linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages
@ 2018-06-05 23:40 Daniel Rosenberg
  2018-06-05 23:51 ` [Linaro-mm-sig] " Chris Wilson
  2018-06-06  9:07 ` Greg KH
  0 siblings, 2 replies; 3+ messages in thread
From: Daniel Rosenberg @ 2018-06-05 23:40 UTC (permalink / raw)
  To: Sumit Semwal, linux-kernel
  Cc: Gustavo Padovan, linux-media, linaro-mm-sig, dri-devel,
	kernel-team, Daniel Rosenberg, Divya Ponnusamy, stable

The format specifier %p can leak kernel addresses
while not valuing the kptr_restrict system settings.
Use %pK instead of %p, which also evaluates whether
kptr_restrict is set.

Signed-off-by: Divya Ponnusamy <pdivya@codeaurora.org>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Cc: stable <stable@vger.kernel.org>
---
 drivers/dma-buf/sync_debug.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/dma-buf/sync_debug.c b/drivers/dma-buf/sync_debug.c
index c4c8ecb24aa9..d8d340542a79 100644
--- a/drivers/dma-buf/sync_debug.c
+++ b/drivers/dma-buf/sync_debug.c
@@ -133,7 +133,7 @@ static void sync_print_sync_file(struct seq_file *s,
 	char buf[128];
 	int i;
 
-	seq_printf(s, "[%p] %s: %s\n", sync_file,
+	seq_printf(s, "[%pK] %s: %s\n", sync_file,
 		   sync_file_get_name(sync_file, buf, sizeof(buf)),
 		   sync_status_str(dma_fence_get_status(sync_file->fence)));
 
-- 
2.17.0.441.gb46fe60e1d-goog

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Linaro-mm-sig] [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages
  2018-06-05 23:40 [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages Daniel Rosenberg
@ 2018-06-05 23:51 ` Chris Wilson
  2018-06-06  9:07 ` Greg KH
  1 sibling, 0 replies; 3+ messages in thread
From: Chris Wilson @ 2018-06-05 23:51 UTC (permalink / raw)
  To: Daniel Rosenberg, Sumit Semwal, linux-kernel
  Cc: Daniel Rosenberg, Divya Ponnusamy, Gustavo Padovan, dri-devel,
	linaro-mm-sig, stable, kernel-team, linux-media

Quoting Daniel Rosenberg (2018-06-06 00:40:41)
> The format specifier %p can leak kernel addresses
> while not valuing the kptr_restrict system settings.
> Use %pK instead of %p, which also evaluates whether
> kptr_restrict is set.

This is backwards though. You never care about the actual value here and
the hashed pointer (%p) is always enough to provide an identifying token.
-Chris

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages
  2018-06-05 23:40 [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages Daniel Rosenberg
  2018-06-05 23:51 ` [Linaro-mm-sig] " Chris Wilson
@ 2018-06-06  9:07 ` Greg KH
  1 sibling, 0 replies; 3+ messages in thread
From: Greg KH @ 2018-06-06  9:07 UTC (permalink / raw)
  To: Daniel Rosenberg
  Cc: Sumit Semwal, linux-kernel, Gustavo Padovan, linux-media,
	linaro-mm-sig, dri-devel, kernel-team, Divya Ponnusamy, stable

On Tue, Jun 05, 2018 at 04:40:41PM -0700, Daniel Rosenberg wrote:
> The format specifier %p can leak kernel addresses
> while not valuing the kptr_restrict system settings.
> Use %pK instead of %p, which also evaluates whether
> kptr_restrict is set.
> 
> Signed-off-by: Divya Ponnusamy <pdivya@codeaurora.org>
> Signed-off-by: Daniel Rosenberg <drosen@google.com>
> Cc: stable <stable@vger.kernel.org>
> ---
>  drivers/dma-buf/sync_debug.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/dma-buf/sync_debug.c b/drivers/dma-buf/sync_debug.c
> index c4c8ecb24aa9..d8d340542a79 100644
> --- a/drivers/dma-buf/sync_debug.c
> +++ b/drivers/dma-buf/sync_debug.c
> @@ -133,7 +133,7 @@ static void sync_print_sync_file(struct seq_file *s,
>  	char buf[128];
>  	int i;
>  
> -	seq_printf(s, "[%p] %s: %s\n", sync_file,
> +	seq_printf(s, "[%pK] %s: %s\n", sync_file,

This is a root-only file, right?  So it's not that bad of a problem.
Also, by default, all %p pointers are now hashed so what really is
leaking here?

And finally, why even print out a pointer at all?  Why not just stick
with the name and not worry about the pointer?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-06-06  9:08 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-05 23:40 [PATCH resend] drivers: dma-buf: Change %p to %pK in debug messages Daniel Rosenberg
2018-06-05 23:51 ` [Linaro-mm-sig] " Chris Wilson
2018-06-06  9:07 ` Greg KH

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).