From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue, 17 Oct 2017 20:35:16 -0400
From: Steven Rostedt <rostedt@goodmis.org>
Message-ID: <20171017203516.3746395e@vmware.local.home>
In-Reply-To: <20171017231559.GD8001@eros>
References: <1508215972-7769-1-git-send-email-me@tobin.cc>
	<20171017093119.6dd98919@gandalf.local.home>
	<20171017231559.GD8001@eros>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: [kernel-hardening] Re: [PATCH v2] printk: hash addresses printed with %p
To: "Tobin C. Harding" <me@tobin.cc>
Cc: kernel-hardening@lists.openwall.com, Linus Torvalds <torvalds@linux-foundation.org>, Kees Cook <keescook@chromium.org>, Paolo Bonzini <pbonzini@redhat.com>, Tycho Andersen <tycho@docker.com>, "Roberts,
 William C" <william.c.roberts@intel.com>, Tejun Heo <tj@kernel.org>, Jordan Glover <Golden_Miller83@protonmail.ch>, Greg KH <gregkh@linuxfoundation.org>, Petr Mladek <pmladek@suse.com>, Joe Perches <joe@perches.com>, Ian Campbell <ijc@hellion.org.uk>, Sergey Senozhatsky <sergey.senozhatsky@gmail.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will.deacon@arm.com>, Chris Fries <cfries@google.com>, Dave Weinstein <olorin@google.com>, Daniel Micay <danielmicay@gmail.com>, Djalal Harouni <tixxdz@gmail.com>, linux-kernel@vger.kernel.org
List-ID: <kernel-hardening.lists.openwall.com>

On Wed, 18 Oct 2017 10:15:59 +1100
"Tobin C. Harding" <me@tobin.cc> wrote:

> > Does %p[FfSs] leak addresses? Well, I guess it does if they are not
> > found in kallsyms, but otherwise you have:
> > 
> >   function+0x<offset>  
> 
> You are correct %pF and %pS print an offset. Does this provide an attack vector,
> I didn't think so but I'm no security expert. If they do then we need to amend
> those calls also.

Hopefully not. We changed stack dumps to use them only instead of
showing addresses because of the location leak.

-- Steve

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1758519AbdJRAfZ (ORCPT <rfc822;w@1wt.eu>);
        Tue, 17 Oct 2017 20:35:25 -0400
Received: from smtprelay0040.hostedemail.com ([216.40.44.40]:33663 "EHLO
        smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1758388AbdJRAfV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 17 Oct 2017 20:35:21 -0400
X-Session-Marker: 726F737465647440676F6F646D69732E6F7267
X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,rostedt@goodmis.org,:::::::::::::::::::::::::::::::::::::::::,RULES_HIT:41:355:379:541:599:800:960:988:989:1260:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1538:1593:1594:1711:1714:1730:1747:1777:1792:2393:2553:2559:2562:2894:3138:3139:3140:3141:3142:3351:3622:3865:3866:3867:3868:3870:3872:3873:5007:6261:6742:6743:7875:8957:10004:10400:10848:10967:11232:11658:11914:12663:12740:12760:12895:13069:13311:13357:13439:14181:14659:21080:21627:30025:30054:30090:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:1,LUA_SUMMARY:none
X-HE-Tag: tooth72_859892c151920
X-Filterd-Recvd-Size: 2149
Date: Tue, 17 Oct 2017 20:35:16 -0400
From: Steven Rostedt <rostedt@goodmis.org>
To: "Tobin C. Harding" <me@tobin.cc>
Cc: kernel-hardening@lists.openwall.com,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Kees Cook <keescook@chromium.org>, Paolo Bonzini <pbonzini@redhat.com>,
        Tycho Andersen <tycho@docker.com>,
        "Roberts, William C" <william.c.roberts@intel.com>,
        Tejun Heo <tj@kernel.org>,
        Jordan Glover <Golden_Miller83@protonmail.ch>,
        Greg KH <gregkh@linuxfoundation.org>, Petr Mladek <pmladek@suse.com>,
        Joe Perches <joe@perches.com>, Ian Campbell <ijc@hellion.org.uk>,
        Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>, Chris Fries <cfries@google.com>,
        Dave Weinstein <olorin@google.com>,
        Daniel Micay <danielmicay@gmail.com>,
        Djalal Harouni <tixxdz@gmail.com>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] printk: hash addresses printed with %p
Message-ID: <20171017203516.3746395e@vmware.local.home>
In-Reply-To: <20171017231559.GD8001@eros>
References: <1508215972-7769-1-git-send-email-me@tobin.cc>
        <20171017093119.6dd98919@gandalf.local.home>
        <20171017231559.GD8001@eros>
X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 18 Oct 2017 10:15:59 +1100
"Tobin C. Harding" <me@tobin.cc> wrote:

> > Does %p[FfSs] leak addresses? Well, I guess it does if they are not
> > found in kallsyms, but otherwise you have:
> > 
> >   function+0x<offset>  
> 
> You are correct %pF and %pS print an offset. Does this provide an attack vector,
> I didn't think so but I'm no security expert. If they do then we need to amend
> those calls also.

Hopefully not. We changed stack dumps to use them only instead of
showing addresses because of the location leak.

-- Steve