Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Kees Cook <keescook@xxxxxxxxxxxx>, Pavel Machek <pavel@xxxxxx>
Subject: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
From: Timur Tabi <timur@xxxxxxxxxx>
Date: Thu, 4 Feb 2021 16:20:45 -0600
Cc: Steven Rostedt <rostedt@xxxxxxxxxxx>, Petr Mladek <pmladek@xxxxxxxx>, Sergey Senozhatsky <sergey.senozhatsky@xxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxx, willy@xxxxxxxxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, torvalds@xxxxxxxxxxxxxxxxxxxx, roman.fietze@xxxxxxxxx, john.ogness@xxxxxxxxxxxxx, akinobu.mita@xxxxxxxxx
In-reply-to: <202102041415.D9093ED6@keescook>
References: <20210202201846.716915-1-timur@kernel.org> <20210204204835.GA7529@amd> <20210204155423.2864bf4f@gandalf.local.home> <20210204214944.GA13103@amd> <873d7e08-7a70-a1a3-f486-882d1d515965@kernel.org> <20210204221143.GB13103@amd> <202102041415.D9093ED6@keescook>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0



On 2/4/21 4:17 PM, Kees Cook wrote:

It's just semantics. Printing addresses DOES weaken the security of a
system, especially when we know attackers have and do use stuff from dmesg
to tune their attacks. How about "reduces the security of your system"?

I think we're bikeshedding now, but I can replace "compromise" with"reduce".

"Kernel memory addresses are exposed, which may reduce the security ofyour system."

References:
- [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Timur Tabi
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Pavel Machek
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Steven Rostedt
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Pavel Machek
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Timur Tabi
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Pavel Machek
- Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
  - From: Kees Cook

Prev by Date: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
Next by Date: Re: [PATCH 1/2] PCI: also set up legacy files only after sysfs init
Previous by thread: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
Next by thread: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]