| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Sep 2021 10:15:18 -0300
From: Jason Gunthorpe <jgg@...pe.ca>
To: "Marciniszyn, Mike" <mike.marciniszyn@...nelisnetworks.com>
Cc: Bart Van Assche <bvanassche@....org>,
Guo Zhi <qtxuning1999@...u.edu.cn>,
"Dalessandro, Dennis" <dennis.dalessandro@...nelisnetworks.com>,
"dledford@...hat.com" <dledford@...hat.com>,
"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] infiniband hfi1: fix misuse of %x in ipoib_tx.c
On Thu, Sep 23, 2021 at 11:03:06AM +0000, Marciniszyn, Mike wrote:
> > How about applying Guo's patch and adding a configuration option to the
> > kernel for disabling pointer hashing for %p and related format specifiers?
> > Pointer hashing is useful on production systems but not on development
> > systems.
>
> The prints and traces are leave-behind and intended once in a distro
> for field support.
It doesn't matter, our security model is that drivers do not get to
subvert the kASLR by unilaterally leaking memory layout information,
so you have to get this fixed.
Do not defeat the mechanisms to obscure kernel pointers in trace or
print.
Jason
Powered by blists - more mailing lists