From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8757FC433E0 for ; Mon, 21 Dec 2020 17:19:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5B84022C9C for ; Mon, 21 Dec 2020 17:19:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726182AbgLURTz (ORCPT ); Mon, 21 Dec 2020 12:19:55 -0500 Received: from gate.crashing.org ([63.228.1.57]:38938 "EHLO gate.crashing.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726071AbgLURTy (ORCPT ); Mon, 21 Dec 2020 12:19:54 -0500 Received: from gate.crashing.org (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id 0BLHCTFq012889; Mon, 21 Dec 2020 11:12:30 -0600 Received: (from segher@localhost) by gate.crashing.org (8.14.1/8.14.1/Submit) id 0BLHCSI6012888; Mon, 21 Dec 2020 11:12:28 -0600 X-Authentication-Warning: gate.crashing.org: segher set sender to segher@kernel.crashing.org using -f Date: Mon, 21 Dec 2020 11:12:28 -0600 From: Segher Boessenkool To: David Laight Cc: Christophe Leroy , Xiaoming Ni , "ravi.bangoria@linux.ibm.com" , "mikey@neuling.org" , "yanaijie@huawei.com" , "haren@linux.ibm.com" , "linux-kernel@vger.kernel.org" , "npiggin@gmail.com" , "wangle6@huawei.com" , "paulus@samba.org" , "aneesh.kumar@linux.ibm.com" , "linuxppc-dev@lists.ozlabs.org" Subject: Re: [PATCH] powerpc:Don't print raw EIP/LR hex values in dump_stack() and show_regs() Message-ID: <20201221171228.GA2672@gate.crashing.org> References: <20201221032758.12143-1-nixiaoming@huawei.com> <2279fc96-1f10-0c3f-64d9-734f18758620@csgroup.eu> <20201221163130.GZ2672@gate.crashing.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.4.2.3i Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Dec 21, 2020 at 04:42:23PM +0000, David Laight wrote: > From: Segher Boessenkool > > Sent: 21 December 2020 16:32 > > > > On Mon, Dec 21, 2020 at 04:17:21PM +0100, Christophe Leroy wrote: > > > Le 21/12/2020 à 04:27, Xiaoming Ni a écrit : > > > >Since the commit 2b0e86cc5de6 ("powerpc/fsl_booke/32: implement KASLR > > > >infrastructure"), the powerpc system is ready to support KASLR. > > > >To reduces the risk of invalidating address randomization, don't print the > > > >EIP/LR hex values in dump_stack() and show_regs(). > > > > > I think your change is not enough to hide EIP address, see below a dump > > > with you patch, you get "Faulting instruction address: 0xc03a0c14" > > > > As far as I can see the patch does nothing to the GPR printout. Often > > GPRs contain code addresses. As one example, the LR is moved via a GPR > > (often GPR0, but not always) for storing on the stack. > > > > So this needs more work. > > If the dump_stack() is from an oops you need the real EIP value > on order to stand any chance of making headway. Or at least the function name + offset, yes. > Otherwise you might just as well just print 'borked - tough luck'. Yes. ASLR is a house of cards. But that isn't constructive wrt this patch :-) Segher