/proc/kmsg',
>                             '/sys/firmware/devicetree',
>                             '/proc/device-tree',
>                             '/sys/kernel/debug/tracing/trace_pipe',
> -                           '/sys/kernel/security/apparmor/revision');
> +                           '/sys/kernel/security/apparmor/revision',
> +                           '/proc/kallsyms',
> +                           '/proc/sched_debug');
>
>  # Do not parse these files under any subdirectory.
>  my @skip_parse_files_any = ('0',
> @@ -71,7 +73,8 @@ my @skip_parse_files_any = ('0',
>                             'snapshot_raw',
>                             'trace_pipe_raw',
>                             'ptmx',
> -                           'trace_pipe');
> +                           'trace_pipe',
> +                           'smaps');
>
>  # Do not walk these directories (absolute path).
>  my @skip_walk_dirs_abs = ();
> --
> 2.7.4
>



-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ