[PATCH] Switch proc interfaces in kernel/ to %pK

[PATCH] Switch proc interfaces in kernel/ to %pK

[Dan Rosenberg]

Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
configuring the level of exposure of kernel pointers via the
kptr_restrict sysctl.

Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
---
 kernel/cgroup.c           |    2 +-
 kernel/kprobes.c          |    4 ++--
 kernel/lockdep_proc.c     |   10 +++++-----
 kernel/time/timer_stats.c |    2 +-
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index b24d702..b04951b 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -4894,7 +4894,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
 		struct css_set *cg = link->cg;
 		struct task_struct *task;
 		int count = 0;
-		seq_printf(seq, "css_set %p\n", cg);
+		seq_printf(seq, "css_set %pK\n", cg);
 		list_for_each_entry(task, &cg->tasks, cg_list) {
 			if (count++ > MAX_TASKS_SHOWN_PER_CSS) {
 				seq_puts(seq, "  ...\n");
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 7798181..2437ca4 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -2021,11 +2021,11 @@ static void __kprobes report_probe(struct seq_file *pi, struct kprobe *p,
 		kprobe_type = "k";
 
 	if (sym)
-		seq_printf(pi, "%p  %s  %s+0x%x  %s ",
+		seq_printf(pi, "%pK  %s  %s+0x%x  %s ",
 			p->addr, kprobe_type, sym, offset,
 			(modname ? modname : " "));
 	else
-		seq_printf(pi, "%p  %s  %p ",
+		seq_printf(pi, "%pK  %s  %pK ",
 			p->addr, kprobe_type, p->addr);
 
 	if (!pp)
diff --git a/kernel/lockdep_proc.c b/kernel/lockdep_proc.c
index 1969d2f..215638d 100644
--- a/kernel/lockdep_proc.c
+++ b/kernel/lockdep_proc.c
@@ -65,7 +65,7 @@ static int l_show(struct seq_file *m, void *v)
 		return 0;
 	}
 
-	seq_printf(m, "%p", class->key);
+	seq_printf(m, "%pK", class->key);
 #ifdef CONFIG_DEBUG_LOCKDEP
 	seq_printf(m, " OPS:%8ld", class->ops);
 #endif
@@ -83,7 +83,7 @@ static int l_show(struct seq_file *m, void *v)
 
 	list_for_each_entry(entry, &class->locks_after, entry) {
 		if (entry->distance == 1) {
-			seq_printf(m, " -> [%p] ", entry->class->key);
+			seq_printf(m, " -> [%pK] ", entry->class->key);
 			print_name(m, entry->class);
 			seq_puts(m, "\n");
 		}
@@ -152,7 +152,7 @@ static int lc_show(struct seq_file *m, void *v)
 		if (!class->key)
 			continue;
 
-		seq_printf(m, "[%p] ", class->key);
+		seq_printf(m, "[%pK] ", class->key);
 		print_name(m, class);
 		seq_puts(m, "\n");
 	}
@@ -502,7 +502,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data)
 		if (!i)
 			seq_line(m, '-', 40-namelen, namelen);
 
-		snprintf(ip, sizeof(ip), "[<%p>]",
+		snprintf(ip, sizeof(ip), "[<%pK>]",
 				(void *)class->contention_point[i]);
 		seq_printf(m, "%40s %14lu %29s %pS\n",
 			   name, stats->contention_point[i],
@@ -517,7 +517,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data)
 		if (!i)
 			seq_line(m, '-', 40-namelen, namelen);
 
-		snprintf(ip, sizeof(ip), "[<%p>]",
+		snprintf(ip, sizeof(ip), "[<%pK>]",
 				(void *)class->contending_point[i]);
 		seq_printf(m, "%40s %14lu %29s %pS\n",
 			   name, stats->contending_point[i],
diff --git a/kernel/time/timer_stats.c b/kernel/time/timer_stats.c
index 2f3b585..3069d0d 100644
--- a/kernel/time/timer_stats.c
+++ b/kernel/time/timer_stats.c
@@ -272,7 +272,7 @@ static void print_name_offset(struct seq_file *m, unsigned long addr)
 	char symname[KSYM_NAME_LEN];
 
 	if (lookup_symbol_name(addr, symname) < 0)
-		seq_printf(m, "<%p>", (void *)addr);
+		seq_printf(m, "<%pK>", (void *)addr);
 	else
 		seq_printf(m, "%s", symname);
 }

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Alexey Dobriyan]

On Tue, Jan 18, 2011 at 05:51:18PM -0500, Dan Rosenberg wrote:
> Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
> configuring the level of exposure of kernel pointers via the
> kptr_restrict sysctl.

> --- a/kernel/lockdep_proc.c
> +++ b/kernel/lockdep_proc.c

/proc/lockdep is r--------
/proc/lockdep_chains is r--------
/proc/lock_stat is rw-------

Is this supposed to mean something?

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Paul Menage]

On Tue, Jan 18, 2011 at 2:51 PM, Dan Rosenberg <drosenberg@vsecurity.com> wrote:
> Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
> configuring the level of exposure of kernel pointers via the
> kptr_restrict sysctl.
>
> Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>

Acked-by: Paul Menage <menage@google.com>

(for cgroup.c)


> ---
>  kernel/cgroup.c           |    2 +-
>  kernel/kprobes.c          |    4 ++--
>  kernel/lockdep_proc.c     |   10 +++++-----
>  kernel/time/timer_stats.c |    2 +-
>  4 files changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> index b24d702..b04951b 100644
> --- a/kernel/cgroup.c
> +++ b/kernel/cgroup.c
> @@ -4894,7 +4894,7 @@ static int cgroup_css_links_read(struct cgroup *cont,
>                struct css_set *cg = link->cg;
>                struct task_struct *task;
>                int count = 0;
> -               seq_printf(seq, "css_set %p\n", cg);
> +               seq_printf(seq, "css_set %pK\n", cg);
>                list_for_each_entry(task, &cg->tasks, cg_list) {
>                        if (count++ > MAX_TASKS_SHOWN_PER_CSS) {
>                                seq_puts(seq, "  ...\n");
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 7798181..2437ca4 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -2021,11 +2021,11 @@ static void __kprobes report_probe(struct seq_file *pi, struct kprobe *p,
>                kprobe_type = "k";
>
>        if (sym)
> -               seq_printf(pi, "%p  %s  %s+0x%x  %s ",
> +               seq_printf(pi, "%pK  %s  %s+0x%x  %s ",
>                        p->addr, kprobe_type, sym, offset,
>                        (modname ? modname : " "));
>        else
> -               seq_printf(pi, "%p  %s  %p ",
> +               seq_printf(pi, "%pK  %s  %pK ",
>                        p->addr, kprobe_type, p->addr);
>
>        if (!pp)
> diff --git a/kernel/lockdep_proc.c b/kernel/lockdep_proc.c
> index 1969d2f..215638d 100644
> --- a/kernel/lockdep_proc.c
> +++ b/kernel/lockdep_proc.c
> @@ -65,7 +65,7 @@ static int l_show(struct seq_file *m, void *v)
>                return 0;
>        }
>
> -       seq_printf(m, "%p", class->key);
> +       seq_printf(m, "%pK", class->key);
>  #ifdef CONFIG_DEBUG_LOCKDEP
>        seq_printf(m, " OPS:%8ld", class->ops);
>  #endif
> @@ -83,7 +83,7 @@ static int l_show(struct seq_file *m, void *v)
>
>        list_for_each_entry(entry, &class->locks_after, entry) {
>                if (entry->distance == 1) {
> -                       seq_printf(m, " -> [%p] ", entry->class->key);
> +                       seq_printf(m, " -> [%pK] ", entry->class->key);
>                        print_name(m, entry->class);
>                        seq_puts(m, "\n");
>                }
> @@ -152,7 +152,7 @@ static int lc_show(struct seq_file *m, void *v)
>                if (!class->key)
>                        continue;
>
> -               seq_printf(m, "[%p] ", class->key);
> +               seq_printf(m, "[%pK] ", class->key);
>                print_name(m, class);
>                seq_puts(m, "\n");
>        }
> @@ -502,7 +502,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data)
>                if (!i)
>                        seq_line(m, '-', 40-namelen, namelen);
>
> -               snprintf(ip, sizeof(ip), "[<%p>]",
> +               snprintf(ip, sizeof(ip), "[<%pK>]",
>                                (void *)class->contention_point[i]);
>                seq_printf(m, "%40s %14lu %29s %pS\n",
>                           name, stats->contention_point[i],
> @@ -517,7 +517,7 @@ static void seq_stats(struct seq_file *m, struct lock_stat_data *data)
>                if (!i)
>                        seq_line(m, '-', 40-namelen, namelen);
>
> -               snprintf(ip, sizeof(ip), "[<%p>]",
> +               snprintf(ip, sizeof(ip), "[<%pK>]",
>                                (void *)class->contending_point[i]);
>                seq_printf(m, "%40s %14lu %29s %pS\n",
>                           name, stats->contending_point[i],
> diff --git a/kernel/time/timer_stats.c b/kernel/time/timer_stats.c
> index 2f3b585..3069d0d 100644
> --- a/kernel/time/timer_stats.c
> +++ b/kernel/time/timer_stats.c
> @@ -272,7 +272,7 @@ static void print_name_offset(struct seq_file *m, unsigned long addr)
>        char symname[KSYM_NAME_LEN];
>
>        if (lookup_symbol_name(addr, symname) < 0)
> -               seq_printf(m, "<%p>", (void *)addr);
> +               seq_printf(m, "<%pK>", (void *)addr);
>        else
>                seq_printf(m, "%s", symname);
>  }
>
>
>

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Dan Rosenberg]

On Wed, 2011-01-19 at 00:52 +0200, Alexey Dobriyan wrote:
> On Tue, Jan 18, 2011 at 05:51:18PM -0500, Dan Rosenberg wrote:
> > Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
> > configuring the level of exposure of kernel pointers via the
> > kptr_restrict sysctl.
> 
> > --- a/kernel/lockdep_proc.c
> > +++ b/kernel/lockdep_proc.c
> 
> /proc/lockdep is r--------
> /proc/lockdep_chains is r--------
> /proc/lock_stat is rw-------
> 
> Is this supposed to mean something?

It's certainly not a priority to switch these particular interfaces over
since they aren't exposed to unprivileged users.  However, when
kptr_restrict is set to 2, kernel pointers aren't exposed at all, even
to root.  Changing to %pK will certainly have no negative effect with
the default setting of 1 (hide when the reader does not have
CAP_SYSLOG).

Let me know if you're opposed and I can re-send a version that doesn't
touch these files.

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Masami Hiramatsu]

(2011/01/19 7:51), Dan Rosenberg wrote:
> Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
> configuring the level of exposure of kernel pointers via the
> kptr_restrict sysctl.

This report_probe interface is at /sys/kernel/debug/kprobes/list.
Is that policy applied to debugfs interface (for debug) too?
# in that case, you might update ftrace and perf tracing interfaces...

> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 7798181..2437ca4 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -2021,11 +2021,11 @@ static void __kprobes report_probe(struct seq_file *pi, struct kprobe *p,
>  		kprobe_type = "k";
>  
>  	if (sym)
> -		seq_printf(pi, "%p  %s  %s+0x%x  %s ",
> +		seq_printf(pi, "%pK  %s  %s+0x%x  %s ",
>  			p->addr, kprobe_type, sym, offset,
>  			(modname ? modname : " "));
>  	else
> -		seq_printf(pi, "%p  %s  %p ",
> +		seq_printf(pi, "%pK  %s  %pK ",
>  			p->addr, kprobe_type, p->addr);
>  
>  	if (!pp)


-- 
Masami HIRAMATSU
2nd Dept. Linux Technology Center
Hitachi, Ltd., Systems Development Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Dan Rosenberg]

On Wed, 2011-01-19 at 10:29 +0900, Masami Hiramatsu wrote:
> (2011/01/19 7:51), Dan Rosenberg wrote:
> > Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
> > configuring the level of exposure of kernel pointers via the
> > kptr_restrict sysctl.
> 
> This report_probe interface is at /sys/kernel/debug/kprobes/list.
> Is that policy applied to debugfs interface (for debug) too?
> # in that case, you might update ftrace and perf tracing interfaces...
> 

There's no reason to not update ftrace and perf too, since I'd assume no
one is using debugging interfaces without root privileges anyway.  I'll
add them to my list.

> > diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> > index 7798181..2437ca4 100644
> > --- a/kernel/kprobes.c
> > +++ b/kernel/kprobes.c
> > @@ -2021,11 +2021,11 @@ static void __kprobes report_probe(struct seq_file *pi, struct kprobe *p,
> >  		kprobe_type = "k";
> >  
> >  	if (sym)
> > -		seq_printf(pi, "%p  %s  %s+0x%x  %s ",
> > +		seq_printf(pi, "%pK  %s  %s+0x%x  %s ",
> >  			p->addr, kprobe_type, sym, offset,
> >  			(modname ? modname : " "));
> >  	else
> > -		seq_printf(pi, "%p  %s  %p ",
> > +		seq_printf(pi, "%pK  %s  %pK ",
> >  			p->addr, kprobe_type, p->addr);
> >  
> >  	if (!pp)
> 
> 
> -- 
> Masami HIRAMATSU
> 2nd Dept. Linux Technology Center
> Hitachi, Ltd., Systems Development Laboratory
> E-mail: masami.hiramatsu.pt@hitachi.com

Re: [PATCH] Switch proc interfaces in kernel/ to %pK

[Masami Hiramatsu]

(2011/01/20 0:04), Dan Rosenberg wrote:
> On Wed, 2011-01-19 at 10:29 +0900, Masami Hiramatsu wrote:
>> (2011/01/19 7:51), Dan Rosenberg wrote:
>>> Switch users of %p in /proc interfaces in kernel/ to %pK, to allow
>>> configuring the level of exposure of kernel pointers via the
>>> kptr_restrict sysctl.
>>
>> This report_probe interface is at /sys/kernel/debug/kprobes/list.
>> Is that policy applied to debugfs interface (for debug) too?
>> # in that case, you might update ftrace and perf tracing interfaces...
>>
> 
> There's no reason to not update ftrace and perf too, since I'd assume no
> one is using debugging interfaces without root privileges anyway.  I'll
> add them to my list.

OK, I see.

Acked-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>


>>> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
>>> index 7798181..2437ca4 100644
>>> --- a/kernel/kprobes.c
>>> +++ b/kernel/kprobes.c
>>> @@ -2021,11 +2021,11 @@ static void __kprobes report_probe(struct seq_file *pi, struct kprobe *p,
>>>  		kprobe_type = "k";
>>>  
>>>  	if (sym)
>>> -		seq_printf(pi, "%p  %s  %s+0x%x  %s ",
>>> +		seq_printf(pi, "%pK  %s  %s+0x%x  %s ",
>>>  			p->addr, kprobe_type, sym, offset,
>>>  			(modname ? modname : " "));
>>>  	else
>>> -		seq_printf(pi, "%p  %s  %p ",
>>> +		seq_printf(pi, "%pK  %s  %pK ",
>>>  			p->addr, kprobe_type, p->addr);
>>>  
>>>  	if (!pp)
>>
>>
>> -- 
>> Masami HIRAMATSU
>> 2nd Dept. Linux Technology Center
>> Hitachi, Ltd., Systems Development Laboratory
>> E-mail: masami.hiramatsu.pt@hitachi.com
> 
> 


-- 
Masami HIRAMATSU
2nd Dept. Linux Technology Center
Hitachi, Ltd., Systems Development Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com