On Thu, 26 Apr 2018 09:19:59 +0200 Thomas Richter <tmricht@xxxxxxxxxxxxx> wrote: > File /sys/kernel/debug/kprobes/blacklist displays random addresses: > > [root@s8360046 linux]# cat /sys/kernel/debug/kprobes/blacklist > 0x0000000047149a90-0x00000000bfcb099a print_type_x8 > .... > > This breaks 'perf probe' which uses the blacklist file to prohibit > probes on certain functions by checking the address range. > > Fix this by printing the correct (unhashed) address. Yeah, but I'm not sure recent "%px" policy. I think if the user can dump kallsyms, this also can be dumped. But kallsyms seems different policy... Anyway, please check my series. https://patchwork.kernel.org/patch/10183629/ It uses to check the kallsyms policy function to check. Unfortunately, this is not merged. Anyway, I'll repost it (on the top of tip tree) > > The file mode is read all but this is not an issue as the file > hierarchy points out: > # ls -ld /sys/ /sys/kernel/ /sys/kernel/debug/ /sys/kernel/debug/kprobes/ > /sys/kernel/debug/kprobes/blacklist > dr-xr-xr-x 12 root root 0 Apr 19 07:56 /sys/ > drwxr-xr-x 8 root root 0 Apr 19 07:56 /sys/kernel/ > drwx------ 16 root root 0 Apr 19 06:56 /sys/kernel/debug/ > drwxr-xr-x 2 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/ > -r--r--r-- 1 root root 0 Apr 19 06:56 /sys/kernel/debug/kprobes/blacklist > > Everything in and below /sys/kernel/debug is rwx to root only, > no group or others have access. > > Background: > Directory /sys/kernel/debug/kprobes is created by debugfs_create_dir() > which sets the mode bits to rwxr-xr-x. Maybe change that to use the > parent's directory mode bits instead? Good catch! Yes, it should be hardened. Anyway, that is out of this topic. I just change blacklist file mode bits in my series. Thank you, > > Fixes: ad67b74d2469 ("printk: hash addresses printed with %p") > Cc: <stable@xxxxxxxxxxxxxxx> # v4.15+ > Cc: <linux-kernel@xxxxxxxxxxxxxxx> > To: Ananth N Mavinakayanahalli <ananth@xxxxxxxxxxxxxxxxxx> > To: Anil S Keshavamurthy <anil.s.keshavamurthy@xxxxxxxxx> > To: David S Miller <davem@xxxxxxxxxxxxx> > To: Masami Hiramatsu <mhiramat@xxxxxxxxxx> > To: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> > To: acme@xxxxxxxxxx > To: Steven Rostedt <rostedt@xxxxxxxxxxx> > > Signed-off-by: Thomas Richter <tmricht@xxxxxxxxxxxxx> > --- > kernel/kprobes.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/kprobes.c b/kernel/kprobes.c > index 102160ff5c66..ea619021d901 100644 > --- a/kernel/kprobes.c > +++ b/kernel/kprobes.c > @@ -2428,7 +2428,7 @@ static int kprobe_blacklist_seq_show(struct seq_file *m, void *v) > struct kprobe_blacklist_entry *ent = > list_entry(v, struct kprobe_blacklist_entry, list); > > - seq_printf(m, "0x%p-0x%p\t%ps\n", (void *)ent->start_addr, > + seq_printf(m, "0x%px-0x%px\t%ps\n", (void *)ent->start_addr, > (void *)ent->end_addr, (void *)ent->start_addr); > return 0; > } > -- > 2.14.3 > -- Masami Hiramatsu <mhiramat@xxxxxxxxxx>