From: Steven Rostedt <rostedt@goodmis.org>
To: Nick Desaulniers <ndesaulniers@google.com>
Cc: salyzyn@android.com, LKML <linux-kernel@vger.kernel.org>,
mingo@redhat.com, kernel-team@android.com,
stable@vger.kernel.org
Subject: Re: [PATCH] tracing: do not leak kernel addresses
Date: Thu, 26 Jul 2018 12:37:19 -0400 [thread overview]
Message-ID: <20180726123719.0db9dca0@gandalf.local.home> (raw)
In-Reply-To: <CAKwvOdknFPpyQx17EbixnydJukuX4kH8=xVTS_9qnsERKCoPkQ@mail.gmail.com>
On Thu, 26 Jul 2018 09:32:07 -0700
Nick Desaulniers <ndesaulniers@google.com> wrote:
> On Thu, Jul 26, 2018 at 8:22 AM Steven Rostedt <rostedt@goodmis.org> wrote:
> >
> > On Thu, 26 Jul 2018 08:14:08 -0700
> > Mark Salyzyn <salyzyn@android.com> wrote:
> >
> > > Thank you Steve, much appreciated feedback, I have asked the security
> > > developers to keep this in mind and come up with a correct fix.
> > >
> > > The correct fix that meets your guidelines would _not_ be suitable for
> > > stable due to the invasiveness it sounds, only for the latest will such
> > > a rework make sense. As such, the fix proposed in this patch is the only
> > > one that meets the bar for stable patch simplicity, and merely(!) needs
> > > to state that if the fix is taken, perf and trace are broken.
> > >
> > > Posting this patch publicly on the lists, that may never be applied, may
> > > be the limit of our responsibility for a fix to stable kernel releases,
> > > to be optionally applied by vendors concerned with this CVE criteria?
> > >
> >
> > The patch breaks the code it touches. It makes it useless.
>
> Doesn't that depend on kptr_restrict, or would it be broken if
> kptr_restrict was set to 0?
Is that what governs the output of kallsyms?
-- Steve
next prev parent reply other threads:[~2018-07-26 16:37 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-25 20:22 [PATCH] tracing: do not leak kernel addresses Mark Salyzyn
2018-07-25 21:14 ` Nick Desaulniers
2018-07-26 1:07 ` Steven Rostedt
2018-07-26 15:14 ` Mark Salyzyn
2018-07-26 15:22 ` Steven Rostedt
2018-07-26 16:32 ` Nick Desaulniers
2018-07-26 16:37 ` Steven Rostedt [this message]
2018-07-26 16:59 ` Nick Desaulniers
2018-07-26 16:59 ` Nick Desaulniers
2018-07-26 21:56 ` Nick Desaulniers
2018-07-26 15:31 ` Greg KH
2018-07-26 16:52 ` Nick Desaulniers
2018-07-26 22:15 ` Steven Rostedt
2018-07-27 12:07 ` Jordan Glover
2018-07-27 12:07 ` Jordan Glover
2018-07-27 13:40 ` Jann Horn
2018-07-27 13:47 ` Steven Rostedt
2018-07-27 18:13 ` Nick Desaulniers
2018-07-27 18:13 ` Nick Desaulniers
2018-07-27 18:31 ` Steven Rostedt
2018-07-27 18:41 ` Mark Salyzyn
2018-07-27 18:47 ` Jann Horn
2018-07-27 18:58 ` Jann Horn
2018-07-27 19:54 ` Theodore Y. Ts'o
2018-07-27 20:11 ` Steven Rostedt
2018-07-27 20:21 ` Theodore Y. Ts'o
2018-07-27 20:53 ` Steven Rostedt
2018-07-27 22:05 ` Sandeep Patil
2018-07-28 0:04 ` Theodore Y. Ts'o
2018-07-30 14:35 ` Sandeep Patil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180726123719.0db9dca0@gandalf.local.home \
--to=rostedt@goodmis.org \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=ndesaulniers@google.com \
--cc=salyzyn@android.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.