Re: [PATCH][RESEND] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed

From: Petr Mladek
Date: Wed Feb 03 2021 - 04:55:18 EST


On Tue 2021-02-02 15:36:33, Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed. This is useful for
> debugging purposes.
>
> A large warning message is displayed if this option is enabled,
> because unhashed addresses, while useful for debugging, exposes
> kernel addresses which can be a security risk.
>
> Signed-off-by: Timur Tabi <timur@xxxxxxxxxx>
> ---
> lib/vsprintf.c | 34 ++++++++++++++++++++++++++++++++--
> 1 file changed, 32 insertions(+), 2 deletions(-)

Please, add also entry into
Documentation/admin-guide/kernel-parameters.txt.

If we agree that the parameter is acceptable then let's make
it properly.

> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 3b53c73580c5..b9f87084afb0 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -2090,6 +2090,30 @@ char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode,
> return widen_string(buf, buf - buf_start, end, spec);
> }
>
> +/* Disable pointer hashing if requested */
> +static bool debug_never_hash_pointers __ro_after_init;
> +
> +static int __init debug_never_hash_pointers_enable(char *str)
> +{
> + debug_never_hash_pointers = true;
> + pr_warn("**********************************************************\n");
> + pr_warn("** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **\n");
> + pr_warn("** **\n");
> + pr_warn("** All pointers that are printed to the console will **\n");
> + pr_warn("** be printed as unhashed. **\n");
> + pr_warn("** **\n");
> + pr_warn("** Kernel memory addresses are exposed, which may **\n");
> + pr_warn("** compromise security on your system. **\n");
> + pr_warn("** **\n");
> + pr_warn("** If you see this message and you are not debugging **\n");
> + pr_warn("** the kernel, report this immediately to your vendor! **\n");

It is a boot parameter. So it should be "system administrtor" instead
of vendor.

Otherwise, it looks good to me.

Best Regards,
Petr