Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754736AbdIGH7t (ORCPT ); Thu, 7 Sep 2017 03:59:49 -0400 Received: from mail-pg0-f48.google.com ([74.125.83.48]:34897 "EHLO mail-pg0-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754477AbdIGH7o (ORCPT ); Thu, 7 Sep 2017 03:59:44 -0400 X-Google-Smtp-Source: ADKCNb6ubxm2RVSB7u+gPL2Et0FSRmEk5UWRMzK3r/5Ta/ev1GJEHzffnEjaoTGPL1kAq0gRhYexeg== Date: Thu, 7 Sep 2017 16:56:53 +0900 From: Sergey Senozhatsky To: Helge Deller Cc: Sergey Senozhatsky , linux-kernel@vger.kernel.org, Sergey Senozhatsky , Petr Mladek , Andrew Morton Subject: Re: [PATCH 00/14] Fix wrong %pF and %pS printk format specifier usages Message-ID: <20170907075653.GA533@jagdpanzerIV.localdomain> References: <1504729681-3504-1-git-send-email-deller@gmx.de> <20170907004522.GA3885@jagdpanzerIV.localdomain> <8b93f9ca-95f6-4e40-1cc8-d1a65833abff@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8b93f9ca-95f6-4e40-1cc8-d1a65833abff@gmx.de> User-Agent: Mutt/1.9.0 (2017-09-02) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1143 Lines: 34 Hello Helge, On (09/07/17 08:01), Helge Deller wrote: [..] > > hm... > > can we fix it in lib/vsprintf.c instead? thanks for a quick reply. > There is nothing to fix in vsprintf, because it is already providing > both %pF and %pS for the two different architecture-specific API call > implementations. [..] > ia64, ppc64 and parisc64 architectures will be wrong and may lead > to kernel crashes in the worst case. ^^^^^^^^^^^^^^^^^ I was thinking about this part. sorry, I don't have access to ia64/ppc64/parisc64 so can't check it or test it. here is a question, does function descriptor belong to a special section? can we check that supplied ptr belongs to a descriptor section and avoid dereference_function_descriptor() if it doesn't? (just fall through directly to symbol_string() in this case). is this possible? I mean, there is no mechanism to prevent this type of wrongdoings in the future, we can't scan the entire kernel for wrong pF/pS all the time. BTW, are we sure we can crash? when attempt to deference IP from the given descriptor? shall we handle page fault in this case and do something sane? just asking. -ss