| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Mar 2020 14:36:59 -0800
From: Kees Cook <keescook@...omium.org>
To: Scott Wood <oss@...error.net>
Cc: Jason Yan <yanaijie@...wei.com>, pmladek@...e.com,
rostedt@...dmis.org, sergey.senozhatsky@...il.com,
andriy.shevchenko@...ux.intel.com, linux@...musvillemoes.dk,
linux-kernel@...r.kernel.org,
"Tobin C . Harding" <tobin@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Daniel Axtens <dja@...ens.net>
Subject: Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64
On Wed, Mar 04, 2020 at 03:11:39PM -0600, Scott Wood wrote:
> In any case, this came up now due to a question about what to use when
> printing crash dumps. PowerPC currently prints stack and return addresses
> with %lx (in addition to %pS in the latter case) and someone proposed
Right -- I think other archs moved entirely to %pS and just removed %lx
and %p uses.
> converting them to %p and/or removing them altogether. Is there a consensus
> on whether crash dumps need to be sanitized of this stuff as well? It seems
> like you'd have the addresses in the register dump as well (please don't take
> that away too...). Maybe crash dumps would be a less problematic place to
> make the hashing conditional (i.e. less likely to break something in userspace
> that wasn't expecting a hash)?
Actual _crash_ dumps print all kinds of stuff, even the KASLR offset,
but for generic stack traces, it's been mainly %pS, with things like
registers using %lx.
I defer to Linus, obviously. I just wanted to repeat what he'd said
before.
--
Kees Cook
Powered by blists - more mailing lists