Re: [PATCH 1/6] serial: sh-sci: Reveal ptrval in dev_dbg

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, May 06, 2019 at 03:47:05PM +0200, Simon Horman wrote:
> On Sat, May 04, 2019 at 02:42:53AM +0200, Eugeniu Rosca wrote:
> > Starting with v4.15-rc2 commit ad67b74d2469d9 ("printk: hash addresses
> > printed with %p"), enabling debug prints in sh-sci.c would generate
> > output like below confusing the users who try to sneak into the
> > internals of the driver:
> > 
> > sh-sci e6e88000.serial: sci_request_dma: TX: got channel (____ptrval____)
> > sh-sci e6e88000.serial: sci_request_dma: mapped 4096@(____ptrval____) to 0x00000006798bf000
> > sh-sci e6e88000.serial: sci_request_dma: RX: got channel (____ptrval____)
> > sh-sci e6e88000.serial: sci_dma_tx_work_fn: (____ptrval____): 0...2, cookie 2
> > 
> > There are two possible fixes for that:
> >  - get rid of '%p' prints if they don't reveal any useful information
> >  - s/%p/%px/, since it is unlikely we have any concerns leaking the
> >    pointer values when running a debug/non-production kernel
> 
> I am concerned that this may expose information in circumstances
> where it is undesirable. Is it generally accepted practice to
> use %px in conjunction with dev_dbg() ?
> 
> ...

Below commits performed a similar s/%p/%px/ update in debug context:

Authors (CC-ed)   Commit         Subject
----------------------------------------
Christophe Leroy  b18f0ae92b0a1d ("powerpc/prom: fix early DEBUG messages")
Helge Deller      3847dab7742186 ("parisc: Add alternative coding infrastructure")
Michael Neuling   51c3c62b58b357 ("powerpc: Avoid code patching freed init sections")
Kuninori Morimoto dabdbe3ae0cb9a ("ASoC: rsnd: don't use %p for dev_dbg()")
Philip Yang       fa7e65147e5dca ("drm/amdkfd: use %px to print user space address instead of %p")
Matthew Wilcox    68c1f08203f2b0 ("lib/list_debug.c: print unmangled addresses")
Borislav Petkov   0e6c16c652cada ("x86/alternative: Print unadorned pointers")
Darrick J. Wong   c96900435fa9fd ("xfs: use %px for data pointers when debugging")
Helge Deller      04903c06b4854d ("parisc: Show unhashed HPA of Dino chip")

To quote Matthew, with respect to any debug prints:
If an attacker can force this message to be printed, we've already lost.

In any case, I won't be affected much if the change is not accepted,
since it doesn't resolve any major issue on my end. Thanks!

-- 
Best Regards,
Eugeniu.
[Index of Archives]     [Linux Samsung SOC]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux