Re: [PATCH tip/core/rcu 02/20] torture: Prepare scripting for shift from %p to %pK

[Kees Cook]

On Sun, Dec 10, 2017 at 1:47 PM, Paul E. McKenney
<paulmck@xxxxxxxxxxxxxxxxxx> wrote:
> On Sun, Dec 10, 2017 at 12:39:11PM -0800, Linus Torvalds wrote:
>> I'd rather make %pK act more like %p than have gratuitous differences.

The feature that paranoid folks currently depend on is getting a value
entirely zeroed out with %pK (which is the least possible info leak
risk). The hashed %p is almost just as good except that identical
hashes are still usable to confirm matching values (but the cases
where this would be useful to an attacker are hopefully approaching
zero).

> So it looks like I should drop the three patches in my tree that convert
> %p to %pK.
>
> Any objections?

Sounds good. If they're still useful when hashed, keep the %p. If you
want to remove them because they're sensitive, just remove them
instead of adding new %pK users.

-Kees

-- 
Kees Cook
Pixel Security