Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp1123793pxb; Thu, 23 Sep 2021 19:14:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzo6N2Y1Hh1f6OHYDwqbc1n8Puhn9gbOchYMqaywvttldwK7Wn/0Sfcq0W6BAVVIEVopjaR X-Received: by 2002:a05:6e02:1144:: with SMTP id o4mr5972144ill.264.1632449656143; Thu, 23 Sep 2021 19:14:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632449656; cv=none; d=google.com; s=arc-20160816; b=mZkrZlhanbIgetyKbsF9UpJiAL7ftFpI8x8n3Yc/E38wPiaVhDy1zx0y0+0UJkfXhy zGY/w335tFUvrC0d7H2O+fChIFAoUInrAsakAnmXLkgu3kEOfDzFkW+kyMSSOMcyP6DT 0WPbqfKY/aQEsWHiYqrAWkuwgj5TmOabkosz5JSLrA/fKxerGeffdv8ez9NI+s32LvSH H4a6loKRGF2Qn25ITEoXvOwNz1Ev60xOunAt1V5oz1aeAtMx+gL4f3Y1M1dISnY5jlwF iPQPgDOj9mlRVmGgpJ5nE/HPWOrUMDRD2IeTl5oenYvmq8f8hKIMAsrA8t1HiZ8ENyaA vgDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=X16P5+Fh8gBvIOgYYm1GGZ8fM3+IF2mLFhrIFshTjFA=; b=G7rP+5I2i+QEUlGlSY6C5I5xU7EjwNYHldt6l0eMqGAHU+JkCfyPUJ98qFNkErIKQC tf9lQsWSjXF+cpB/Dm1tYfZer9bhlBUKynGpu1JGIA3YgzqSk5P7qZUUSQA6AcBizyyK zwURniIn82ieTEnYpCdt9+whYy3jQEk+FVHJ/0rq40IjhubcpXxmNYGPCc7Kt3SwDJUN 551TdhSNF+mXt9uY6PA0hVVM/0BivzUoV2dnCtqa33nKYrC+Rd8cO6riDaf0SVuRddC9 CvFqWehF8Ws3waglpsG4hZtZbBp0xKB0+uhk9rwJW2nxl+8fMZuhFSFJZcRnUnTyrjNP ALvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=imhuc81e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b15si9271483ilv.38.2021.09.23.19.14.03; Thu, 23 Sep 2021 19:14:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=korg header.b=imhuc81e; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243767AbhIXCOl (ORCPT + 99 others); Thu, 23 Sep 2021 22:14:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:44852 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243883AbhIXCOk (ORCPT ); Thu, 23 Sep 2021 22:14:40 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id B5AA860F6D; Fri, 24 Sep 2021 02:13:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1632449587; bh=B/XHIWMq1gag7dtKsGrmlye8E+xPHZm+e2yAyVV3M6s=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=imhuc81evtsk2EniQ+zv0t/OEdOmAFrh2AYCPNxmBftH60pEeUTReAi1sUAV08c1G mm7QmfIVliTxodfM5ADhZ7o/6tDNUEjh1Z14XR3sRvqXcI3q6xL1XZzPB1lt3OgmGI R5gv0i/Fgqw/WIeAQ4t0Bof0tHhUTAdYAw2oQk2Q= Date: Thu, 23 Sep 2021 19:13:06 -0700 From: Andrew Morton To: Kees Cook Cc: Thomas Gleixner , Josh Poimboeuf , Vito Caputo , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Jens Axboe , Mark Rutland , Peter Zijlstra , Stefan Metzmacher , Andy Lutomirski , Lai Jiangshan , Christian Brauner , "Kenta.Tada@sony.com" , Daniel Bristot de Oliveira , Michael =?ISO-8859-1?Q?Wei=DF?= , Anand K Mistry , Alexey Gladkov , Michal Hocko , Helge Deller , Dave Hansen , Andrea Righi , Ohhoon Kwon , Kalesh Singh , YiFei Zhu , "Eric W. Biederman" , linux-kernel@vger.kernel.org, x86@kernel.org, linux-fsdevel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] proc: Disable /proc/$pid/wchan Message-Id: <20210923191306.664d39866761778a4a6ea56c@linux-foundation.org> In-Reply-To: <20210923233105.4045080-1-keescook@chromium.org> References: <20210923233105.4045080-1-keescook@chromium.org> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 23 Sep 2021 16:31:05 -0700 Kees Cook wrote: > The /proc/$pid/wchan file has been broken by default on x86_64 for 4 > years now[1]. [1] is hard to decrypt. I think it would be better if this changelog were to describe the problem directly, completely and succinctly? > As this remains a potential leak of either kernel > addresses (when symbolization fails) or limited observation of kernel > function progress, just remove the contents for good. > > Unconditionally set the contents to "0" and also mark the wchan > field in /proc/$pid/stat with 0. > > This leaves kernel/sched/fair.c as the only user of get_wchan(). But > again, since this was broken for 4 years, was this profiling logic > actually doing anything useful? Agree that returning a hard-wired "0\n" is the way to go.