From mboxrd@z Thu Jan 1 00:00:00 1970 From: Sergey Senozhatsky Subject: Re: [PATCH] kallsyms: don't leak address when printing symbol Date: Thu, 9 Nov 2017 13:23:18 +0900 Message-ID: <20171109042318.GB775@jagdpanzerIV> References: <1510192229-20038-1-git-send-email-me@tobin.cc> <20171108223555.52c01531@vmware.local.home> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: "Tobin C. Harding" , kernel-hardening@lists.openwall.com, "Jason A. Donenfeld" , Theodore Ts'o , Linus Torvalds , Kees Cook , Paolo Bonzini , Tycho Andersen , "Roberts, William C" , Tejun Heo , Jordan Glover , Greg KH , Petr Mladek , Joe Perches , Ian Campbell , Sergey Senozhatsky , Catalin Marinas , Will Deacon , Chris Fries , Dave Weinstein Return-path: Content-Disposition: inline In-Reply-To: <20171108223555.52c01531@vmware.local.home> Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org On (11/08/17 22:35), Steven Rostedt wrote: > On Thu, 9 Nov 2017 12:50:29 +1100 > "Tobin C. Harding" wrote: > > > Currently if a pointer is printed using %p[ssB] and the symbol is not > > found (kallsyms_lookup() fails) then we print the actual address. This > > leaks kernel addresses. We should instead print something _safe_. > > > > Print "" instead of kernel address. > > Ug, ftrace requires this to work as is, as it uses it to print some > addresses that may or may not be a symbol. > > If anything, can this return a success or failure if it were to find a > symbol or not, and then something like ftrace could decide to use %x if > it does not. > > And yes, ftrace leaks kernel addresses all over the place, that's just > the nature of tracing the kernel. > agree, I kinda suspect that that "0x%lx" sometimes can be useful. at least one can tell if the frame is from modules or kernel, and objdump it may be. -ss