lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250217153444-4e1fd8ec-7f0e-4f40-8fc1-e323e4622284@linutronix.de>
Date: Mon, 17 Feb 2025 15:50:54 +0100
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Patrice Chotard <patrice.chotard@...s.st.com>, 
	Thinh Nguyen <Thinh.Nguyen@...opsys.com>, linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 1/2] usb: core: Don't use %pK through printk

On Mon, Feb 17, 2025 at 02:52:05PM +0100, Greg Kroah-Hartman wrote:
> On Mon, Feb 17, 2025 at 02:20:51PM +0100, Thomas Weißschuh wrote:
> > Restricted pointers ("%pK") are not meant to be used through printk().
> > It can unintentionally expose security sensitive, raw pointer values.
> > 
> > Use regular pointer formatting instead.
> > 
> > Link: https://lore.kernel.org/lkml/20250113171731-dc10e3c1-da64-4af0-b767-7c7070468023@linutronix.de/
> > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
> 
> So really this is just a revert of 2f964780c03b ("USB: core: replace %p
> with %pK"), right?

In this case, yes.

> Why not express it that way, and explain _why_ it's somehow now ok to
> use %p when previously it wasn't?

The full background is in the email linked from the commit message.
%p is more secure than %pK since
commit ad67b74d2469 ("printk: hash addresses printed with %p").
%pK was never intended to be used through printk() in the first place.

I'm doing the these changes for various subsystems using a common
commit message. The changes are not reverts for all of them and
digging out the specific history for each single line is a bunch
of extra work.
If you want more historical context, I'll resend the series, though.


Thomas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ