From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754617AbeASICf (ORCPT ); Fri, 19 Jan 2018 03:02:35 -0500 Received: from 9pmail.ess.barracuda.com ([64.235.150.225]:47030 "EHLO 9pmail.ess.barracuda.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751437AbeASIC1 (ORCPT ); Fri, 19 Jan 2018 03:02:27 -0500 Subject: Re: [PATCH 11/14] MIPS: memblock: Print out kernel virtual mem layout To: Serge Semin , Florian Fainelli CC: , , , , , , , , , , , , , , , , References: <20180117222312.14763-1-fancer.lancer@gmail.com> <20180117222312.14763-12-fancer.lancer@gmail.com> <20180118201856.GA996@mobilestation> From: Matt Redfearn Message-ID: Date: Fri, 19 Jan 2018 07:59:43 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20180118201856.GA996@mobilestation> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.150.130.83] X-BESS-ID: 1516348840-298554-31495-40455-1 X-BESS-VER: 2017.17-r1801171719 X-BESS-Apparent-Source-IP: 12.201.5.28 X-BESS-Outbound-Spam-Score: 0.00 X-BESS-Outbound-Spam-Report: Code version 3.2, rules version 3.2.2.189139 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------- 0.00 BSF_BESS_OUTBOUND META: BESS Outbound X-BESS-Outbound-Spam-Status: SCORE=0.00 using account:ESS59374 scores of KILL_LEVEL=7.0 tests=BSF_BESS_OUTBOUND X-BESS-BRTS-Status: 1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Serge, On 18/01/18 20:18, Serge Semin wrote: > On Thu, Jan 18, 2018 at 12:03:03PM -0800, Florian Fainelli wrote: >> On 01/17/2018 02:23 PM, Serge Semin wrote: >>> It is useful to have the kernel virtual memory layout printed >>> at boot time so to have the full information about the booted >>> kernel. In some cases it might be unsafe to have virtual >>> addresses freely visible in logs, so the %pK format is used if >>> one want to hide them. >>> >>> Signed-off-by: Serge Semin >> >> I personally like having that information because that helps debug and >> have a quick reference, but there appears to be a trend to remove this >> in the name of security: >> >> https://patchwork.kernel.org/patch/10124007/ >> >> maybe hide this behind a configuration option? > > Yeah, arm code was the place I picked the function up.) But in my case > I've used %pK so the pointers would disappear from logging when > kptr_restrict sysctl is 1 or 2. > I agree, that we might need to make the printouts optional. If there is > any kernel config, which for instance increases the kernel security we > could also use it or anything else to discard the printouts at compile > time. Certainly, when KASLR is active it would be preferable to hide this information, so you could use CONFIG_RELOCATABLE. The existing KASLR stuff additionally hides this kind of information behind CONFIG_DEBUG_KERNEL, so that only people actively debugging the kernel see it: http://elixir.free-electrons.com/linux/v4.15-rc8/source/arch/mips/kernel/setup.c#L604 Thanks, Matt > >> -- >> Florian