Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Oct 2017 22:20:08 -0700
From: Joe Perches <joe@...ches.com>
To: "Tobin C. Harding" <me@...in.cc>, kernel-hardening@...ts.openwall.com
Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Kees Cook
 <keescook@...omium.org>, Paolo Bonzini <pbonzini@...hat.com>, Tycho
 Andersen <tycho@...ker.com>, "Roberts, William C"
 <william.c.roberts@...el.com>,  Tejun Heo <tj@...nel.org>, Jordan Glover
 <Golden_Miller83@...tonmail.ch>, Greg KH <gregkh@...uxfoundation.org>, Petr
 Mladek <pmladek@...e.com>, Ian Campbell <ijc@...lion.org.uk>, Sergey
 Senozhatsky <sergey.senozhatsky@...il.com>,  Catalin Marinas
 <catalin.marinas@....com>, Will Deacon <will.deacon@....com>, Steven
 Rostedt <rostedt@...dmis.org>,  Chris Fries <cfries@...gle.com>, Dave
 Weinstein <olorin@...gle.com>, Daniel Micay <danielmicay@...il.com>, 
 Djalal Harouni <tixxdz@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] printk: hash addresses printed with %p

On Tue, 2017-10-17 at 15:52 +1100, Tobin C. Harding wrote:
> Currently there are many places in the kernel where addresses are being
> printed using an unadorned %p. Kernel pointers should be printed using
> %pK allowing some control via the kptr_restrict sysctl. Exposing addresses
> gives attackers sensitive information about the kernel layout in memory.
> 
> We can reduce the attack surface by hashing all addresses printed with
> %p. This will of course break some users, forcing code printing needed
> addresses to be updated.
> 
> For what it's worth, usage of unadorned %p can be broken down as follows
> 
>     git grep '%p[^KFfSsBRrbMmIiEUVKNhdDgCGO]' | wc -l

Not really.
There are many asm uses included there

I think a better grep is:

$ git grep -E '%p[^A-Za-z0-9]' | cut -f1 -d"/" | sort | uniq -c
   1084 arch
     20 block
     10 crypto
     32 Documentation
   8121 drivers
   1221 fs
    143 include
    101 kernel
     69 lib
    100 mm
   1510 net
     40 samples
      7 scripts
     11 security
    166 sound
    152 tools
      2 virt

> arch: 2512

arch is especially overestimated.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ