Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752846AbcDFSV0 (ORCPT ); Wed, 6 Apr 2016 14:21:26 -0400 Received: from mail-wm0-f54.google.com ([74.125.82.54]:33242 "EHLO mail-wm0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752646AbcDFSVX convert rfc822-to-8bit (ORCPT ); Wed, 6 Apr 2016 14:21:23 -0400 MIME-Version: 1.0 In-Reply-To: <5e5e7c7ced7bede343530ed1447d7453@abdsec.com> References: <1459947782-5071-1-git-send-email-ed@abdsec.com> <5e5e7c7ced7bede343530ed1447d7453@abdsec.com> Date: Wed, 6 Apr 2016 11:21:21 -0700 X-Google-Sender-Auth: 4BKvBBuY7EGrvEUDU3dccROgKl0 Message-ID: Subject: Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file From: Kees Cook To: Emrah Demir Cc: Linus Torvalds , Dan Rosenberg , Dave Jones , Kernel Hardening , Linux Kernel Mailing List Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1491 Lines: 43 On Wed, Apr 6, 2016 at 11:05 AM, wrote: > First, I wrote your attached patch, but then I thought zeroing other > /proc/iomem values would be better. So I changed it. > > Most distros don't use KASLR, but they use kptr_restrict. Without KASLR, Well, hopefully that'll change over time. :) > kptr_restirct most likely useless. As you said these things should be done > long ago This results in a warning, but the kernel's printf formatting supports it: kernel/resource.c: In function ‘r_show’: kernel/resource.c:118:4: warning: '0' flag used with ‘%p’ gnu_printf format [-Wformat=] I'm not sure how to best suppress that... diff --git a/kernel/resource.c b/kernel/resource.c index 2e78ead30934..d5881d143fb6 100644 --- a/kernel/resource.c +++ b/kernel/resource.c @@ -111,10 +111,10 @@ static int r_show(struct seq_file *m, void *v) for (depth = 0, p = r; depth < MAX_IORES_LEVEL; depth++, p = p->parent) if (p->parent == root) break; - seq_printf(m, "%*s%0*llx-%0*llx : %s\n", + seq_printf(m, "%*s%0*pK-%0*pK : %s\n", depth * 2, "", - width, (unsigned long long) r->start, - width, (unsigned long long) r->end, + width, (void *) r->start, + width, (void *) r->end, r->name ? r->name : ""); return 0; } -Kees -- Kees Cook Chrome OS & Brillo Security