lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d6223371-a5e7-28ac-704c-0e3d5b7ea713@kernel.org>
Date:   Fri, 5 Feb 2021 12:25:22 -0600
From:   Timur Tabi <timur@...nel.org>
To:     Vlastimil Babka <vbabka@...e.cz>, Petr Mladek <pmladek@...e.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        willy@...radead.org, akpm@...ux-foundation.org,
        torvalds@...ux-foundation.org, roman.fietze@...na.com,
        keescook@...omium.org, john.ogness@...utronix.de,
        akinobu.mita@...il.com
Subject: Re: [PATCH][RESEND] lib/vsprintf: make-printk-non-secret printks all
 addresses as unhashed



On 2/5/21 4:59 AM, Vlastimil Babka wrote:
> Thanks a lot. Should this also affect %pK though? IIUC, there's currently no way
> to achieve non-mangled %pK in all cases, even with the most permissive
> kptr_restrict=1 setting:
> - in IRQ, there's "pK-error" instead
> - in a context of non-CAP_SYSLOG process, nulls are printed

Hmmm..  I thought %pK prints an unhashed pointer when the user is root, 
at least in situations where the user can be known (e.g. during an ioctl 
call).

> Yes, neither should matter if %pK were only used for prints that generate
> content of some kind of /proc file read by a CAP_SYSLOG process, but that
> doesn't seem to be the case and there are %pK used for printing to dmesg too...

I thought about that.  On one hand, people who use %pK probably really 
wanted a hashed pointer printed.  On the other hand, I agree that %pK 
should not be used for dmesg prints.

I get the feeling that some (most?) people who use %pK don't really 
understand how it's supposed to be used.

I can extend make-printk-non-secret to %pK if everyone agrees.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ