Re: [PATCH v2] use %pK for /proc/kallsyms and /proc/modules

From: Andrew Morton
Date: Fri Feb 04 2011 - 17:04:13 EST

Next message: Andrew Morton: "Re: [PATCH 1/4] x86, amd: Normalize compute unit IDs on multi-nodeprocessors"
Previous message: tip-bot for Mathieu Desnoyers: "[tip:perf/urgent] tracepoints: Fix section alignment using pointer array"
Next in thread: Kees Cook: "Re: [PATCH v2] use %pK for /proc/kallsyms and /proc/modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 26 Jan 2011 16:41:29 -0800
Kees Cook <kees.cook@xxxxxxxxxxxxx> wrote:

> In an effort to reduce kernel address leaks that might be used to
> help target kernel privilege escalation exploits, this patch uses
> %pK when displaying addresses in /proc/kallsyms, /proc/modules, and
> /sys/module/*/sections/*.
>
> Note that this changes %x to %p, so some legitimately 0 values in
> /proc/kallsyms would have changed from 00000000 to "(null)". To avoid
> this, "(null)" is not used when using the "K" format. Anything that was
> already successfully parsing "(null)" in addition to full hex digits
> should have no problem with this change. (Thanks to Joe Perches for
> the suggestion.)
>
> ...
>
> --- a/kernel/kallsyms.c
> +++ b/kernel/kallsyms.c
> @@ -477,12 +477,10 @@ static int s_show(struct seq_file *m, void *p)
> */
> type = iter->exported ? toupper(iter->type) :
> tolower(iter->type);
> - seq_printf(m, "%0*lx %c %s\t[%s]\n",
> - (int)(2 * sizeof(void *)),
> + seq_printf(m, "%pK %c %s\t[%s]\n",
> iter->value, type, iter->name, iter->module_name);
> } else
> - seq_printf(m, "%0*lx %c %s\n",
> - (int)(2 * sizeof(void *)),
> + seq_printf(m, "%pK %c %s\n",
> iter->value, iter->type, iter->name);
> return 0;
> }

kernel/kallsyms.c: In function 's_show':
kernel/kallsyms.c:481: warning: format '%p' expects type 'void *', but argument 3 has type 'long unsigned int'
kernel/kallsyms.c:484: warning: format '%p' expects type 'void *', but argument 3 has type 'long unsigned int'
kernel/module.c: In function 'module_sect_show':
kernel/module.c:1171: warning: format '%p' expects type 'void *', but argument 3 has type 'long unsigned int'
kernel/module.c:1171: warning: format '%p' expects type 'void *', but argument 3 has type 'long unsigned int'

I'm struggling to see how this could have been compile-time or runtime
tested?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH 1/4] x86, amd: Normalize compute unit IDs on multi-nodeprocessors"
Previous message: tip-bot for Mathieu Desnoyers: "[tip:perf/urgent] tracepoints: Fix section alignment using pointer array"
Next in thread: Kees Cook: "Re: [PATCH v2] use %pK for /proc/kallsyms and /proc/modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]