lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 4 Feb 2021 10:36:15 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Kees Cook <keescook@...omium.org>, Timur Tabi <timur@...nel.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        linux-kernel@...r.kernel.org, vbabka@...e.cz, linux-mm@...ck.org,
        willy@...radead.org, akpm@...ux-foundation.org,
        torvalds@...ux-foundation.org, roman.fietze@...na.com,
        john.ogness@...utronix.de,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        akinobu.mita@...il.com
Subject: Re: [PATCH][RESEND] lib/vsprintf: make-printk-non-secret printks all
 addresses as unhashed

On Wed 2021-02-03 15:47:27, Steven Rostedt wrote:
> On Wed, 3 Feb 2021 12:35:07 -0800
> Kees Cook <keescook@...omium.org> wrote:
> 
> > > With a big notice that all pointers of unhashed, I don't think we need to
> > > print it failed when we expect it to fail.
> > > 
> > > If anything, skip the test and state:
> > > 
> > >   test_printf: hash test skipped because "make-printk-non-secret" is on the
> > >   command line.  
> > 
> > Yeah, I'm fine with "fail" or "skip". "pass" is mainly what I don't
> > like. :)
> 
> Is there any printing of the tests being done? Looks to me that the tests
> only print something if they fail. Thus "skip" and "pass" are basically the
> same (if "skip" is simply not to do the test).

It prints the total number of tests done. It should not count the
skipped tests.

We actually print a warning when crng is not initialized. In this
case, the test passes because we actually check the value and it
is an expected one.

> I mean, we could simply have:
> 
> 
>  static void __init
>  plain(void)
>  {
>  	int err;
>  
> +	if (debug_never_hash_pointers)
> +		return;

I am not 100% sure. But this might work. Just please print a warning
about the tests are skipped.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ