On Fri, Jan 19, 2018 at 07:59:43AM +0000, Matt Redfearn <matt.redfearn@xxxxxxxx> wrote:
Hello Matt,
Hi Serge,
On 18/01/18 20:18, Serge Semin wrote:
On Thu, Jan 18, 2018 at 12:03:03PM -0800, Florian Fainelli <f.fainelli@xxxxxxxxx> wrote:
On 01/17/2018 02:23 PM, Serge Semin wrote:
It is useful to have the kernel virtual memory layout printed
at boot time so to have the full information about the booted
kernel. In some cases it might be unsafe to have virtual
addresses freely visible in logs, so the %pK format is used if
one want to hide them.
Signed-off-by: Serge Semin <fancer.lancer@xxxxxxxxx>
I personally like having that information because that helps debug and
have a quick reference, but there appears to be a trend to remove this
in the name of security:
https://patchwork.kernel.org/patch/10124007/
maybe hide this behind a configuration option?
Yeah, arm code was the place I picked the function up.) But in my case
I've used %pK so the pointers would disappear from logging when
kptr_restrict sysctl is 1 or 2.
I agree, that we might need to make the printouts optional. If there is
any kernel config, which for instance increases the kernel security we
could also use it or anything else to discard the printouts at compile
time.
Certainly, when KASLR is active it would be preferable to hide this
information, so you could use CONFIG_RELOCATABLE. The existing KASLR stuff
additionally hides this kind of information behind CONFIG_DEBUG_KERNEL, so
that only people actively debugging the kernel see it:
http://elixir.free-electrons.com/linux/v4.15-rc8/source/arch/mips/kernel/setup.c#L604
Ok. I'll hide the printouts behind both of that config macros in the next patchset
version.
Regards,
-Sergey
Thanks,
Matt
--
Florian