lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20190918002859.GF30224@paulmck-ThinkPad-P72>
Date:   Tue, 17 Sep 2019 17:28:59 -0700
From:   "Paul E. McKenney" <paulmck@...nel.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     "Paul E. McKenney" <paulmck@...ux.ibm.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lockdep: Make print_lock() address visible

On Mon, Sep 16, 2019 at 08:07:55PM -0700, Kees Cook wrote:
> On Mon, Sep 16, 2019 at 06:39:46PM -0700, keescook@...omium.org wrote:
> > commit 519248f36d6f3c80e176f6fa844c10d94f1f5990
> > Author: Paul E. McKenney <paulmck@...ux.ibm.com>
> > Date:   Thu May 30 05:39:25 2019 -0700
> > 
> >     lockdep: Make print_lock() address visible
> >     
> >     Security is a wonderful thing, but so is the ability to debug based on
> >     lockdep warnings.  This commit therefore makes lockdep lock addresses
> >     visible in the clear.
> >     
> >     Signed-off-by: Paul E. McKenney <paulmck@...ux.ibm.com>
> > 
> > diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c
> > index 4861cf8e274b..4aca3f4379d2 100644
> > --- a/kernel/locking/lockdep.c
> > +++ b/kernel/locking/lockdep.c
> > @@ -620,7 +620,7 @@ static void print_lock(struct held_lock *hlock)
> >  		return;
> >  	}
> >  
> > -	printk(KERN_CONT "%p", hlock->instance);
> > +	printk(KERN_CONT "%px", hlock->instance);
> >  	print_lock_name(lock);
> >  	printk(KERN_CONT ", at: %pS\n", (void *)hlock->acquire_ip);
> >  }
> 
> Just to clarify: this is only visible under CONFIG_LOCKDEP, yes? That's
> not a state anyone would run a production system under, I'd hope.

Yes, by my reading of kernel/locking/Makefile, the entire
kernel/locking/lockdep.c file is completely ignored unless
CONFIG_LOCKDEP=y.

So yes, it would be silly for this code to be in a production
system.

							Thanx, Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ