Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
From: Kees Cook
Date: Thu Feb 04 2021 - 17:17:58 EST
On Thu, Feb 04, 2021 at 11:11:43PM +0100, Pavel Machek wrote:
> On Thu 2021-02-04 15:59:21, Timur Tabi wrote:
> > On 2/4/21 3:49 PM, Pavel Machek wrote:
> > >This machine is insecure. Yet I don't see ascii-art *** all around..
> > >
> > >"Kernel memory addresses are exposed, which is bad for security."
> >
> > I'll use whatever wording everyone can agree on, but I really don't see much
> > difference between "which may compromise security on your system" and "which
> > is bad for security". "may compromise" doesn't see any more alarmist than
> > "bad". Frankly, "bad" is a very generic term.
>
> Well, I agree that "bad" is vague.... but original wording is simply
> untrue, as printing addresses decreases robustness but can't introduce
> security problem on its own.
>
> Being alarmist is not my complaint; being untrue is.
It's just semantics. Printing addresses DOES weaken the security of a
system, especially when we know attackers have and do use stuff from dmesg
to tune their attacks. How about "reduces the security of your system"?
--
Kees Cook