Received: by 10.223.164.202 with SMTP id h10csp4388635wrb; Wed, 29 Nov 2017 05:43:37 -0800 (PST) X-Google-Smtp-Source: AGs4zMbEy2y5daY+vW/odYxLudvxCfSGJM36NHUtHeGx5WfCFfM7QPTnW4ffeLNu8eVhlQlUcikP X-Received: by 10.84.177.129 with SMTP id x1mr2963257plb.217.1511963017854; Wed, 29 Nov 2017 05:43:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511963017; cv=none; d=google.com; s=arc-20160816; b=ZIypR1P3Q1/XVvG5EpbrbzqOY9vgTWA1/iChueShXzUt0DdRoLLPqcUBLLJQnJEx37 eKcGJGxC+xst60fYqxFDdwBMijsvHJnV5j5zDrW93KLIfoL/47yZkiKTyxFzSyOL6Mj2 3D5gHtG37dXN/i3/SWwijc3MONKhdTeN2hK1ZVq17p16Fp0qRZPEtz9yG8YZgWwrZkBu BdsZSst2SBFmHoo8YPbyqVzLtTzteyikFKVa+iW2Mr3z2DoL14lPZ1yxS6sXpEMkMGjo GhxqvsJGDi40oDt4ZO8y51/NTJw2B+F+w/mi3tMvpsiLB1dLEXRJ0kdwX+A9DmN7c/ob Bd7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=LGsoI5ZdDO63UeWiUFCEXLX3++9xgKz1PaCR0KC4om0=; b=FYAT7rrAMioaK1ficy7WZhjS289VHm8dkIwe/q8vsxCm2y2iv+yqx00bXt9PX/SlS+ 0mElES80+XcS2DgyOevtvQFK3g7isQ49VgiuvFenMj3/djNSNnExxMszM3h+gTWuowdl ILpeYZLWL29Uj/FwPZSJ6jSuSJBLUOe+Ee5JN86sLYLTD++OLCGritJNK/FHKf+I/5R5 EF/rv0G8AZa0YyvOwONdzS1yzTv1McSm5j+zekeebNPUfnsfjFwC4z6tWE59TfJ0JJXM NsxNDrtggLSPgPcGcJB43zeZWWwepRrd8pxr8w+JpFRF38gCpqRKKvxHELP3wry/vYEH Y6HQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=YjdaKRYt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 17si1372235pfh.401.2017.11.29.05.43.26; Wed, 29 Nov 2017 05:43:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=YjdaKRYt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754469AbdK2LEC (ORCPT + 70 others); Wed, 29 Nov 2017 06:04:02 -0500 Received: from mail-ot0-f182.google.com ([74.125.82.182]:42365 "EHLO mail-ot0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752369AbdK2LEA (ORCPT ); Wed, 29 Nov 2017 06:04:00 -0500 Received: by mail-ot0-f182.google.com with SMTP id i1so2651461oth.9 for ; Wed, 29 Nov 2017 03:03:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=LGsoI5ZdDO63UeWiUFCEXLX3++9xgKz1PaCR0KC4om0=; b=YjdaKRYt39w/y7V4BVsA2vxjKmHsTxGtHhhQRutHq0uOQgMftekW3OwIetbo7GwRJD 3JvGIgdp6AXoWbh63CGfwAz+oqOUw5aGQrF5EwbKp0tF137gtZc+M6ch/eWo/8uCoEr5 wA533hpbW/5nq6DuOu7ekmtWcyjGnGRUzshdecikb6BNDz63IIbdng0q6seOGgysDLn9 r+1gWNcd6Rw3soyl6RlNZasR+DR2OKP+yYFZzqW6VYCNeqhy4QxmIh5cqRejD6YKl2l6 74c6/adCGJ8Uf9OT18z0cGCULQBndll91yA3m3liyltqGZcyrCohdYbETtZBwNpybtuw aQ+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=LGsoI5ZdDO63UeWiUFCEXLX3++9xgKz1PaCR0KC4om0=; b=NyrqvJKS1FqZ6fGsZmc0lKoN3pwgoP8RwMK+jn2VnIi+1I2FUSuMqi55O6FbfczdAV v2h43Mk6J61I7Bp5WotMwoVKRe/9utqFxAMqb6Iq97p3KExehWiMlnnF28g5Jh2J0/Zu eHE8Gl9OFOT4k+Xq9Um7NdqSPXF3lpANpEeO3eUu/mBmPy1YNJ8/zYdpgelMu63CdoTs Jw2mKDoCUWzl3rHB21KMquyP1OBMqzIWjSS4dWXR59cOYXXV+///lAgU4Ncyz04R9Vne PHk3R/BH2W6B/4psybMmsVqW96fnLn4khiK/1lhqo2JkucCqn8RDM8jLC7eat/OAFUFB gTmQ== X-Gm-Message-State: AJaThX6AkURojegw8I14Dzeosd8+pjOHoXjqMFwZXU7j0vJWZGcVORMO ed8LIKJvhAr1rRRYqFAC1qFRdRPzTs3V0l6ICIQ= X-Received: by 10.157.15.186 with SMTP id d55mr2155484otd.262.1511953439216; Wed, 29 Nov 2017 03:03:59 -0800 (PST) MIME-Version: 1.0 Received: by 10.74.127.6 with HTTP; Wed, 29 Nov 2017 03:02:54 -0800 (PST) In-Reply-To: <20171129101640.GC6217@eros> References: <1511850724-2381-1-git-send-email-me@tobin.cc> <20171128211003.GY17858@eros> <20171129101640.GC6217@eros> From: Kaiwan N Billimoria Date: Wed, 29 Nov 2017 16:32:54 +0530 Message-ID: Subject: Re: [PATCH] leaking_addresses: add support for 32-bit kernel addresses To: "Tobin C. Harding" Cc: Alexander Kapshuk , linux-kernel , kernel-hardening@lists.openwall.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Wed, Nov 29, 2017 at 3:46 PM, Tobin C. Harding wrote: > On Wed, Nov 29, 2017 at 09:59:59AM +0200, Alexander Kapshuk wrote: >> On Tue, Nov 28, 2017 at 11:10 PM, Tobin C. Harding wrote: >> > On Tue, Nov 28, 2017 at 03:16:24PM +0200, Alexander Kapshuk wrote: >> >> On Tue, Nov 28, 2017 at 8:32 AM, Tobin C. Harding wrote: >> >> > Options: >> >> > >> >> > - -o, --output-raw= Save results for future processing. >> >> > - -i, --input-raw= Read results from file instead of scanning. >> >> > - --raw Show raw results (default). >> >> > - --suppress-dmesg Do not show dmesg results. >> >> > - --squash-by-path Show one result per unique path. >> >> > - --squash-by-filename Show one result per unique filename. >> >> > - -d, --debug Display debugging output. >> >> > - -h, --help, --version Display this help and exit. >> >> > + -o, --output-raw= Save results for future processing. >> >> > + -i, --input-raw= Read results from file instead of scanning. >> >> > + --raw Show raw results (default). >> >> > + --suppress-dmesg Do not show dmesg results. >> >> > + --squash-by-path Show one result per unique path. >> >> > + --squash-by-filename Show one result per unique filename. >> >> > + --page-offset-32bit= PAGE_OFFSET value (for 32-bit kernels). >> >> > + --kernel-config-file= Kernel configuration file (e.g /boot/config) >> >> > + -d, --debug Display debugging output. >> >> > + -h, --help, --version Display this help and exit. >> >> > Thanks for the whitespace fixes.. >> >> >> >> Get_page_offset attempts to build a list of config files, which are >> >> then passed into the parsing function for further processing. >> >> This splits up the code to do with the config files between >> >> get_page_offset() and parse_kernel_config_file(). >> >> May I suggest putting the kernel config file processing code into the >> >> parse_kernel_config_file() instead, and let the parsing function >> >> handle the config files and either return the page_offset or an empty >> >> string. >> >> >> >> See below for the proposed implementation. Thanks Alexander.. >> > >> > Nice, this is much better! Thanks. >> > >> >> Apologies for the absence of indentation. >> > >> > Re-posting with indentation, comments in line. >> > >> >> Disclaimer: I did not test-run the code being proposed. >> > >> > I also did not test my comments ;) >> > >> >> sub get_page_offset >> >> { >> >> my $default_offset = "0xc0000000"; >> >> my $page_offset; >> >> >> >> # Allow --page-offset-32bit to over ride. >> >> if ($page_offset_32bit != 0) { >> >> return $page_offset_32bit; >> >> } >> >> >> >> $page_offset = parse_kernel_config_file(); >> >> if ($page_offset ne "") { >> >> return $page_offset >> >> } >> >> >> >> printf STDERR "Failed to parse kernel config files\n"; >> >> printf STDERR "Falling back to %s\n", $default_offset; >> >> >> >> return $default_offset; This "fallback to 0xc0000000" I don't really agree with. Obviously, there are platforms out there that do not use a PAGE_OFFSET value of 0xc0000000. So I think that defaulting to this is kinda presumptive; much better, IMHO, if we just fail and ask the user to pass the "correct" PAGE_OFFSET value via the '--page-offset-32bit=' option switch. What do you say? >> >> } >> >> >> > perhaps >> > my $tmpkconf = '/tmp/tmpkconf'; >> >> my $tmpkconf is almost as long as /tmp/tmpkconf. The name of the tmp >> file is self explanatory. >> Using a variable instead of the filename in this particular context is >> a matter of personal preference. If you prefer to use the variable >> here, it's your call. > > I'm a stickler for no const strings or magic numbers but it's Kaiwan's > patch, if he puts it in with const strings I'll apply it as is :) I'd say in this case it's self-evident; IMO, we could leave it as a const string.. >> > >> >> if (system("gunzip < /proc/config.gz > /tmp/tmpkconf") == 0) { >> >> push @config_files, "/tmp/tmpkconf"; >> >> } >> >> } >> > >> > Won't there only ever be a single config file? So if /proc/config.gz is >> > readable we could do >> >> The code above builds a list of config files. >> Assigning to @config_files as shown below would wipe out the config >> files appended to the list so far, would it not? >> So $tmpkconf needs appending to the list. > > You are correct, since the beginning of this function that has been the > algorithm. My observation is that if /proc/config.gz is present then we > don't need to parse the other files so it is better to blow them away. > > I don't know enough about the whole Linux-sphere to know if this is > correct. But it seems reasonable that even if there is more than one way > to look at the running kernels config file they will all be the same, > the system would be pretty broken if they were different. > > So once we have found a readable config file just parse it and be done > with it, no need to loop over any others. Agreed. > thanks, > Tobin. Tobin, am unsure why but I can't seem to apply your patch (on the commit you specified: 4.15-rc1). So have been unable to test so far.. Am copying the patch off the email, saving and trying: linux $ git apply --check ../tobin_patch_28nov17.patch error: patch failed: scripts/leaking_addresses.pl:35 error: scripts/leaking_addresses.pl: patch does not apply linux $ ?? Thanks, Kaiwan. From 1585405160788552781@xxx Wed Nov 29 12:56:22 +0000 2017 X-GM-THRID: 1585290445821931966 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread