Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1127027imm;
        Fri, 27 Jul 2018 11:33:51 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdfbnrUnH9jILWFrX++iTO0tr435p3rrFfBZSvZUz/9nsL2f+YEPah2BcOI0O2XNSmwfs0m
X-Received: by 2002:a62:be03:: with SMTP id l3-v6mr7761837pff.138.1532716431473;
        Fri, 27 Jul 2018 11:33:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532716431; cv=none;
        d=google.com; s=arc-20160816;
        b=oU1u1kIumhRaoPwlSv0W4zPP/MMN+XEI/+4LCzmuLRbfi3G2PFPwcWfn28Mfr1FtwE
         vRM6bKLXS4FrrnWOwg9l8uxvvpbXYx5wycmDcIK5znwP6n5VuSG5ACC2+3JnYNNzUYXs
         +BawsY1yxrCyyh6XcwLSWnXhNz/wBSZWzFaX28wgTsYUPHVzPet49Ug0sy3MGrYXm3ax
         RdXBvKhVUHzIPRjWOSqquyldhPlyqDPb54EQmo8+wl0Pc5O6ae57oqaumRbgXm1AkKdX
         S9a9A3gY3F2e8Oq4V9HQWuq85O+xCrnvJm27Bg2X7w1TEXGqv+9/hz4HLApxJM04Ri+7
         QvNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=ZDiDJC5PQfA01WEDmWlSq+xdY8nY9HdtIYW4oNxyZBg=;
        b=kJioXV7RHcv2ZzSg/lQn+AkXDsAD2iF42r6tCNLFKtHaOXgWgbhkMOqwDcg/JnuJ8k
         w985YGLV3S7TFOd0XBTMuhlSP0HcRqUsgehx+C2Mt9hEi09ifL4yrXbqSzsxk40Q44ZJ
         1ySVUpdDLN/5szDjrkzKZg7XQbs59mrB2cvqX5NfBGztFuseFuZWtWp9so9ACw1kiFPP
         /Hjo7yFSCPCAyRZMqo07Dh/cuEyCNtgqJ9sJVwc6ZnetWK97W7zXlt+346odGFNSJ/AC
         E+Xy9+Yfzfw45I+XGOO2L6XBQuuFcLeaKEFbgz3E+6g5jUbgOyPnJzVYcZOoiT+M+K39
         DFQA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id j124-v6si4670268pfg.157.2018.07.27.11.33.36;
        Fri, 27 Jul 2018 11:33:51 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389107AbeG0Tyu (ORCPT <rfc822;yxhlfx@gmail.com> + 99 others);
        Fri, 27 Jul 2018 15:54:50 -0400
Received: from mail.kernel.org ([198.145.29.99]:50048 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1730636AbeG0Tyu (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 27 Jul 2018 15:54:50 -0400
Received: from gandalf.local.home (cpe-66-24-56-78.stny.res.rr.com [66.24.56.78])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 1120F20673;
        Fri, 27 Jul 2018 18:31:42 +0000 (UTC)
Date:   Fri, 27 Jul 2018 14:31:41 -0400
From:   Steven Rostedt <rostedt@goodmis.org>
To:     Nick Desaulniers <ndesaulniers@google.com>
Cc:     Jann Horn <jannh@google.com>, Golden_Miller83@protonmail.ch,
        greg@kroah.com, Kees Cook <keescook@google.com>,
        salyzyn@android.com, LKML <linux-kernel@vger.kernel.org>,
        mingo@redhat.com, kernel-team@android.com, stable@vger.kernel.org,
        kernel-hardening@lists.openwall.com
Subject: Re: [PATCH] tracing: do not leak kernel addresses
Message-ID: <20180727143141.4b53d554@gandalf.local.home>
In-Reply-To: <CAKwvOdmg4DSSwy9YBccYWzc+6ZU2yKSSFmfnj72wqbYDJU0gzw@mail.gmail.com>
References: <20180725202238.165314-1-salyzyn@android.com>
        <20180725210717.3b807191@vmware.local.home>
        <11437c3e-5131-7190-c496-7b51eb7fcc2a@android.com>
        <20180726153153.GA8327@kroah.com>
        <CAKwvOdk9s+=kUwcPGQzZNxR7eOGAiiasAyWhZxgKom4_6h+oxA@mail.gmail.com>
        <20180726181558.25a5c3b8@gandalf.local.home>
        <753E9YR1QhdsPhsFoYuXCwfUzfyntDrc_A93hMUkktMi7lbh3KUZMcbfqKVWUfi15zYhuiDFant-ROa4QNV5shx74ff4hGngq2BOJDv-hq4=@protonmail.ch>
        <CAG48ez1U=5nTOrnOqwMuXhdER-7XxJUYLcyYNuczwasQLQ0gXA@mail.gmail.com>
        <20180727094730.3a448629@gandalf.local.home>
        <CAKwvOdmg4DSSwy9YBccYWzc+6ZU2yKSSFmfnj72wqbYDJU0gzw@mail.gmail.com>
X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 27 Jul 2018 11:13:51 -0700
Nick Desaulniers <ndesaulniers@google.com> wrote:

> I found the internal bug report (reported Jan '17, you'll have to
> forgive me if my memory of the issue is hazy, or if the fix used at
> the time wasn't perfect), which was reported against the Nexus 6.
> >From the report, it was possible to `cat  
> /sys/kernel/debug/tracing/printk_formats` without being root, which I
> can't do on my workstations much more modern kernel (Nexus 6 was
> 3.10).  So I guess the question is what governs access to files below
> /sys/kernel/debug, and why was it missing from those kernels?  I
> assume some check was added, but either not backported to 3.10 stable
> (or more likely not pulled in to Nexus 6's kernel through stable;
> Android is now in a much better place for that kind of issue).

As of commit 82aceae4f0d4 ("debugfs: more tightly restrict default
mount mode") /sys/kernel/debug has been default mounted as 0700 (root
only). But that was introduced in 3.7. Not sure why your 3.10 kernel
didn't have that. Perhaps there's another commit that fixed
permissions not being inherited?

-- Steve