Re: [kernel-hardening] Re: [PATCH v2] printk: hash addresses printed with %p

From: Theodore Ts'o
Date: Wed Oct 18 2017 - 11:29:50 EST

Next message: Daniel Borkmann: "Re: [PATCH net 0/3] Fix for BPF devmap percpu allocation splat"
Previous message: Thomas Gleixner: "Re: [PATCH 2/2] perf/x86/intel/uncore: support IIO freerunning counter for SKX"
In reply to: Tobin C. Harding: "Re: [PATCH v2] printk: hash addresses printed with %p"
Next in thread: Steven Rostedt: "Re: [PATCH v2] printk: hash addresses printed with %p"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 18, 2017 at 01:28:05PM +1100, Tobin C. Harding wrote:
> > >> Does %p[FfSs] leak addresses? Well, I guess it does if they are not
> > >> found in kallsyms, but otherwise you have:
> > >>
> > >> function+0x<offset>
> > >
> >
> > They haven't traditionally been a big deal. If they turn out to be
> > problematic, we can deal with it then, IMO.

If it's not in kallsyms, the raw address is probably not going to be
terribly useful --- so even if it's not traditionally been a big deal,
why not just hash them if it's not going to be printed as "function+0x<offset>"?

If nothing else, it will help correlate the random address with other
places where it was printed via %p.

- Ted

Next message: Daniel Borkmann: "Re: [PATCH net 0/3] Fix for BPF devmap percpu allocation splat"
Previous message: Thomas Gleixner: "Re: [PATCH 2/2] perf/x86/intel/uncore: support IIO freerunning counter for SKX"
In reply to: Tobin C. Harding: "Re: [PATCH v2] printk: hash addresses printed with %p"
Next in thread: Steven Rostedt: "Re: [PATCH v2] printk: hash addresses printed with %p"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]