On Wed, Feb 03, 2021 at 03:25:13PM -0500, Steven Rostedt wrote: > On Wed, 3 Feb 2021 12:02:05 -0800 > Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > > On Wed, Feb 03, 2021 at 12:58:41PM -0600, Timur Tabi wrote: > > > On 2/3/21 7:31 AM, Petr Mladek wrote: > > > > Also please make sure that lib/test_printf.c will work with > > > > the new option. > > > > > > As you suspected, it doesn't work: > > > > > > [ 206.966478] test_printf: loaded. > > > [ 206.966528] test_printf: plain 'p' does not appear to be hashed > > > [ 206.966740] test_printf: failed 1 out of 388 tests > > > > > > What should I do about this? > > > > > > On one hand, it is working as expected: %p is not hashed, and that should be > > > a warning. > > > > > > On the other hand, maybe test_printf should be aware of the command line > > > parameter and test to make sure that %p is NOT hashed? > > > > It seems like it'd be best for the test to fail, yes? It _is_ a problem > > that %p is unhashed; it's just that the failure was intended. > > > > I disagree. > > With a big notice that all pointers of unhashed, I don't think we need to > print it failed when we expect it to fail. > > If anything, skip the test and state: > > test_printf: hash test skipped because "make-printk-non-secret" is on the > command line. Yeah, I'm fine with "fail" or "skip". "pass" is mainly what I don't like. :) -- Kees Cook
