Hi Tobin,
On Mon, 2018-01-29 at 15:51 +1100, Tobin C. Harding wrote:
> Currently script only supports x86_64 and ppc64. It would be nice to be
> able to scan 32-bit machines also. We can add support for
> 32-bit architectures by modifying how we check for false positives,
> taking advantage of t
As a follow-up, pl see below some quick test cases on an emulated ARM32
platform (the Yocto-based qemuarm32 ARM Versatile):
root@qemuarm:~# ./leaking_addresses.pl
FATAL: Script does not recognize your architecture
$ uname -m
armv5tejl
root@qemuarm:~
The script now attempts to detect the architecture it's running upon; as of now,
we explicitly support x86_64, PPC64, ARM64, MIPS64 and x86_32.
If it's one of them, we proceed "normally". If we fail to detect the arch,
we fallback to 64-bit scanning, _unless_ the user has passed either of these
op
The script attempts to detect the architecture it's running upon; as of now,
we explicitly support x86_64, PPC64 and x86_32.
If it's one of them, we proceed "normally". If we fail to detect the arch,
we fallback to 64-bit scanning, unless the user has passed either of these
option switches: "--32-b
On Thu, 2017-12-07 at 10:01 +1100, Tobin C. Harding wrote:
> On Wed, Dec 06, 2017 at 05:21:30PM +0530, kaiwan.billimo...@gmail.com wrote:
> > On Wed, 2017-12-06 at 15:04 +1100, Tobin C. Harding wrote:
> > >
> > Sure, lets try for a generic ver!
>
> Cool.
>
> > Thanks for your help on this..
>
>
Currently, leaking_addresses.pl only supports scanning 64 bit
architectures. This is due to how the regular expressions are formed. We
can do better than this. 32 architectures can be supported if we take
into consideration the kernel virtual address split (via the PAGE_OFFSET
kernel configurable).
On Wed, 2017-12-06 at 17:21 +0530, kaiwan.billimo...@gmail.com wrote:
> On Wed, 2017-12-06 at 15:04 +1100, Tobin C. Harding wrote:
> > On Tue, Dec 05, 2017 at 11:56:44AM +0530, kaiwan.billimo...@gmail.com wrote:
> > > Currently, leaking_addresses.pl only supports scanning 64 bit
> > > architectures
On Wed, 2017-12-06 at 15:04 +1100, Tobin C. Harding wrote:
> On Tue, Dec 05, 2017 at 11:56:44AM +0530, kaiwan.billimo...@gmail.com wrote:
> > Currently, leaking_addresses.pl only supports scanning 64 bit
> > architectures. This is due to how the regular expressions are formed. We
> > can do better
Currently, leaking_addresses.pl only supports scanning 64 bit
architectures. This is due to how the regular expressions are formed. We
can do better than this. 32 architectures can be supported if we take
into consideration the kernel virtual address split (via the PAGE_OFFSET
kernel configurable).
On Mon, 2017-12-04 at 19:21 +1100, Tobin C. Harding wrote:
> On Mon, Dec 04, 2017 at 10:51:53AM +0530, Kaiwan N Billimoria wrote:
> > > ---
> > diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
> > index 9906dcf8b807..260b52e456f1 100755
> > --- a/scripts/leaking_addresses.pl
On Mon, 2017-12-04 at 11:11 +1100, Tobin C. Harding wrote:
> On Fri, Dec 01, 2017 at 06:39:07PM +0530, kaiwan.billimo...@gmail.com wrote:
> > @@ -267,7 +266,7 @@ sub is_false_positive
> > sub is_false_positive_ix86_32
> > {
> > my ($match) = @_;
> > - state $page_offset = get_page_offset()
Hi,
Applies upon the previous one in this thread.
Found and fixed some minor issues with light testing on a 32-bit x86.
(I realize this isn't an ideal description, forgive me!).
Have also emitted a 'noisy' warning on PAGE_OFFSET fallback to 0xc.
Signed-off-by: Kaiwan N Billimoria
---
s
Currently, leaking_addresses.pl only supports scanning and displaying 'leaked'
64-bit kernel virtual addresses. We can scan for and display 'leaked' 32-bit
kernel virtual addresses as well.
Briefly, the way it works: once it detects we're running on an i'x'86 platform,
(where x=3|4|5|6), it takes
The current leaking_addresses.pl script only supports showing "leaked"
64-bit kernel virtual addresses. This patch modifies the "help" screen in the
following manner:
- the '--raw', '--suppress-dmesg', '--squash-by-path' and '--squash-by-filename'
option switches are only meaningful when the '--i
The current leaking_addresses.pl script only supports showing "leaked"
64-bit kernel virtual addresses. This patch adds support for showing
"leaked" 32-bit kernel virtual addresses. It also takes into account Tobin's
feedback on the previous iteration. (Note: this patch is meant to apply on
the 'le
The current leaking_addresses.pl script only supports showing "leaked"
64-bit kernel virtual addresses. This patch adds support for showing
"leaked" 32-bit kernel virtual addresses.
The way it currently works- once it detects we're running on an i'x'86 platform
(where x=3|4|5|6), it takes this arc
On Mon, 2017-11-13 at 09:21 +1100, Tobin C. Harding wrote:
> On Fri, Nov 10, 2017 at 07:26:34PM +0530, kaiwan.billimo...@gmail.com
> wrote:
> > On Tue, 2017-11-07 at 21:32 +1100, Tobin C. Harding wrote:
> > > Currently we are leaking addresses from the kernel to user space.
> > > This
> > > script
On Tue, 2017-11-07 at 21:32 +1100, Tobin C. Harding wrote:
> Currently we are leaking addresses from the kernel to user space.
> This
> script is an attempt to find some of those leakages. Script parses
> `dmesg` output and /proc and /sys files for hex strings that look
> like
> kernel addresses.
>
18 matches
Mail list logo
