| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180426012805.GA3282@jagdpanzerIV>
Date: Thu, 26 Apr 2018 10:28:05 +0900
From: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
To: Petr Mladek <pmladek@...e.com>
Cc: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"Tobin C . Harding" <me@...in.cc>, Joe Perches <joe@...ches.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Michal Hocko <mhocko@...e.cz>,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
Steven Rostedt <rostedt@...dmis.org>,
Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 10/11] vsprintf: WARN() on invalid pointer access
On (04/25/18 13:12), Petr Mladek wrote:
[..]
> /*
> * This is not a fool-proof test. 99% of the time that this will fault is
> * due to a bad pointer, not one that crosses into bad memory. Just test
> @@ -623,8 +626,12 @@ static const char *check_pointer_access(const void *ptr)
> if (!ptr)
> return "(null)";
>
> - if (probe_kernel_address(ptr, byte))
> + /* Prevent silent crashes when called in printk_safe context. */
> + if (probe_kernel_address(ptr, byte)) {
> + WARN(!panic_on_warn && !test_printf_pointer_access,
> + "vsprintf: invalid pointer address\n");
> return "(efault)";
> + }
Can we have a rate-limited print out here? Or may be even a WARN_ONCE()?
Yes, printk()-s from check_pointer_access() are OK, printk_safe() helps us,
but at the same time every single invalid pointer access printk()-message
will log_store() WARN() extra entries. Theoretically, this can harm. What
do you think?
-ss
Powered by blists - more mailing lists