On Fri, Feb 05, 2021 at 12:25:22PM -0600, Timur Tabi wrote:
> I can extend make-printk-non-secret to %pK if everyone agrees.
Let's just leave those alone. There is already a toggle for that in
/proc.
--
Kees Cook
On 2/9/21 3:59 PM, Marco Elver wrote:
Would it be reasonable to make this non-static? Or somehow make it
possible to get this flag from other subsystems?
There are other places in the kernel that dump sensitive data such as
registers. We'd like to be able to use 'debug_never_hash_pointers'
On Tue, Feb 02, 2021 at 03:36PM -0600, Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed. This is useful for
> debugging purposes.
>
> A large warning message is displayed if this option is enabled,
> because
On 2/5/21 4:59 AM, Vlastimil Babka wrote:
Thanks a lot. Should this also affect %pK though? IIUC, there's currently no way
to achieve non-mangled %pK in all cases, even with the most permissive
kptr_restrict=1 setting:
- in IRQ, there's "pK-error" instead
- in a context of non-CAP_SYSLOG
On 2/2/21 10:36 PM, Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed. This is useful for
> debugging purposes.
>
> A large warning message is displayed if this option is enabled,
> because unhashed addresses,
On Wed 2021-02-03 15:47:27, Steven Rostedt wrote:
> On Wed, 3 Feb 2021 12:35:07 -0800
> Kees Cook wrote:
>
> > > With a big notice that all pointers of unhashed, I don't think we need to
> > > print it failed when we expect it to fail.
> > >
> > > If anything, skip the test and state:
> > >
>
On Wed, 3 Feb 2021 15:56:20 -0600
Timur Tabi wrote:
> On 2/3/21 2:47 PM, Steven Rostedt wrote:
> > static void __init
> > plain(void)
> > {
> > int err;
> >
> > + if (debug_never_hash_pointers)
> > + return;
>
> So, I have a stupid question. What's the best way for
On 2/3/21 2:47 PM, Steven Rostedt wrote:
static void __init
plain(void)
{
int err;
+ if (debug_never_hash_pointers)
+ return;
So, I have a stupid question. What's the best way for test_printf.c to
read the command line parameter? Should I just do this in
On Wed, 3 Feb 2021 12:35:07 -0800
Kees Cook wrote:
> > With a big notice that all pointers of unhashed, I don't think we need to
> > print it failed when we expect it to fail.
> >
> > If anything, skip the test and state:
> >
> > test_printf: hash test skipped because
On Wed, Feb 03, 2021 at 03:25:13PM -0500, Steven Rostedt wrote:
> On Wed, 3 Feb 2021 12:02:05 -0800
> Kees Cook wrote:
>
> > On Wed, Feb 03, 2021 at 12:58:41PM -0600, Timur Tabi wrote:
> > > On 2/3/21 7:31 AM, Petr Mladek wrote:
> > > > Also please make sure that lib/test_printf.c will work
On Wed, 3 Feb 2021 12:02:05 -0800
Kees Cook wrote:
> On Wed, Feb 03, 2021 at 12:58:41PM -0600, Timur Tabi wrote:
> > On 2/3/21 7:31 AM, Petr Mladek wrote:
> > > Also please make sure that lib/test_printf.c will work with
> > > the new option.
> >
> > As you suspected, it doesn't work:
> >
On Wed, Feb 03, 2021 at 12:58:41PM -0600, Timur Tabi wrote:
> On 2/3/21 7:31 AM, Petr Mladek wrote:
> > Also please make sure that lib/test_printf.c will work with
> > the new option.
>
> As you suspected, it doesn't work:
>
> [ 206.966478] test_printf: loaded.
> [ 206.966528] test_printf:
On Wed, Feb 03, 2021 at 12:58:41PM -0600, Timur Tabi wrote:
> On 2/3/21 7:31 AM, Petr Mladek wrote:
> > Also please make sure that lib/test_printf.c will work with
> > the new option.
>
> As you suspected, it doesn't work:
>
> [ 206.966478] test_printf: loaded.
> [ 206.966528] test_printf:
On 2/3/21 7:31 AM, Petr Mladek wrote:
Also please make sure that lib/test_printf.c will work with
the new option.
As you suspected, it doesn't work:
[ 206.966478] test_printf: loaded.
[ 206.966528] test_printf: plain 'p' does not appear to be hashed
[ 206.966740] test_printf: failed 1 out
On Wed 2021-02-03 10:54:24, Petr Mladek wrote:
> On Tue 2021-02-02 15:36:33, Timur Tabi wrote:
> > If the make-printk-non-secret command-line parameter is set, then
> > printk("%p") will print addresses as unhashed. This is useful for
> > debugging purposes.
> >
> > A large warning message is
On Tue 2021-02-02 15:36:33, Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed. This is useful for
> debugging purposes.
>
> A large warning message is displayed if this option is enabled,
> because unhashed
On 2/2/21 7:24 PM, Sergey Senozhatsky wrote:
> On (21/02/02 15:36), Timur Tabi wrote:
>> If the make-printk-non-secret command-line parameter is set, then
>> printk("%p") will print addresses as unhashed. This is useful for
>> debugging purposes.
>>
>> A large warning message is displayed if this
On (21/02/02 15:36), Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed. This is useful for
> debugging purposes.
>
> A large warning message is displayed if this option is enabled,
> because unhashed addresses,
If the make-printk-non-secret command-line parameter is set, then
printk("%p") will print addresses as unhashed. This is useful for
debugging purposes.
A large warning message is displayed if this option is enabled,
because unhashed addresses, while useful for debugging, exposes
kernel addresses
19 matches
Mail list logo