On Thu, Sep 1, 2016 at 6:09 AM, Josh Poimboeuf wrote:
>
> I'm wonder if it might be useful to encode the addresses somehow; they
> could conceivably be used to debug use-after-free issues. Or we could
> just remove them.
I suspect we should just remove them. I'm sure they are useful in
theory, b
On Wed, Aug 31, 2016 at 10:15:19AM -0700, Linus Torvalds wrote:
> So I think the patch is good, and I think the oops looks great, but I
> think we should also just remove the stack dump. Sure, the register
> state *can* contain these things too, but almost never do (and didn't,
> in this example).
On Wed, Aug 31, 2016 at 9:53 AM, Josh Poimboeuf wrote:
>
> Here's an example of what a stack dump looks like after this change:
Looks good, but it also shows:
> RSP: 0018:c98f3a68 EFLAGS: 00010246
Ok, we know the stack pointer now...
> RBP: c98f3a80 R08: 0002a014a073 R
On Wed, Aug 24, 2016 at 02:37:21PM -0400, Linus Torvalds wrote:
> On Wed, Aug 24, 2016 at 2:22 PM, Peter Zijlstra wrote:
> >
> > I actively disable KASLR on my dev box and feed these hex numbers into
> > addr2line -ie vmlinux to find where in the function we are.
> >
> > Having the option to make
On Thu, Aug 25, 2016 at 11:12:40PM -0700, Linus Torvalds wrote:
> On Aug 25, 2016 10:57 PM, "Josh Poimboeuf" wrote:
> >
> > But I still don't quite understand your statement that dmesg_restrict is
> > only useful for locked down systems.
> >
> > To prevent kernel address disclosure, it seems we al
On Thu, Aug 25, 2016 at 09:40:12PM -0700, Linus Torvalds wrote:
> On Thu, Aug 25, 2016 at 8:19 PM, Josh Poimboeuf wrote:
> > So yes, dmesg_restrict sounds useful to me. It's a way to prevent users
> > from seeing kernel addresses without affecting my ability to debug
> > issues. For a locked dow
On Thu, Aug 25, 2016 at 8:19 PM, Josh Poimboeuf wrote:
> For an oops, there are other opportunities for address leakage besides
> the stack trace function addresses. There's the raw stack dump which
> dumps the first 12 stack entries. And there's the register dump. I'm
> pretty sure we don't wa
On Thu, Aug 25, 2016 at 02:23:35PM -0700, Linus Torvalds wrote:
> On Aug 25, 2016 2:08 PM, "Josh Poimboeuf" wrote:
> >
> > Ah, the plot thickens. I didn't know about 'dmesg_restrict'. So I
> > guess we don't have to restrict the stack dump addresses after all,
> > since the entire dmesg buffer i
On Thu, Aug 25, 2016 at 5:23 PM, Linus Torvalds
wrote:
> On Aug 25, 2016 2:08 PM, "Josh Poimboeuf" wrote:
>>
>> Ah, the plot thickens. I didn't know about 'dmesg_restrict'. So I
>> guess we don't have to restrict the stack dump addresses after all,
>> since the entire dmesg buffer is protected
On Thu, Aug 25, 2016 at 04:41:29PM -0400, Kees Cook wrote:
> On Thu, Aug 25, 2016 at 1:49 PM, Josh Poimboeuf wrote:
> > On Wed, Aug 24, 2016 at 02:37:07PM -0500, Josh Poimboeuf wrote:
> >> On Wed, Aug 24, 2016 at 02:37:21PM -0400, Linus Torvalds wrote:
> >> > On Wed, Aug 24, 2016 at 2:22 PM, Peter
On Thu, Aug 25, 2016 at 1:49 PM, Josh Poimboeuf wrote:
> On Wed, Aug 24, 2016 at 02:37:07PM -0500, Josh Poimboeuf wrote:
>> On Wed, Aug 24, 2016 at 02:37:21PM -0400, Linus Torvalds wrote:
>> > On Wed, Aug 24, 2016 at 2:22 PM, Peter Zijlstra
>> > wrote:
>> > >
>> > > I actively disable KASLR on m
On Wed, Aug 24, 2016 at 02:37:07PM -0500, Josh Poimboeuf wrote:
> On Wed, Aug 24, 2016 at 02:37:21PM -0400, Linus Torvalds wrote:
> > On Wed, Aug 24, 2016 at 2:22 PM, Peter Zijlstra
> > wrote:
> > >
> > > I actively disable KASLR on my dev box and feed these hex numbers into
> > > addr2line -ie v
On Wed, 2016-08-24 at 14:24 -0500, Josh Poimboeuf wrote:
> On Wed, Aug 24, 2016 at 12:07:06PM -0700, Joe Perches wrote:
> > On Wed, 2016-08-24 at 13:43 -0500, Josh Poimboeuf wrote:
> > > On Wed, Aug 24, 2016 at 10:28:38AM -0700, Joe Perches wrote:
> > > > On Wed, 2016-08-24 at 11:50 -0500, Josh Poi
On Wed, Aug 24, 2016 at 02:37:21PM -0400, Linus Torvalds wrote:
> On Wed, Aug 24, 2016 at 2:22 PM, Peter Zijlstra wrote:
> >
> > I actively disable KASLR on my dev box and feed these hex numbers into
> > addr2line -ie vmlinux to find where in the function we are.
> >
> > Having the option to make
On Wed, Aug 24, 2016 at 12:07:06PM -0700, Joe Perches wrote:
> On Wed, 2016-08-24 at 13:43 -0500, Josh Poimboeuf wrote:
> > On Wed, Aug 24, 2016 at 10:28:38AM -0700, Joe Perches wrote:
> > > On Wed, 2016-08-24 at 11:50 -0500, Josh Poimboeuf wrote:
> > > > Change printk_stack_address() to be useful
On Wed, 2016-08-24 at 13:43 -0500, Josh Poimboeuf wrote:
> On Wed, Aug 24, 2016 at 10:28:38AM -0700, Joe Perches wrote:
> > On Wed, 2016-08-24 at 11:50 -0500, Josh Poimboeuf wrote:
> > > Change printk_stack_address() to be useful when called by an unwinder
> > > outside the context of dump_trace().
On Wed, Aug 24, 2016 at 12:50 PM, Josh Poimboeuf wrote:
> Change printk_stack_address() to be useful when called by an unwinder
> outside the context of dump_trace().
...
> printk("%s [<%p>] %s%pB\n",
> - (char *)data, (void *)address, reliable ? "" : "? ",
> +
On Wed, Aug 24, 2016 at 02:03:58PM -0400, Linus Torvalds wrote:
>
> For the non-kallsyms case we _could_ also just make the '%pB' format
> add the [<>] markers back in case somebody still uses the user-space
> kallsyms script that looks up hex numbers.
>
> Right now the hex numbers are not only
On Wed, Aug 24, 2016 at 10:28:38AM -0700, Joe Perches wrote:
> On Wed, 2016-08-24 at 11:50 -0500, Josh Poimboeuf wrote:
> > Change printk_stack_address() to be useful when called by an unwinder
> > outside the context of dump_trace().
> >
> > Specifically:
> >
> > - printk_stack_address()'s 'data
On Wed, Aug 24, 2016 at 2:22 PM, Peter Zijlstra wrote:
>
> I actively disable KASLR on my dev box and feed these hex numbers into
> addr2line -ie vmlinux to find where in the function we are.
>
> Having the option to make %pB generate them works for me.
Yeah, considering that this is the only pla
On Wed, 2016-08-24 at 11:50 -0500, Josh Poimboeuf wrote:
> Change printk_stack_address() to be useful when called by an unwinder
> outside the context of dump_trace().
>
> Specifically:
>
> - printk_stack_address()'s 'data' argument is always used as the log
> level string. Make that explicit.
Change printk_stack_address() to be useful when called by an unwinder
outside the context of dump_trace().
Specifically:
- printk_stack_address()'s 'data' argument is always used as the log
level string. Make that explicit.
- Call touch_nmi_watchdog().
Signed-off-by: Josh Poimboeuf
---
arc
22 matches
Mail list logo
