lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Jan 2018 23:18:56 +0300
From:   Serge Semin <fancer.lancer@...il.com>
To:     Florian Fainelli <f.fainelli@...il.com>
Cc:     ralf@...ux-mips.org, miodrag.dinic@...s.com, jhogan@...nel.org,
        goran.ferenc@...s.com, david.daney@...ium.com,
        paul.gortmaker@...driver.com, paul.burton@...s.com,
        alex.belits@...ium.com, Steven.Hill@...ium.com,
        alexander.sverdlin@...ia.com, matt.redfearn@...s.com,
        kumba@...too.org, marcin.nowakowski@...s.com, James.hogan@...s.com,
        Peter.Wotton@...s.com, Sergey.Semin@...latforms.ru,
        linux-mips@...ux-mips.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 11/14] MIPS: memblock: Print out kernel virtual mem layout

On Thu, Jan 18, 2018 at 12:03:03PM -0800, Florian Fainelli <f.fainelli@...il.com> wrote:
> On 01/17/2018 02:23 PM, Serge Semin wrote:
> > It is useful to have the kernel virtual memory layout printed
> > at boot time so to have the full information about the booted
> > kernel. In some cases it might be unsafe to have virtual
> > addresses freely visible in logs, so the %pK format is used if
> > one want to hide them.
> > 
> > Signed-off-by: Serge Semin <fancer.lancer@...il.com>
> 
> I personally like having that information because that helps debug and
> have a quick reference, but there appears to be a trend to remove this
> in the name of security:
> 
> https://patchwork.kernel.org/patch/10124007/
> 
> maybe hide this behind a configuration option?

Yeah, arm code was the place I picked the function up.) But in my case
I've used %pK so the pointers would disappear from logging when 
kptr_restrict sysctl is 1 or 2.
I agree, that we might need to make the printouts optional. If there is
any kernel config, which for instance increases the kernel security we
could also use it or anything else to discard the printouts at compile
time.

> -- 
> Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ