Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Sergey Senozhatsky
On (11/30/17 19:26), Sergey Senozhatsky wrote: > On (11/30/17 10:23), David Laight wrote: > [..] > > > Maybe I'm being thick, but... if we're rendering these addresses > > > unusable by hashing them, why not just print something like > > > "" in their place? That loses the uniqueness thing but I

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Sergey Senozhatsky
On (11/30/17 19:26), Sergey Senozhatsky wrote: > On (11/30/17 10:23), David Laight wrote: > [..] > > > Maybe I'm being thick, but... if we're rendering these addresses > > > unusable by hashing them, why not just print something like > > > "" in their place? That loses the uniqueness thing but I

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Alexey Dobriyan
On 11/30/17, Alexey Dobriyan wrote: >> Currently there exist approximately 14 000 places >> in the Kernel where addresses are being printed >> using an unadorned %p. > > Some of them are printing userpace pointers, > so audit is necessary anyway: > > show_timer: >

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Alexey Dobriyan
On 11/30/17, Alexey Dobriyan wrote: >> Currently there exist approximately 14 000 places >> in the Kernel where addresses are being printed >> using an unadorned %p. > > Some of them are printing userpace pointers, > so audit is necessary anyway: > > show_timer: >seq_printf(m, "signal:

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Sergey Senozhatsky
On (11/30/17 10:23), David Laight wrote: [..] > > Maybe I'm being thick, but... if we're rendering these addresses > > unusable by hashing them, why not just print something like > > "" in their place? That loses the uniqueness thing but I > > wonder how valuable that is in practice? > > My

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread Sergey Senozhatsky
On (11/30/17 10:23), David Laight wrote: [..] > > Maybe I'm being thick, but... if we're rendering these addresses > > unusable by hashing them, why not just print something like > > "" in their place? That loses the uniqueness thing but I > > wonder how valuable that is in practice? > > My

RE: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread David Laight
From: Andrew Morton > Sent: 29 November 2017 23:21 > > > > The added advantage of hashing %p is that security is now opt-out, if > > you _really_ want the address you have to work a little harder and use > > %px. You need a system-wide opt-out that prints the actual values. Otherwise developers

RE: [PATCH V11 0/5] hash addresses printed with %p

2017-11-30 Thread David Laight
From: Andrew Morton > Sent: 29 November 2017 23:21 > > > > The added advantage of hashing %p is that security is now opt-out, if > > you _really_ want the address you have to work a little harder and use > > %px. You need a system-wide opt-out that prints the actual values. Otherwise developers

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-29 Thread Tobin C. Harding
On Wed, Nov 29, 2017 at 03:20:40PM -0800, Andrew Morton wrote: > On Wed, 29 Nov 2017 13:05:00 +1100 "Tobin C. Harding" wrote: > > > Currently there exist approximately 14 000 places in the Kernel where > > addresses are being printed using an unadorned %p. This potentially > >

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-29 Thread Tobin C. Harding
On Wed, Nov 29, 2017 at 03:20:40PM -0800, Andrew Morton wrote: > On Wed, 29 Nov 2017 13:05:00 +1100 "Tobin C. Harding" wrote: > > > Currently there exist approximately 14 000 places in the Kernel where > > addresses are being printed using an unadorned %p. This potentially > > leaks sensitive

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-29 Thread Andrew Morton
On Wed, 29 Nov 2017 13:05:00 +1100 "Tobin C. Harding" wrote: > Currently there exist approximately 14 000 places in the Kernel where > addresses are being printed using an unadorned %p. This potentially > leaks sensitive information regarding the Kernel layout in memory. Many > of

Re: [PATCH V11 0/5] hash addresses printed with %p

2017-11-29 Thread Andrew Morton
On Wed, 29 Nov 2017 13:05:00 +1100 "Tobin C. Harding" wrote: > Currently there exist approximately 14 000 places in the Kernel where > addresses are being printed using an unadorned %p. This potentially > leaks sensitive information regarding the Kernel layout in memory. Many > of these calls

[PATCH V11 0/5] hash addresses printed with %p

2017-11-28 Thread Tobin C. Harding
Currently there exist approximately 14 000 places in the Kernel where addresses are being printed using an unadorned %p. This potentially leaks sensitive information regarding the Kernel layout in memory. Many of these calls are stale, instead of fixing every call lets hash the address by default

[PATCH V11 0/5] hash addresses printed with %p

2017-11-28 Thread Tobin C. Harding
Currently there exist approximately 14 000 places in the Kernel where addresses are being printed using an unadorned %p. This potentially leaks sensitive information regarding the Kernel layout in memory. Many of these calls are stale, instead of fixing every call lets hash the address by default