On Sun, Feb 18, 2024 at 09:38:12AM -0800, Kees Cook wrote: > Introduce --kallsyms argument for scanning binary files for known symbol > addresses. This would have found the exposure in /sys/kernel/notes: > > $ scripts/leaking_addresses.pl --kallsyms=<(sudo cat /proc/kallsyms) > /sys/kernel/notes: hypercall_page @ 156 > /sys/kernel/notes: xen_hypercall_set_trap_table @ 156 > /sys/kernel/notes: startup_xen @ 132 > > Signed-off-by: Kees Cook <[email protected]> > --- > Cc: "Tobin C. Harding" <[email protected]> > Cc: Tycho Andersen <[email protected]> > Cc: Greg KH <[email protected]> > Cc: Guixiong Wei <[email protected]> > Cc: [email protected] > --- > scripts/leaking_addresses.pl | 53 ++++++++++++++++++++++++++++++++++++ > 1 file changed, 53 insertions(+)
Nice! Acked-by: Greg Kroah-Hartman <[email protected]>
