From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752336AbdLEHYc (ORCPT ); Tue, 5 Dec 2017 02:24:32 -0500 Received: from smtprelay0135.hostedemail.com ([216.40.44.135]:46852 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751161AbdLEHY1 (ORCPT ); Tue, 5 Dec 2017 02:24:27 -0500 X-Session-Marker: 6A6F6540706572636865732E636F6D X-Spam-Summary: 30,2,0,,d41d8cd98f00b204,joe@perches.com,:::::::,RULES_HIT:41:355:379:541:599:800:960:973:982:988:989:1260:1277:1311:1313:1314:1345:1359:1373:1431:1437:1515:1516:1518:1534:1543:1593:1594:1711:1730:1747:1777:1792:2194:2197:2198:2199:2200:2201:2393:2559:2562:2828:2892:3138:3139:3140:3141:3142:3355:3622:3653:3865:3866:3867:3870:3871:3872:3873:3874:4321:4605:5007:6119:6691:8957:9108:10004:10400:10848:11026:11232:11473:11658:11914:12043:12295:12296:12438:12663:12740:12760:12895:13153:13160:13161:13191:13192:13228:13229:13439:14181:14659:14721:21080:21221:21451:21505:21627:30045:30054:30075:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:2,LUA_SUMMARY:none X-HE-Tag: toes83_60de39401d14f X-Filterd-Recvd-Size: 3896 Message-ID: <1512458664.6321.71.camel@perches.com> Subject: Re: [PATCH] checkpatch: warn for use of %px From: Joe Perches To: "Tobin C. Harding" , Andrew Morton Cc: Andy Whitcroft , linux-kernel@vger.kernel.org Date: Mon, 04 Dec 2017 23:24:24 -0800 In-Reply-To: <1512422224-29827-1-git-send-email-me@tobin.cc> References: <1512422224-29827-1-git-send-email-me@tobin.cc> Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.26.1-1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2017-12-05 at 08:17 +1100, Tobin C. Harding wrote: > Usage of the new %px specifier potentially leaks sensitive > inforamtion. Printing kernel addresses exposes the kernel layout in information > memory, this is potentially exploitable. We have tools in the kernel to > help us do the right thing. We can have checkpatch warn developers of > potential dangers of using %px. > > Have checkpatch emit a warning for usage of specifier %px. > > Suggested-by: Andrew Morton > Signed-off-by: Tobin C. Harding > Co-Developed-by: Joe Perches > > --- > > Joe, > > Are you happy with this tagging? Needs your signed-off-by still. Maybe with a few corrections (below) > > Andrew, > > Is it okay to add your Suggested-by tag here? > > I'm not entirely sure when one is supposed to add someones signed-off-by > tag since the docs state that it should not be added without > permission. I am also unsure where/when is the best time to request this > permission. [] > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl [] > @@ -1612,6 +1612,17 @@ sub raw_line { > return $line; > } > > +sub stat_real { > + my ($linenr, $lc) = @_; > + > + my $stat_real = raw_line($linenr, 0); > + for (my $count = $linenr + 1; $count <= $lc; $count++) { > + $stat_real = $stat_real . "\n" . raw_line($count, 0); > + } > + > + return $stat_real; > +} If you are going to make a subroutine of this there are some other places it could be used too. > + > sub cat_vet { > my ($vet) = @_; > my ($res, $coded); > @@ -5747,24 +5758,35 @@ sub process { > defined $stat && > $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s && > $1 !~ /^_*volatile_*$/) { > - my $bad_extension = ""; > + my ($specifier, $extension, $stat_real); My preference is not to define multiple variables on a single line. I'd rather have: my $specifier; my $extension; my $stat_real; > + my $bad_specifier = ""; > my $lc = $stat =~ tr@\n@@; > $lc = $lc + $linenr; > for (my $count = $linenr; $count <= $lc; $count++) { > my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0)); > $fmt =~ s/%%//g; > - if ($fmt =~ /(\%[\*\d\.]*p(?![\WFfSsBKRraEhMmIiUDdgVCbGNOx]).)/) { > - $bad_extension = $1; > - last; > + > + while ($fmt =~ /(\%[\*\d\.]*p(\w))/g) { > + $specifier = $1; > + $extension = $2; > + if ($extension !~ /[FfSsBKRraEhMmIiUDdgVCbGNOx]/) { > + $bad_specifier = $specifier; > + last; > + } > + if ($extension eq "x" && !defined($stat_real)) { > + if (!defined($stat_real)) { > + $stat_real = stat_real($linenr, $lc); > + } > + WARN("VSPRINTF_SPECIFIER_PX", > + "Using vsprintf specifier '\%px' potentially exposes the kernel layout in memory, if you don't _realy_ need the address please consider using '\%p'.\n" . "$here\n$stat_real\n"); "kernel memory layout" not "kernel layout in memory" "really" not "_realy_"