lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3159c45c-b417-c157-e108-c0e12af2e122@sjtu.edu.cn>
Date:   Fri, 24 Sep 2021 10:57:18 +0800
From:   Guo Zhi <qtxuning1999@...u.edu.cn>
To:     Greg KH <gregkh@...uxfoundation.org>, nsaenz@...nel.org,
        peterz@...radead.org, maz@...nel.org, bsegall@...gle.com,
        rdunlap@...radead.org, airlied@...hat.com,
        kan.liang@...ux.intel.com, odin@...d.al, phil@...pberrypi.com
Cc:     bcm-kernel-feedback-list@...adcom.com,
        linux-rpi-kernel@...ts.infradead.org,
        linux-arm-kernel@...ts.infradead.org,
        linux-staging@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] staging: vchip_arm: Fix misuse of %x

On 2021/9/23 13:19, Greg KH wrote:
> On Thu, Sep 23, 2021 at 11:55:54AM +0800, Guo Zhi wrote:
>> Pointers should be printed with %p or %px rather than
>> cast to (unsigned long) and printed with %lx.
>> Change %lx to %pK to print the pointers.
>>
>> Signed-off-by: Guo Zhi <qtxuning1999@...u.edu.cn>
>> ---
>>   .../staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 8 ++++----
>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> index b5aac862a29..408e5fe710b 100644
>> --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
>> @@ -591,11 +591,11 @@ service_callback(enum vchiq_reason reason, struct vchiq_header *header,
>>   		return VCHIQ_SUCCESS;
>>   
>>   	vchiq_log_trace(vchiq_arm_log_level,
>> -		"%s - service %lx(%d,%p), reason %d, header %lx, instance %lx, bulk_userdata %lx",
>> -		__func__, (unsigned long)user_service,
>> +		"%s - service %pK(%d,%p), reason %d, header %pK, instance %pK, bulk_userdata %pK",
>> +		__func__, user_service,
>>   		service->localport, user_service->userdata,
>> -		reason, (unsigned long)header,
>> -		(unsigned long)instance, (unsigned long)bulk_userdata);
>> +		reason, header,
>> +		instance, bulk_userdata);
> Why print this out at all?  What uses this?  Can it just be deleted?
>
> thanks,
>
> greg k-h

This information is printed for debugging usage.

But malicious user process can also print it through debugfs at 
/sys/kernel/debug.

As it can be used for debugging, it's a little radical to just delete.

Therefore, I suggest replacing %lx with %pK to avoid kernel address leakage.

thanks,

Guo


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ