From: Steven Rostedt <rostedt@goodmis.org>
To: "Tobin C. Harding" <me@tobin.cc>
Cc: kernel-hardening@lists.openwall.com,
Linus Torvalds <torvalds@linux-foundation.org>,
Kees Cook <keescook@chromium.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Tycho Andersen <tycho@docker.com>,
"Roberts, William C" <william.c.roberts@intel.com>,
Tejun Heo <tj@kernel.org>,
Jordan Glover <Golden_Miller83@protonmail.ch>,
Greg KH <gregkh@linuxfoundation.org>,
Petr Mladek <pmladek@suse.com>, Joe Perches <joe@perches.com>,
Ian Campbell <ijc@hellion.org.uk>,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Chris Fries <cfries@google.com>,
Dave Weinstein <olorin@google.com>,
Daniel Micay <danielmicay@gmail.com>,
Djalal Harouni <tixxdz@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] printk: hash addresses printed with %p
Date: Tue, 17 Oct 2017 20:35:16 -0400 [thread overview]
Message-ID: <20171017203516.3746395e@vmware.local.home> (raw)
In-Reply-To: <20171017231559.GD8001@eros>
On Wed, 18 Oct 2017 10:15:59 +1100
"Tobin C. Harding" <me@tobin.cc> wrote:
> > Does %p[FfSs] leak addresses? Well, I guess it does if they are not
> > found in kallsyms, but otherwise you have:
> >
> > function+0x<offset>
>
> You are correct %pF and %pS print an offset. Does this provide an attack vector,
> I didn't think so but I'm no security expert. If they do then we need to amend
> those calls also.
Hopefully not. We changed stack dumps to use them only instead of
showing addresses because of the location leak.
-- Steve
next prev parent reply other threads:[~2017-10-18 0:35 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-17 4:52 [PATCH v2] printk: hash addresses printed with %p Tobin C. Harding
2017-10-17 5:20 ` Joe Perches
2017-10-17 13:31 ` Steven Rostedt
2017-10-17 23:15 ` Tobin C. Harding
2017-10-18 0:13 ` Kees Cook
2017-10-18 2:28 ` Tobin C. Harding
2017-10-18 15:28 ` [kernel-hardening] " Theodore Ts'o
2017-10-18 0:35 ` Steven Rostedt [this message]
2017-10-17 17:27 ` Roberts, William C
2017-10-17 22:11 ` Tobin C. Harding
2017-10-18 0:27 ` Jason A. Donenfeld
2017-10-18 2:27 ` Tobin C. Harding
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171017203516.3746395e@vmware.local.home \
--to=rostedt@goodmis.org \
--cc=Golden_Miller83@protonmail.ch \
--cc=catalin.marinas@arm.com \
--cc=cfries@google.com \
--cc=danielmicay@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=ijc@hellion.org.uk \
--cc=joe@perches.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=me@tobin.cc \
--cc=olorin@google.com \
--cc=pbonzini@redhat.com \
--cc=pmladek@suse.com \
--cc=sergey.senozhatsky@gmail.com \
--cc=tixxdz@gmail.com \
--cc=tj@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tycho@docker.com \
--cc=will.deacon@arm.com \
--cc=william.c.roberts@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox