From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E900C433DB for ; Thu, 4 Feb 2021 22:21:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EF45F64F58 for ; Thu, 4 Feb 2021 22:21:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229832AbhBDWVb (ORCPT ); Thu, 4 Feb 2021 17:21:31 -0500 Received: from mail.kernel.org ([198.145.29.99]:59766 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229513AbhBDWV3 (ORCPT ); Thu, 4 Feb 2021 17:21:29 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 42AD664E0F; Thu, 4 Feb 2021 22:20:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1612477248; bh=srANFyFRjZWUNqLmRWYde2yLB0hjm8XnDjUMhIBivaA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=uXKII3KVqIM0KWZWfAoo2nXt1jcb0OXHPDihGTijgToz9tmaCzJhwQcvmlg9BBqM5 nQR5XjwW4SoF18hpz53DrVO4LNU+OA41fza2i7qi8mnLbtTBe+Zn06vcoOMZ2uWG8f bKnL5n2vPCc8dki0w7V3kCAoP7ZYpMKKQql6gtHpYzpEz4KCRO0eIZoUe99+dmX8/M 8EApnY+PDIg3pcpwMXk1WQE8bXAnp9YRUNrmmJVJV4ADTvW6YR8jms+gujpIragUlf OK0iWWkW5CkSXWKxbI3/JEMv1pNYOd6TnRdRUq1Lmn5sPUeMKomjtIca/Sn/NSP5bw /mzYm+E1bIOyg== Subject: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed To: Kees Cook , Pavel Machek Cc: Steven Rostedt , Petr Mladek , Sergey Senozhatsky , linux-kernel@vger.kernel.org, linux-mm@kvack.org, willy@infradead.org, akpm@linux-foundation.org, torvalds@linux-foundation.org, roman.fietze@magna.com, john.ogness@linutronix.de, akinobu.mita@gmail.com References: <20210202201846.716915-1-timur@kernel.org> <20210204204835.GA7529@amd> <20210204155423.2864bf4f@gandalf.local.home> <20210204214944.GA13103@amd> <873d7e08-7a70-a1a3-f486-882d1d515965@kernel.org> <20210204221143.GB13103@amd> <202102041415.D9093ED6@keescook> From: Timur Tabi Message-ID: <13fdd006-3070-fb6a-cd99-7f845deb6843@kernel.org> Date: Thu, 4 Feb 2021 16:20:45 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <202102041415.D9093ED6@keescook> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/4/21 4:17 PM, Kees Cook wrote: > It's just semantics. Printing addresses DOES weaken the security of a > system, especially when we know attackers have and do use stuff from dmesg > to tune their attacks. How about "reduces the security of your system"? I think we're bikeshedding now, but I can replace "compromise" with "reduce". "Kernel memory addresses are exposed, which may reduce the security of your system."