Re: [kernel-hardening] Re: [RFC 0/3] kallsyms: don't leak address when printing symbol

2017-11-27 Thread Kaiwan N Billimoria
On Tue, Nov 28, 2017 at 7:20 AM, Tobin C. Harding wrote: > > Noob question: how do we _know_ this. In other words how do we know no > userland tools rely on the current behaviour? No stress to answer Kees, > this is a pretty general kernel dev question. Perhaps I'm reading this

Re: [kernel-hardening] [PATCH v4] scripts: add leaking_addresses.pl

2017-11-12 Thread Kaiwan N Billimoria
On Mon, Nov 13, 2017 at 11:38 AM, Tobin C. Harding wrote: > On Mon, Nov 13, 2017 at 11:16:28AM +0530, kaiwan.billimo...@gmail.com wrote: >> On Mon, 2017-11-13 at 09:21 +1100, Tobin C. Harding wrote: >> > On Fri, Nov 10, 2017 at 07:26:34PM +0530, kaiwan.billimo...@gmail.com >> >

Re: [kernel-hardening] Re: [PATCH v4] scripts: add leaking_addresses.pl

2017-11-12 Thread Kaiwan N Billimoria
On Mon, Nov 13, 2017 at 10:05 AM, Tobin C. Harding wrote: > On Mon, Nov 13, 2017 at 06:37:28AM +0300, Kirill A. Shutemov wrote: >> On Mon, Nov 13, 2017 at 10:06:46AM +1100, Tobin C. Harding wrote: >> > On Sun, Nov 12, 2017 at 02:10:07AM +0300, Kirill A. Shutemov wrote: ... >> > >>

Re: [kernel-hardening] [PATCH v4] scripts: add leaking_addresses.pl

2017-11-09 Thread Kaiwan N Billimoria
> > Yes, profiling and tracing are similar. And you need to be root to run > the recording anyway. Thus, as long as root user can read kallsyms, > trace-cmd should be fine. As trace-cmd requires root access to do any > ftrace tracing. > > -- Steve Got it, thanks..

Re: [kernel-hardening] [PATCH v4] scripts: add leaking_addresses.pl

2017-11-08 Thread Kaiwan N Billimoria
On Thu, Nov 9, 2017 at 10:13 AM, Kaiwan N Billimoria <kaiwan.billimo...@gmail.com> wrote: >> But I don't know if there is anything else than the profiling code >> that _really_ wants access to /proc/kallsyms in user space as a >> regular user. > Front-ends to ft

Re: [kernel-hardening] [PATCH v4] scripts: add leaking_addresses.pl

2017-11-08 Thread Kaiwan N Billimoria
> But I don't know if there is anything else than the profiling code > that _really_ wants access to /proc/kallsyms in user space as a > regular user. Am unsure about this, but kprobes? (/jprobes/kretprobes), and by extension, wrappers over this infra (like SystemTap)? I (hazily) recollect a