Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp125552imm;
        Thu, 26 Jul 2018 15:17:22 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdVsfQRwZuKzRFtb2Yt0eCmcSI4b1f6+vDVe1G7t81Blbncui7G/emDfpn3lFpePKetuL6D
X-Received: by 2002:a17:902:7683:: with SMTP id m3-v6mr3466877pll.255.1532643442790;
        Thu, 26 Jul 2018 15:17:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532643442; cv=none;
        d=google.com; s=arc-20160816;
        b=qXSZCS5Zbmb/id9xIW+e+DjdjqVjTWYf1/1tkjTXd0+5Xu35J/NuOnEuM/Ox+OULz7
         JLpHUDH9aPxAscG+cqC5jTaF76YAKgQxz+mXRIsQb+rsJl4Uat5FH4oQkTrktiuhtyUs
         d7WguY+zjbeCS9SLox8M6tsb21YMV7n0OZLKpxLJHKe1VJqHNBcWKrPdrcVev/ztP//6
         25qXTFVOB+Usro0R0Y6b8dS7BO0DLqqvPkII8s8VKpL3ROS5+uMVyQ50mh71V/jL67p4
         NHGIIM4mAGs4U64DFWAMZsuBpsipZ2+0Ya22gx8OIlp+/SFzgVgAqUaRQwMGqWCgakEE
         yj7w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=ffzSu2NLjoMutPinviHVesTAsP7IXuhI8bSlDJxfUEw=;
        b=PZE37s8H5orVlggSBn7V7ox+XbN1Atv7o9y3RwX9lYJz3JeLzJH5/Dz6CBc/jZAb3R
         8/GedlNhyAnINYQIDiKF7oi3yHZ4xvf1XbDg06G3d36DuSgbVXqq7sM4EL9BXVY3s6Ws
         QfW+21b6GO1nZNWtx9wzrt5FhRD9nlYaTngJc4rNJnXklIZhQus0hajblbts+MptvDCF
         9DyylCF2EdUf5b12lb6TRq8sPLzRrLftQNzxVCqkm+6qu8q759BDpM8wG1b5Rhv9p4/3
         TpJc/9hxqMRIzyvtxG1cPoAjZ6JcLN3gTXoX0bFzUAIdoQwj3RdxOI+u4ooPfrb42czS
         7azA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b76-v6si2394093pfl.223.2018.07.26.15.17.08;
        Thu, 26 Jul 2018 15:17:22 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731834AbeGZXev (ORCPT <rfc822;kernelgary@gmail.com>
        + 99 others); Thu, 26 Jul 2018 19:34:51 -0400
Received: from mail.kernel.org ([198.145.29.99]:56082 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1730581AbeGZXev (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 26 Jul 2018 19:34:51 -0400
Received: from gandalf.local.home (cpe-66-24-56-78.stny.res.rr.com [66.24.56.78])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 76006206B7;
        Thu, 26 Jul 2018 22:16:01 +0000 (UTC)
Date:   Thu, 26 Jul 2018 18:15:58 -0400
From:   Steven Rostedt <rostedt@goodmis.org>
To:     Nick Desaulniers <ndesaulniers@google.com>
Cc:     greg@kroah.com, Kees Cook <keescook@google.com>,
        salyzyn@android.com, LKML <linux-kernel@vger.kernel.org>,
        mingo@redhat.com, kernel-team@android.com, stable@vger.kernel.org,
        kernel-hardening@lists.openwall.com
Subject: Re: [PATCH] tracing: do not leak kernel addresses
Message-ID: <20180726181558.25a5c3b8@gandalf.local.home>
In-Reply-To: <CAKwvOdk9s+=kUwcPGQzZNxR7eOGAiiasAyWhZxgKom4_6h+oxA@mail.gmail.com>
References: <20180725202238.165314-1-salyzyn@android.com>
        <20180725210717.3b807191@vmware.local.home>
        <11437c3e-5131-7190-c496-7b51eb7fcc2a@android.com>
        <20180726153153.GA8327@kroah.com>
        <CAKwvOdk9s+=kUwcPGQzZNxR7eOGAiiasAyWhZxgKom4_6h+oxA@mail.gmail.com>
X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 26 Jul 2018 09:52:11 -0700
Nick Desaulniers <ndesaulniers@google.com> wrote:

> See the section "Kernel addresses" in
> Documentation/security/self-protection.  IIRC, the issue is that a
> process may have CAP_SYSLOG but not necessarily CAP_SYS_ADMIN (so it
> can read dmesg, but not necessarily issue a sysctl to change
> kptr_restrict), get compromised and used to leak kernel addresses,
> which can then be used to defeat KASLR.

But the code doesn't go to dmesg. It's only available
via /sys/kernel/debug/tracing/printk_formats which is only available
via root. Nobody else has access to that directory.

-- Steve