Thread (48 messages) 48 messages, 12 authors, 2017-12-07

RE: [PATCH V11 4/5] vsprintf: add printk specifier %px

From: Roberts, William C <hidden>
Date: 2017-11-29 22:36:32
Also in: lkml 

-----Original Message-----
From: keescook@google.com [mailto:keescook@google.com] On Behalf Of Kees
Cook
Sent: Wednesday, November 29, 2017 2:28 PM
To: David Laight <redacted>
Cc: Linus Torvalds <torvalds@linux-foundation.org>; Tobin C. Harding
[off-list ref]; kernel-hardening@lists.openwall.com; Jason A. Donenfeld
[off-list ref]; Theodore Ts'o [off-list ref]; Paolo Bonzini
[off-list ref]; Tycho Andersen [off-list ref]; Roberts, William C
[off-list ref]; Tejun Heo [off-list ref]; Jordan Glover
[off-list ref]; Greg KH [off-list ref];
Petr Mladek [off-list ref]; Joe Perches [off-list ref]; Ian
Campbell [off-list ref]; Sergey Senozhatsky
[off-list ref]; Catalin Marinas [off-list ref];
Will Deacon [off-list ref]; Steven Rostedt [off-list ref];
Chris Fries [off-list ref]; Dave Weinstein [off-list ref]; Daniel
Micay [off-list ref]; Djalal Harouni [off-list ref]; Radim
Krcmár [off-list ref]; Linux Kernel Mailing List <linux-
kernel@vger.kernel.org>; Network Development [off-list ref];
David Miller [off-list ref]; Stephen Rothwell
[off-list ref]; Andrey Ryabinin [off-list ref];
Alexander Potapenko [off-list ref]; Dmitry Vyukov
[off-list ref]; Andrew Morton [off-list ref]
Subject: Re: [PATCH V11 4/5] vsprintf: add printk specifier %px

On Wed, Nov 29, 2017 at 2:07 AM, David Laight [off-list ref]
wrote:
quoted
From: Linus Torvalds
quoted
Sent: 29 November 2017 02:29

On Tue, Nov 28, 2017 at 6:05 PM, Tobin C. Harding [off-list ref] wrote:
quoted
   Let's add specifier %px as a
clear, opt-in, way to print a pointer and maintain some level of
isolation from all the other hex integer output within the Kernel.
Yes, I like this model. It's easy and it's obvious ("'x' for hex"),
and it gives people a good way to say "yes, I really want the actual
address as hex" for if/when the hashed pointer doesn't work for some
reason.
Remind me to change every %p to %px on kernels that support it.

Although the absolute values of pointers may not be useful, knowing
that two pointer differ by a small amount is useful.
It is also useful to know whether pointers are to stack, code, static
data or heap.

This change to %p is going to make debugging a nightmare.
In the future, maybe we could have a knob: unhashed, hashed (default), or
zeroed.
Isn't that just kptr_restrict and get us right back to the simpler patches I proposed?

-Kees

--
Kees Cook
Pixel Security
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help