Hi Branislav,
On Tue, Oct 10, 2017 at 03:29:19PM +0200, Branislav Radocaj wrote:
> This is a patch to the radio-bcm2048.c file that fixes up
> a warning found by the checkpatch.pl tool.
>
> Signed-off-by: Branislav Radocaj
Nice work, a few git log nit picks for you to ensure your future kernel
ng algorithm is carried out in two stages. First the address is
xor'd by a random value then we multiply the xor production by a second
random value.
Signed-off-by: Tobin C. Harding
---
This is version 2 of the series (of which I sent only the cover letter,
failing to send the actual patches)
Hi Shreeya,
We don't usually add a period to the subject line for kernel patches. (reason:
we only have about
52 characters for the commit brief description so best not to waste any).
On Sat, Sep 30, 2017 at 01:30:34PM +0530, Shreeya Patel wrote:
> This patch removes unnecessary comments which a
On Sat, Sep 30, 2017 at 12:49:00PM +0530, Srishti Sharma wrote:
> Replaces instances of container_of with list_entry to
> access current list element.
>
> Srishti Sharma (6):
> Staging: rtl8188eu: core: Use list_entry instead of container_of
> Staging: rtl8188eu: core: Use list_entry instead
On Sat, Sep 30, 2017 at 07:41:11PM +0530, Shreeya Patel wrote:
> Remove unnecessary comments which are there
> to explain why call to memset is in comments. Both of the
> comments are not needed as they are not very useful.
>
>
> Signed-off-by: Shreeya Patel
> ---
> Changes in v2:
> -Remove so
Roberts
Signed-off-by: Tobin C. Harding
---
Documentation/printk-formats.txt | 8 +
Documentation/sysctl/kernel.txt | 4 +++
kernel/sysctl.c | 3 +-
lib/vsprintf.c | 78 ++--
scripts/checkpatch.pl| 2 +-
5
nly the janitor). Happy to add them if someone writes them.
thanks,
Tobin.
Tobin C. Harding (6):
lib: vsprintf: additional kernel pointer filtering options
lib: vsprintf: whitelist stack traces
lib: vsprintf: physical address kernel pointer filtering options
lib: vsprintf: default kptr_restric
Add %papP and %padP for address types that need to always be shown
regardless of kptr restrictions. Add %paP is a synonym for %papP, this
is inline with current implementation (%pa is a synonym for %pap).
Signed-off-by: Tobin C. Harding
---
Documentation/printk-formats.txt | 19
The address and size on the UIO devices are required by userspace to
function properly. Let's un-restrict these by adding the 'P' modifier
to %pa.
Signed-off-by: Tobin C. Harding
---
drivers/uio/uio.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/driv
Add the kptr_restrict setting of 4 which results in %pa and
%p[rR] values being cleansed.
Address types printed with %pa are replaced by zeros. Resources printed
with %p[rR] have the starting address replaced by zeros, resource size
is still shown.
Signed-off-by: Tobin C. Harding
Set the initial value of kptr_restrict to the maximum
setting rather than the minimum setting, to ensure that
early boot logging is not leaking information.
Signed-off-by: Tobin C. Harding
---
lib/vsprintf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/vsprintf.c b
Use the %pP functionality to explicitly allow kernel
pointers to be logged for stack traces.
Signed-off-by: Tobin C. Harding
---
arch/arm64/kernel/traps.c | 4 ++--
kernel/printk/printk.c| 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/kernel/traps.c b/arch
On Sun, Oct 01, 2017 at 11:06:44AM +1100, Tobin C. Harding wrote:
> Version 2 of Greg's patch series with changes made as suggested by comments
> to V1.
Patch set tested by setting /proc/sys/kernel/kptr_restrict and inserting the
following module
#include
#include
#define DR
On Sun, Oct 01, 2017 at 03:30:38PM -0400, Jérémy Lefaure wrote:
> Hi everyone,
> Using ARRAY_SIZE improves the code readability. I used coccinelle (I
> made a change to the array_size.cocci file [1]) to find several places
> where ARRAY_SIZE could be used instead of other macros or sizeof
> divisio
).
Signed-off-by: Tobin C. Harding
---
block/bio.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/block/bio.c b/block/bio.c
index b38e962..780aecc 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1925,6 +1925,9 @@ mempool_t *biovec_create_pool(int pool_entries)
void bioset_free(struct b
On Mon, Oct 02, 2017 at 11:42:05AM +0100, Will Deacon wrote:
> On Sun, Oct 01, 2017 at 11:06:46AM +1100, Tobin C. Harding wrote:
> > Use the %pP functionality to explicitly allow kernel
> > pointers to be logged for stack traces.
> >
> > Signed-off-by: Tobin C. Hardi
On Wed, Oct 11, 2017 at 06:02:47PM +0530, Shreeya Patel wrote:
> On Tue, 2017-10-10 at 11:06 +1100, Tobin C. Harding wrote:
> > On Tue, Oct 10, 2017 at 02:48:58AM +0530, Shreeya Patel wrote:
> > >
> > > Remove NULL pointer dereference as it results in undefined
> &
On Tue, Oct 10, 2017 at 09:06:50PM -0700, Joe Perches wrote:
> On Wed, 2017-10-11 at 14:48 +1100, Tobin C. Harding wrote:
> > Currently there are many places in the kernel where addresses are being
> > printed using an unadorned %p. Kernel pointers should be printed using
> &
Removing k...@vger.kernel.org from the CC list.
On Wed, Oct 11, 2017 at 01:48:58PM -0400, Theodore Ts'o wrote:
> On Wed, Oct 11, 2017 at 02:48:16PM +1100, Tobin C. Harding wrote:
> > +/*
> > + * Obfuscates pointer (algorithm taken from kptr_obfuscate(). See
> > kerne
, stops leaking addresses
and makes the buggy code
Signed-off-by: Tobin C. Harding
---
lib/vsprintf.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 86c3385b9eb3..155702f05b14 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -1775,6 +1775,8 @@ char
KVM currently prints the address of the consumer token. It is not
immediately clear what benefit it is to see this address. Printing
this address leaks kernel pointers into dmesg and is a security risk.
Remove the consumer token address from error message output.
Signed-off-by: Tobin C. Harding
message output, show vcpu ID instead.
Signed-off-by: Tobin C. Harding
---
virt/kvm/arm/arch_timer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt/kvm/arm/arch_timer.c b/virt/kvm/arm/arch_timer.c
index 8e89d63005c7..ca6c331cad28 100644
--- a/virt/kvm/arm/arch_timer.c
+++ b
On Mon, Oct 09, 2017 at 03:49:38AM -0400, Paolo Bonzini wrote:
>
>
> - Original Message -
> > From: "Tobin C. Harding"
> > To: "Paolo Bonzini" , rkrc...@redhat.com
> > Cc: k...@vger.kernel.org, linux-kernel@vger.kernel.org, "Tobin C. H
On Mon, Jun 19, 2017 at 03:28:19PM +, Kershner, David A wrote:
>
> > -Original Message-
> > From: Derek Robson [mailto:robso...@gmail.com]
> > Sent: Friday, June 16, 2017 11:13 PM
> > To: Kershner, David A ;
> > gre...@linuxfoundation.org; Sell, Timothy C ;
> > Binder, David Anthony ;
On Mon, Nov 27, 2017 at 04:57:30PM -0200, Mauro Carvalho Chehab wrote:
> Em Sat, 25 Nov 2017 08:44:19 +1100
> "Tobin C. Harding" escreveu:
>
> > There is currently very little documentation in the kernel on maintainer
> > level tasks. In particular there ar
patch 3 (trace stuff) untested :)
thanks,
Tobin.
Tobin C. Harding (3):
kallsyms: don't leak address when symbol not found
vsprintf: print if symbol not found
trace: print address if symbol not found
include/linux/kernel.h | 2 ++
kernel/kallsyms.c| 6
of printing address to argument buffer. Leave
buffer in a sane state.
Signed-off-by: Tobin C. Harding
---
kernel/kallsyms.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
index 531ffa984bc2..4bfa4ee3ce93 100644
--- a/kernel
ginal behaviour. We should not break
tracing when applying the previous patch. We can maintain the original
behaviour by checking the return code on calls to sprint_symbol() and
friends.
Check return code and print actual address on error (i.e symbol not
found).
Signed-off-by: Tobin C. Harding
--
dicate function string_is_no_symbol().
Signed-off-by: Tobin C. Harding
---
include/linux/kernel.h | 2 ++
lib/vsprintf.c | 18 +++---
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index ce51455e2adf..89e8
On Mon, Nov 27, 2017 at 07:01:23PM -0200, Mauro Carvalho Chehab wrote:
> Em Tue, 28 Nov 2017 07:53:03 +1100
> "Tobin C. Harding" escreveu:
>
> > On Mon, Nov 27, 2017 at 04:57:30PM -0200, Mauro Carvalho Chehab wrote:
> > > Em Sat, 25 Nov 2017 08:44:19 +1100
purpose.
Use the new %px specifier to print a unique identifier for the token.
Signed-off-by: Tobin C. Harding
---
virt/kvm/eventfd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c
index f2ac53ab8243..9c700fdf571c 100644
--- a/virt/kvm
f this is deemed too little and too slow we can always search
and replace '%p' with '%px'.
thanks,
Tobin.
Tobin C. Harding (5):
docs: correct documentation for %pK
vsprintf: refactor pK code out of pointer()
vsprintf: add specifier %px, unique identifier
KVM: use %px
Currently code to handle %pK is all within the switch statement in
pointer(). This is the wrong level of abstraction. Each of the other switch
clauses call a helper function, pK should do the same.
Refactor code out of pointer() to new function kernel_pointer().
Signed-off-by: Tobin C. Harding
Current documentation indicates that %pK prints a leading '0x'. This is
not the case.
Correct documentation for printk specifier %pK.
Signed-off-by: Tobin C. Harding
---
Documentation/printk-formats.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentat
purpose.
Use the new %px specifier to print a unique identifier for the token.
Signed-off-by: Tobin C. Harding
---
drivers/vfio/pci/vfio_pci_intrs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/vfio/pci/vfio_pci_intrs.c
b/drivers/vfio/pci/vfio_pci_intrs.c
index
identifier based on an address by hashing
the address first before printing.
Add printk specifier %px which hashes the address before printing.
Signed-off-by: Tobin C. Harding
---
lib/test_printf.c | 74 +++
lib/vsprintf.c| 71
On Mon, Nov 27, 2017 at 04:57:18PM -0800, Kees Cook wrote:
> On Mon, Nov 27, 2017 at 3:40 PM, Tobin C. Harding wrote:
> > Linus,
> >
> > I know you are bored of this patch set already and this pits your vast
> > experience against my eight months kernel dev experience ;
On Mon, Nov 27, 2017 at 04:52:21PM -0800, Kees Cook wrote:
> On Mon, Nov 27, 2017 at 2:30 PM, Tobin C. Harding wrote:
> > This is an RFC for two reasons.
> >
> > 1) I don't know who this patch set may break?
> > 2) Patch set includes a function that is not cal
On Mon, Nov 27, 2017 at 08:42:16AM +0530, kaiwan.billimo...@gmail.com wrote:
> Currently, leaking_addresses.pl only supports scanning and displaying 'leaked'
> 64-bit kernel virtual addresses. We can scan for and display 'leaked' 32-bit
> kernel virtual addresses as well.
Hi Kaiwan,
This is start
anged, 148 insertions(+), 20 deletions(-)
diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index bc578818..f03f2f140e0a 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -1,9 +1,11 @@
#!/usr/bin/env perl
#
# (c) 2017 Tobin C. Harding
On Tue, Nov 28, 2017 at 03:16:24PM +0200, Alexander Kapshuk wrote:
> On Tue, Nov 28, 2017 at 8:32 AM, Tobin C. Harding wrote:
> > Currently, leaking_addresses.pl only supports scanning 64 bit
> > architectures. This is due to how the regular expressions are formed. We
> > ca
r %px, unique identifier
[PATCH] printk: hash addresses printed with %p
[PATCH 0/3] add %pX specifier
[kernel-hardening] [RFC V2 0/6] add more kernel pointer filter options
Tobin C. Harding (5):
docs: correct documentation for %pK
vsprintf: refactor %pK code out of pointer()
printk: hash ad
11 security
166 sound
152 tools
2 virt
Add function ptr_to_id() to map an address to a 32 bit unique
identifier. Hash any unadorned usage of specifier %p and any malformed
specifiers.
Signed-off-by: Tobin C. Harding
---
Documentation/printk-formats.txt | 12
Current documentation indicates that %pK prints a leading '0x'. This is
not the case.
Correct documentation for printk specifier %pK.
Signed-off-by: Tobin C. Harding
---
Documentation/printk-formats.txt | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/Documentat
already existent 50 000 %lx call sites. Let's add specifier %px as a
clear, opt-in, way to print a pointer and maintain some level of
isolation from all the other hex integer output within the Kernel.
Add printk specifier %px to print the actual unmodified address.
Signed-off-by: Tobin C. Ha
Pointers printed with %p are now hashed by default. Kasan needs the
actual address. We can use the new printk specifier %px for this
purpose.
Use %px instead of %p to print addresses.
Signed-off-by: Tobin C. Harding
---
mm/kasan/report.c | 8
1 file changed, 4 insertions(+), 4
Currently code to handle %pK is all within the switch statement in
pointer(). This is the wrong level of abstraction. Each of the other switch
clauses call a helper function, pK should do the same.
Refactor code out of pointer() to new function restricted_pointer().
Signed-off-by: Tobin C
On Tue, Nov 28, 2017 at 09:39:57PM -0500, Steven Rostedt wrote:
> On Wed, 29 Nov 2017 13:05:02 +1100
> "Tobin C. Harding" wrote:
>
> > + /*
> > +* kptr_restrict==1 cannot be used in IRQ context
> > +* because its tes
On Tue, Nov 28, 2017 at 06:29:02PM -0800, Linus Torvalds wrote:
> On Tue, Nov 28, 2017 at 6:05 PM, Tobin C. Harding wrote:
> >
> >Let's add specifier %px as a
> > clear, opt-in, way to print a pointer and maintain some level of
> > isolation from all the oth
000
uses of %lx).
The added advantage of hashing %p is that security is now opt-out, if
you _really_ want the address you have to work a little harder and use
%px.
This will of course break some users, forcing code printing needed
addresses to be updated.
Signed-off-by: Tobin C.
On Thu, Nov 30, 2017 at 09:06:21AM -0200, Mauro Carvalho Chehab wrote:
> Em Thu, 30 Nov 2017 21:47:44 +1100
> "Tobin C. Harding" escreveu:
>
> > On Thu, Nov 30, 2017 at 07:01:19AM -0200, Mauro Carvalho Chehab wrote:
> > > Em Thu, 30 Nov 2017 12:55:07 +1100
d at the start of one of the
chapters and the original email thread is referenced in
'pull-requests.rst'.
Signed-off-by: Tobin C. Harding
Reviewed-by: Greg Kroah-Hartman
Reviewed-by: Mauro Carvalho Chehab
---
v4:
- Add tweaks from Mauro.
- Add reviewed-by tag for Mauro.
v3:
- M
On Fri, Dec 01, 2017 at 06:39:07PM +0530, kaiwan.billimo...@gmail.com wrote:
> Hi,
>
> Applies upon the previous one in this thread.
> Found and fixed some minor issues with light testing on a 32-bit x86.
> (I realize this isn't an ideal description, forgive me!).
>
> Have also emitted a 'noisy'
On Mon, Dec 04, 2017 at 10:11:21AM +0530, kaiwan.billimo...@gmail.com wrote:
> On Mon, 2017-12-04 at 11:11 +1100, Tobin C. Harding wrote:
> > On Fri, Dec 01, 2017 at 06:39:07PM +0530, kaiwan.billimo...@gmail.com wrote:
>
> > > @@ -267,7 +266,7 @@ sub is_fals
On Mon, Dec 04, 2017 at 10:51:53AM +0530, Kaiwan N Billimoria wrote:
> > On Mon, Dec 4, 2017 at 10:25 AM, Tobin C. Harding wrote:
> >>
> >> > With the 'eval', no warning, it's fine.
> >>
> >> Why not use hex()?
>
On Wed, Dec 06, 2017 at 10:18:49AM -0800, Randy Dunlap wrote:
Thanks for your comments Randy.
> On 12/05/2017 05:45 PM, Tobin C. Harding wrote:
> > Documentation/printk-formats.txt is a candidate for conversion to
> > ReStructuredText format. Some effort has already been
On Wed, Dec 06, 2017 at 11:23:25AM -0700, Jonathan Corbet wrote:
> On Wed, 6 Dec 2017 12:45:29 +1100
> "Tobin C. Harding" wrote:
>
> > Documentation/printk-formats.txt is a candidate for conversion to
> > ReStructuredText format. Some effort has already been made
On Wed, Dec 06, 2017 at 10:18:49AM -0800, Randy Dunlap wrote:
> On 12/05/2017 05:45 PM, Tobin C. Harding wrote:
> > Documentation/printk-formats.txt is a candidate for conversion to
> > ReStructuredText format. Some effort has already been made to do this
> > conversion even
On Wed, Dec 06, 2017 at 05:21:30PM +0530, kaiwan.billimo...@gmail.com wrote:
> On Wed, 2017-12-06 at 15:04 +1100, Tobin C. Harding wrote:
> > On Tue, Dec 05, 2017 at 11:56:44AM +0530, kaiwan.billimo...@gmail.com wrote:
> > > Currently, leaking_addresses.pl only suppor
On Wed, Dec 06, 2017 at 06:23:51PM +0530, kaiwan.billimo...@gmail.com wrote:
> On Wed, 2017-12-06 at 17:21 +0530, kaiwan.billimo...@gmail.com wrote:
> > On Wed, 2017-12-06 at 15:04 +1100, Tobin C. Harding wrote:
> > > On Tue, Dec 05, 2017 at 11:56:44AM +0530, kaiwan.bi
: Tobin C. Harding
---
Is there a proffered method for subscripts in sphinx kernel docs? Here
we use '[*]'
thanks,
Tobin.
Documentation/security/self-protection.rst | 14 ++
1 file changed, 14 insertions(+)
diff --git a/Documentation/security/self-protection.rst
b/Doc
Add checkpatch checks for Co-Developed-by tag.
Cc: Greg Kroah-Hartman
Signed-off-by: Tobin C. Harding
---
scripts/checkpatch.pl | 22 --
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 040aa79e1d9d..a7d2cdcec6a6 1
On Wed, Dec 06, 2017 at 04:43:40PM -0800, Kees Cook wrote:
> On Wed, Dec 6, 2017 at 4:26 PM, Tobin C. Harding wrote:
> > Hashing addresses printed with printk specifier %p was implemented
> > recently. During development a number of issues were raised regarding
> > leakin
On Thu, Dec 07, 2017 at 08:47:36AM +0530, kaiwan.billimo...@gmail.com wrote:
> Currently, leaking_addresses.pl only supports scanning 64 bit
> architectures. This is due to how the regular expressions are formed. We
> can do better than this. 32 architectures can be supported if we take
> into cons
: Tobin C. Harding
Co-Developed-by: Kaiwan N Billimoria
---
get_kernel_config_option() is not super clean, any improvements most welcome.
Kaiwan,
This needs your Signed-off-by tag if you want me to apply it with
the Co-Developed-tag
thanks,
Tobin.
scripts/leaking_addresses.pl | 64
Currently help output includes command examples. These were cute when we
first started development of this script but are unnecessary.
Remove command examples.
Signed-off-by: Tobin C. Harding
---
scripts/leaking_addresses.pl | 11 ---
1 file changed, 11 deletions(-)
diff --git a
,
Tobin.
Tobin C. Harding (5):
leaking_addresses: remove command examples
leaking_addresses: indent dependant options
leaking_addresses: add range check for vsyscall memory
leaking_addresses: add support for kernel config file
leaking_addresses: add support for 5 page table levels
scripts
A number of the command line options to script are dependant on the
option --input-raw being set. If we indent these options it makes
explicit this dependency.
Indent options dependant on --raw-input.
Signed-off-by: Tobin C. Harding
---
scripts/leaking_addresses.pl | 16
1
this value a correct regular expression can
be crafted. This only supports 5 page tables on x86_64.
Add support for 5 page table levels on x86_64.
Signed-off-by: Tobin C. Harding
---
scripts/leaking_addresses.pl | 60 ++--
1 file changed, 53 insertions(+), 7
Currently script checks only first and last address in the vsyscall
memory range. We can do better than this.
When checking for false positives against $match, convert $match to
a hexadecimal value then check if it lies within the range of vsyscall
addresses.
Signed-off-by: Tobin C. Harding
On Wed, Dec 06, 2017 at 09:32:14AM +0100, Geert Uytterhoeven wrote:
> Hi Linus,
>
> On Wed, Dec 6, 2017 at 2:59 AM, Linus Torvalds
> wrote:
> > On Tue, Dec 5, 2017 at 5:36 PM, Sergey Senozhatsky
> > wrote:
> >> I see some %p-s being used in _supposedly_ important output,
> >> like arch/x86/mm/fa
On Wed, Dec 06, 2017 at 05:45:37PM +0900, Sergey Senozhatsky wrote:
> On (12/06/17 09:32), Geert Uytterhoeven wrote:
> [..]
> > >> show_fault_oops(struct pt_regs *regs, unsigned long error_code,
> > >> unsigned long address)
> > >> ...
> > >> printk(KERN_CONT " at %p\n", (vo
On Thu, Dec 07, 2017 at 09:41:58AM +0530, kaiwan.billimo...@gmail.com wrote:
> On Thu, 2017-12-07 at 10:01 +1100, Tobin C. Harding wrote:
> > On Wed, Dec 06, 2017 at 05:21:30PM +0530, kaiwan.billimo...@gmail.com wrote:
> > > On Wed, 2017-12-06 at 15:04 +1100, Tobi
On Wed, Dec 06, 2017 at 04:39:58PM -0800, Randy Dunlap wrote:
> On 12/06/2017 01:16 PM, Tobin C. Harding wrote:
> > On Wed, Dec 06, 2017 at 10:18:49AM -0800, Randy Dunlap wrote:
> >
> > Thanks for your comments Randy.
> >
>
> >>> Documentation/
backticks (to commas).
- Simplify documentation for kobject.
- Convert lib/vsnprintf.c function docs to use kernel-docs and
include in Documentation/printk-formats.rst
Signed-off-by: Tobin C. Harding
---
v2:
- Revert to use ASCII table.
- Implement (or revert) changes as suggested by Ra
Please drop this patch, needs amendment (commented inline).
On Thu, Dec 07, 2017 at 11:26:38AM +1100, Tobin C. Harding wrote:
> Hashing addresses printed with printk specifier %p was implemented
> recently. During development a number of issues were raised regarding
> leaking kernel add
On Thu, Dec 07, 2017 at 08:44:37AM +0100, Markus Heiser wrote:
>
> > Am 07.12.2017 um 06:49 schrieb Tobin C. Harding :
> >
> > Documentation/printk-formats.txt is a candidate for conversion to
> > ReStructuredText format. Some effort has already been made to do this
On Thu, Dec 07, 2017 at 08:26:58AM -0800, Joe Perches wrote:
> On Thu, 2017-12-07 at 11:59 +1100, Tobin C. Harding wrote:
> > Recently signature tag Co-Developed-by was added to the
> > kernel (Documentation/process/5.Posting.rst). checkpatch.pl doesn't know
> > about i
On Wed, Dec 06, 2017 at 02:37:08PM +1100, Tobin C. Harding wrote:
> Usage of the new %px specifier potentially leaks sensitive
> inforamtion. Printing kernel addresses exposes the kernel layout in
> memory, this is potentially exploitable. We have tools in the kernel to
> help us
On Fri, Dec 08, 2017 at 08:06:53AM +1100, Tobin C. Harding wrote:
> On Wed, Dec 06, 2017 at 02:37:08PM +1100, Tobin C. Harding wrote:
> > Usage of the new %px specifier potentially leaks sensitive
> > inforamtion. Printing kernel addresses exposes the kernel layout in
>
On Thu, Dec 07, 2017 at 01:52:56PM -0700, Jonathan Corbet wrote:
> On Fri, 8 Dec 2017 07:44:34 +1100
> "Tobin C. Harding" wrote:
>
> > Where is Jon's tree hosted please, I don't see it on kernel.org
>
> From the MAINTAINERS file:
>
> T:
On Thu, Dec 07, 2017 at 01:52:56PM -0700, Jonathan Corbet wrote:
> On Fri, 8 Dec 2017 07:44:34 +1100
> "Tobin C. Harding" wrote:
>
> > Where is Jon's tree hosted please, I don't see it on kernel.org
>
> From the MAINTAINERS file:
>
> T:
On Thu, Dec 07, 2017 at 01:52:56PM -0700, Jonathan Corbet wrote:
> On Fri, 8 Dec 2017 07:44:34 +1100
> "Tobin C. Harding" wrote:
>
> > Where is Jon's tree hosted please, I don't see it on kernel.org
>
> From the MAINTAINERS file:
>
> T:
On Thu, Dec 07, 2017 at 08:44:37AM +0100, Markus Heiser wrote:
>
> > Am 07.12.2017 um 06:49 schrieb Tobin C. Harding :
> >
> > Documentation/printk-formats.txt is a candidate for conversion to
> > ReStructuredText format. Some effort has already been made to do this
On Thu, Dec 07, 2017 at 02:30:53PM -0700, Jonathan Corbet wrote:
> On Fri, 8 Dec 2017 08:21:09 +1100
> "Tobin C. Harding" wrote:
>
> > Unless I'm a proper wombat that entry is not in the mainline MAINTAINERS
> > file.
>
> Um...from current git...
F
apply on top of Jon's docs-next tree (at time of writing at
rc-1) because of commit made to lib/vsprintf.c)
thanks,
Tobin.
Tobin C. Harding (3):
doc: convert printk-formats.txt to rst
doc: update kpt_restrict documentation
doc: add documentation on printing kernel addresses
Do
backticks (to commas).
- Simplify documentation for kobject.
- Convert lib/vsnprintf.c function docs to use kernel-docs and
include in Documentation/printk-formats.rst
Signed-off-by: Tobin C. Harding
---
Documentation/00-INDEX | 2 -
Documentation/core-api
Recently the behaviour of printk specifier %pK was changed. The
documentation does not currently mirror this.
Update documentation for sysctl kpt_restrict.
Reported-by: Alexander Popov
Signed-off-by: Tobin C. Harding
---
Documentation/sysctl/kernel.txt | 3 ++-
1 file changed, 2 insertions
printing kernel addresses.
Signed-off-by: Tobin C. Harding
Acked-by: Kees Cook
---
Documentation/security/self-protection.rst | 15 +++
1 file changed, 15 insertions(+)
diff --git a/Documentation/security/self-protection.rst
b/Documentation/security/self-protection.rst
index
checkpatch currently contains duplicate code. We can define a sub
routine and call that instead. This reduces code duplication and line
count.
Add subroutine get_stat_real()
Signed-off-by: Tobin C. Harding
---
scripts/checkpatch.pl | 31 +++
1 file changed, 15
checkpatch currently contains duplicate code. We can define a sub
routine and call that instead. This reduces code duplication and line
count.
Add subroutine get_stat_here()
Signed-off-by: Tobin C. Harding
---
scripts/checkpatch.pl | 54 +++
1
%px.
Have checkpatch emit a warning for usage of specifier %px.
Signed-off-by: Tobin C. Harding
Co-Developed-by: Joe Perches
Acked-by: Joe Perches
---
scripts/checkpatch.pl | 31 ---
1 file changed, 24 insertions(+), 7 deletions(-)
diff --git a/scripts/checkpatch.pl
r the
new tag.
Cc: Greg Kroah-Hartman
Reviewed-by: Greg Kroah-Hartman
Signed-off-by: Tobin C. Harding
---
Greg,
This patch has the same brief commit and achieves the same aim as the
code you reviewed. I'm adding your tag here even though the code is
totally different. I believe you were rev
ew was implying.
The Joe Perches patch is from LKML with minor adjustments after
testing. Needs review please.
As discussed, if this is all ok it will go through Tobin's tree.
thanks,
Tobin.
Joe Perches (1):
checkpatch: add check for tag Co-Developed-by
Tobin C. Harding (3):
checkpa
d function ptr_to_id() to map an address to a 32 bit unique identifier.
Signed-off-by: Tobin C. Harding
---
V6:
- Use __early_initcall() to fill the SipHash key.
- Use static keys to guard hashing before the key is available.
V5:
- Remove spin lock.
- Add Jason A. Donenfeld to CC list by
On Thu, Oct 19, 2017 at 07:49:06AM +0200, Jason A. Donenfeld wrote:
> A small detail carried over from the other thread:
>
> >
> > but a bigger problem might the following thing:
> >
> > vscnprintf()
> > pointer()
> > ptr_to_id()
> >initialize_ptr_secret()
> > get_random_bytes()
> >
d function ptr_to_id() to map an address to a 32 bit unique identifier.
Signed-off-by: Tobin C. Harding
---
V7:
- Use tabs instead of spaces (ouch!).
V6:
- Use __early_initcall() to fill the SipHash key.
- Use static keys to guard hashing before the key is available.
V5:
- Remove
On Tue, Oct 24, 2017 at 01:00:03AM +0200, Jason A. Donenfeld wrote:
> Provided you've tested this and the static_key guard stuff actually
> works as intended,
I tested by inserting a simple module that calls printf() with a bunch of
different specifiers. So it's tested but not stress tested. Some
Currently we are leaking addresses from the kernel to user space. This
script as an attempt to find those leakages. Script parses `dmesg`
output and /proc and /sys files for suspicious entries.
Signed-off-by: Tobin C. Harding
---
My usual disclaimer; I am a long way from being a Perl monger
On Wed, Nov 08, 2017 at 11:10:56PM +1100, Michael Ellerman wrote:
> "Tobin C. Harding" writes:
> > Currently we are leaking addresses from the kernel to user space. This
> > script is an attempt to find some of those leakages. Script parses
> > `dmesg` output a
801 - 900 of 971 matches
Mail list logo
