Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed

From: Pavel Machek
Date: Thu Feb 04 2021 - 17:12:58 EST

Next message: Borislav Petkov: "Re: [PATCH] x86: efi: avoid BUILD_BUG_ON() for non-constant p4d_index"
Previous message: Sedat Dilek: "Re: ANNOUNCE: pahole v1.20 (gcc11 DWARF5's default, lots of ELF sections, BTF)"
In reply to: Steven Rostedt: "Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed"
Next in thread: Kees Cook: "Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 2021-02-04 15:59:21, Timur Tabi wrote:
> On 2/4/21 3:49 PM, Pavel Machek wrote:
> >This machine is insecure. Yet I don't see ascii-art *** all around..
> >
> >"Kernel memory addresses are exposed, which is bad for security."
>
> I'll use whatever wording everyone can agree on, but I really don't see much
> difference between "which may compromise security on your system" and "which
> is bad for security". "may compromise" doesn't see any more alarmist than
> "bad". Frankly, "bad" is a very generic term.

Well, I agree that "bad" is vague.... but original wording is simply
untrue, as printing addresses decreases robustness but can't introduce
security problem on its own.

Being alarmist is not my complaint; being untrue is.

Best regards,
Pavel
--
http://www.livejournal.com/~pavelmachek

Attachment: signature.asc
Description: Digital signature

Next message: Borislav Petkov: "Re: [PATCH] x86: efi: avoid BUILD_BUG_ON() for non-constant p4d_index"
Previous message: Sedat Dilek: "Re: ANNOUNCE: pahole v1.20 (gcc11 DWARF5's default, lots of ELF sections, BTF)"
In reply to: Steven Rostedt: "Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed"
Next in thread: Kees Cook: "Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]