On Tue, Apr 3, 2018 at 2:31 PM, Steven Rostedt <rost...@goodmis.org> wrote: > From: Steven Rostedt (VMware) <rost...@goodmis.org> > > While debugging an issue I needed to see if the pointers were being > processed correctly with trace_printk() and after using "%p" and > triggering my bug and trace output, I was disappointed that all my > pointers were random garbage and didn't produce anything useful for me. > I had to rewrite all the trace_printk()s to use "%lx" instead. > > As trace_printk() is not to be used for anything but debugging, and > this is enforced by printing in the dmesg: > > ********************************************************** > ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** > ** ** > ** trace_printk() being used. Allocating extra memory. ** > ** ** > ** This means that this is a DEBUG kernel and it is ** > ** unsafe for production use. ** > ** ** > ** If you see this message and you are not debugging ** > ** the kernel, report this immediately to your vendor! ** > ** ** > ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** > ********************************************************** > > on boot up if trace_printk() is used (or when a module is loaded that > uses trace_printk()), we can safely assume that the use of > trace_printk() is not going to be accidentally added to production code > (and if it is, they should be whacked with an overcooked spaghetti > noodle). > > A static_key is added called "trace_debug" and if it is set, then %p will > not be hashed.
Hrm, well, using a static key does make it weirder for an attacker to enable. :) Whatever the case, if you can get Linus's Ack, sure. I would expect he'd want you to change all the trace_printk()s to %px with justifications, though. -Kees -- Kees Cook Pixel Security
