+ docs-correct-documentation-for-%pk.patch added to -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The patch titled
     Subject: docs: correct documentation for %pK
has been added to the -mm tree.  Its filename is
     docs-correct-documentation-for-%pk.patch

This patch should soon appear at
    http://ozlabs.org/~akpm/mmots/broken-out/docs-correct-documentation-for-%25pk.patch
and later at
    http://ozlabs.org/~akpm/mmotm/broken-out/docs-correct-documentation-for-%25pk.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/SubmitChecklist when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: "Tobin C. Harding" <me@xxxxxxxx>
Subject: docs: correct documentation for %pK

Patch series "hash addresses printed with %p", v11.

Currently there exist approximately 14000 places in the Kernel where
addresses are being printed using an unadorned %p.  This potentially leaks
sensitive information regarding the Kernel layout in memory.  Many of
these calls are stale, instead of fixing every call lets hash the address
by default before printing.  This will of course break some users, forcing
code printing needed addresses to be updated.  We can add a printk
specifier for this purpose (%px) to give developers a clear upgrade path
for breakages caused by applying this patch set.

The added advantage of hashing %p is that security is now opt-out, if you
_really_ want the address you have to work a little harder and use %px.

The idea for creating the printk specifier %px to print the actual address
was suggested by Kees Cook (see below for email threads by subject).

Newbie question: I don't know who is potentially going to want to apply
this, I've CC'd Andrew Morton.  I'm guessing this should go into
linux-next so we can see what breaks?  I do not know exactly how code gets
into linux-next.  I've CC'd Stephen Rothwell.

Here is the behaviour that this series implements.

For kpt_restrict==0

Randomness not ready:
  printed with %p:                     (ptrval)     # NOTE: with padding
Valid pointer:
  printed with %pK:             deadbeefdeadbeef
  printed with %p:              00000000deadbeef
  malformed specifier (eg %i):  00000000deadbeef
NULL pointer:
  printed with %pK:             0000000000000000
  printed with %p:                       (null)     # NOTE: with padding
  malformed specifier (eg %i):           (null)

For kpt_restrict==2

Valid pointer:
  printed with %pK:             0000000000000000

All other output as for kptr_restrict==0



This patch (of 5)"

Current documentation indicates that %pK prints a leading '0x'.  This is
not the case.

Correct documentation for printk specifier %pK.

Link: http://lkml.kernel.org/r/1511921105-3647-2-git-send-email-me@xxxxxxxx
Signed-off-by: Tobin C. Harding <me@xxxxxxxx>
Cc: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
Cc: "Theodore Ts'o" <tytso@xxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Cc: Tycho Andersen <tycho@xxxxxxxx>
Cc: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
Cc: Tejun Heo <tj@xxxxxxxxxx>
Cc: Jordan Glover <Golden_Miller83@xxxxxxxxxxxxx>
Cc: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: Petr Mladek <pmladek@xxxxxxxx>
Cc: Joe Perches <joe@xxxxxxxxxxx>
Cc: Ian Campbell <ijc@xxxxxxxxxxxxxx>
Cc: Radim Krčmář <rkrcmar@xxxxxxxxxx>
Cc: Sergey Senozhatsky <sergey.senozhatsky@xxxxxxxxx>
Cc: Catalin Marinas <catalin.marinas@xxxxxxx>
Cc: Will Deacon <wilal.deacon@xxxxxxx>
Cc: Steven Rostedt <rostedt@xxxxxxxxxxx>
Cc: Chris Fries <cfries@xxxxxxxxxx>
Cc: Dave Weinstein <olorin@xxxxxxxxxx>
Cc: Daniel Micay <danielmicay@xxxxxxxxx>
Cc: Djalal Harouni <tixxdz@xxxxxxxxx>
Cc: Radim Kr\u010dm\u0159 <rkrcmar@xxxxxxxxxx>
Cc: David Miller <davem@xxxxxxxxxxxxx>
Cc: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Alexander Potapenko <glider@xxxxxxxxxx>
Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 Documentation/printk-formats.txt |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff -puN Documentation/printk-formats.txt~docs-correct-documentation-for-%pk Documentation/printk-formats.txt
--- a/Documentation/printk-formats.txt~docs-correct-documentation-for-%pk
+++ a/Documentation/printk-formats.txt
@@ -85,13 +85,12 @@ Examples::
 	printk("Faulted at %pS\n", (void *)regs->ip);
 	printk(" %s%pB\n", (reliable ? "" : "? "), (void *)*stack);
 
-
 Kernel Pointers
 ===============
 
 ::
 
-	%pK	0x01234567 or 0x0123456789abcdef
+	%pK	01234567 or 0123456789abcdef
 
 For printing kernel pointers which should be hidden from unprivileged
 users. The behaviour of ``%pK`` depends on the ``kptr_restrict sysctl`` - see
_

Patches currently in -mm which might be from me@xxxxxxxx are

docs-correct-documentation-for-%pk.patch
vsprintf-refactor-%pk-code-out-of-pointer.patch
printk-hash-addresses-printed-with-%p.patch
vsprintf-add-printk-specifier-%px.patch
kasan-use-%px-to-print-addresses-instead-of-%p.patch

--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux