From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17999C433DB for ; Thu, 4 Feb 2021 21:49:50 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 5CD4C64E7B for ; Thu, 4 Feb 2021 21:49:49 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5CD4C64E7B Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ucw.cz Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id DEE956B006C; Thu, 4 Feb 2021 16:49:48 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D78E26B006E; Thu, 4 Feb 2021 16:49:48 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C8DD66B0070; Thu, 4 Feb 2021 16:49:48 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0237.hostedemail.com [216.40.44.237]) by kanga.kvack.org (Postfix) with ESMTP id AE6446B006C for ; Thu, 4 Feb 2021 16:49:48 -0500 (EST) Received: from smtpin14.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 7965A3636 for ; Thu, 4 Feb 2021 21:49:48 +0000 (UTC) X-FDA: 77781928056.14.sand94_4517176275df Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin14.hostedemail.com (Postfix) with ESMTP id 5C2221822989D for ; Thu, 4 Feb 2021 21:49:48 +0000 (UTC) X-HE-Tag: sand94_4517176275df X-Filterd-Recvd-Size: 3524 Received: from jabberwock.ucw.cz (jabberwock.ucw.cz [46.255.230.98]) by imf14.hostedemail.com (Postfix) with ESMTP for ; Thu, 4 Feb 2021 21:49:47 +0000 (UTC) Received: by jabberwock.ucw.cz (Postfix, from userid 1017) id BF8161C0B79; Thu, 4 Feb 2021 22:49:44 +0100 (CET) Date: Thu, 4 Feb 2021 22:49:44 +0100 From: Pavel Machek To: Steven Rostedt Cc: Timur Tabi , Petr Mladek , Sergey Senozhatsky , linux-kernel@vger.kernel.org, linux-mm@kvack.org, willy@infradead.org, akpm@linux-foundation.org, torvalds@linux-foundation.org, roman.fietze@magna.com, keescook@chromium.org, john.ogness@linutronix.de, akinobu.mita@gmail.com Subject: Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed Message-ID: <20210204214944.GA13103@amd> References: <20210202201846.716915-1-timur@kernel.org> <20210204204835.GA7529@amd> <20210204155423.2864bf4f@gandalf.local.home> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="YiEDa0DAkWCtVeE4" Content-Disposition: inline In-Reply-To: <20210204155423.2864bf4f@gandalf.local.home> User-Agent: Mutt/1.5.23 (2014-03-12) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: --YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! > Pavel Machek wrote: >=20 > > > + pr_warn("** Kernel memory addresses are exposed, which may **= \n"); > > > + pr_warn("** compromise security on your system. **= \n"); =20 > >=20 > > This is lies, right? And way too verbose. >=20 > Not really. More of an exaggeration than a lie. And the verbosity is > to Well... security is _not_ compromised but robustness against kernel bugs is reduced. It should not exaggerate. > make sure it's noticed by those that shouldn't have it set. This works we= ll > for keeping trace_printk() out of production kernels. Why do you > care So if we want people to see it, we up the severity, right? Like pr_err()... Distro kernels have quiet, anyway... Lets take a look for what we say for _real_ problems: [ 0.544757] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitiza tion [ 0.544876] Spectre V2 : Mitigation: Full generic retpoline [ 0.544961] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switc h [ 0.545064] L1TF: System has more than MAX_PA/2 memory. L1TF mitigation not effective. [ 0.545163] L1TF: You may make it effective by booting the kernel with mem=3D2147483648 par ameter. [ 0.545281] L1TF: However, doing so will make a part of your RAM unusable. [ 0.545374] L1TF: Reading https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html might help you decide. This machine is insecure. Yet I don't see ascii-art *** all around.. "Kernel memory addresses are exposed, which is bad for security." would be quite enough, I'd say... Best regards, Pavel --=20 http://www.livejournal.com/~pavelmachek --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAmAca/gACgkQMOfwapXb+vIbAgCgqdbBjD/oEzrrT4AAuxjRKbnb YFcAniCKkMfU/JAkSWIF01S6cuPg0KRX =0B3l -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4--