From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=0hDs=HL=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-24.8 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	USER_AGENT_SANE_1,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0C368C433E0
	for <linux-mm@archiver.kernel.org>; Tue,  9 Feb 2021 21:59:51 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 7D81164EE3
	for <linux-mm@archiver.kernel.org>; Tue,  9 Feb 2021 21:59:50 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7D81164EE3
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id CF2006B0005; Tue,  9 Feb 2021 16:59:49 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id CA2986B006C; Tue,  9 Feb 2021 16:59:49 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B92E36B006E; Tue,  9 Feb 2021 16:59:49 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0072.hostedemail.com [216.40.44.72])
	by kanga.kvack.org (Postfix) with ESMTP id 9F4BA6B0005
	for <linux-mm@kvack.org>; Tue,  9 Feb 2021 16:59:49 -0500 (EST)
Received: from smtpin16.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with ESMTP id 6CADA180A93DD
	for <linux-mm@kvack.org>; Tue,  9 Feb 2021 21:59:49 +0000 (UTC)
X-FDA: 77800097298.16.brain53_3f132452760a
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin16.hostedemail.com (Postfix) with ESMTP id 4E48D100E690C
	for <linux-mm@kvack.org>; Tue,  9 Feb 2021 21:59:49 +0000 (UTC)
X-HE-Tag: brain53_3f132452760a
X-Filterd-Recvd-Size: 4818
Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46])
	by imf28.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Tue,  9 Feb 2021 21:59:48 +0000 (UTC)
Received: by mail-wr1-f46.google.com with SMTP id g10so23924819wrx.1
        for <linux-mm@kvack.org>; Tue, 09 Feb 2021 13:59:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=RRXcm3EvYqUoiGNTjYj2+xSX/85AuZX9z+0FoyOz2Nw=;
        b=pKHu/F3C4N4x3TqrsbYFHTYXiIuEnPcineTNaDiyBYvYaqiLN6PWDu1xOU/BFQ9Ja2
         EqYhNxnxZKuLJHrUkuDASDT67v2qK0PYtarTkfUEZuHH8yL0rOdNBc9hR9Q5b5uS0bdS
         S3qUZQj8ih8ZsvwWGQMTypdsJg6GEQbPOYNN5fb1GGRqzWH3ZTrb6YcmzBCtpb6zMfUW
         blT0AgY98xgRLj4QUZgBrdhgq6ndzDvt8I+1HiIFA0WgQZoQpQfrixCtyRS0O13SYSPL
         29HynDaj1BcIk95mLY6YZnhJqmzDVZLVWz/sfEhlsooaVxBqzQTrEkCVhSP379DIKE0x
         374A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=RRXcm3EvYqUoiGNTjYj2+xSX/85AuZX9z+0FoyOz2Nw=;
        b=HGOVEU7lKwQxATBfFsK6hKvzkdX91JqFzmMWLBnZL6BjvBpYwtiMLsW1R4TpbMJIsa
         0Wir3s2oM/njHmDJtRe0r3n7zObLOXYF6dYDZ5jjnNceLX04BeRwJUO0QH3RDYdDxNB6
         ISK4tx+DnpGipJsxIVLyv5gYUxV2sY/JZ3m7JrXG+jgC+Qvmb5BsBddBLZWYkcM9CGgR
         nvXZ475fX4rLT3J4+1BCYErg5zuh6ynAVuxOWtmY/hPMrj8g90F0e6sQt4vVFJi5ruKh
         IvuBqTc+E4+bTrf17bHRK3SWcmaYrpycMPAQW8dG+9y5iNK/hoYwphTEaP6q2e48HnFP
         HHDg==
X-Gm-Message-State: AOAM533tJ6OzchEcnFKLbiGAaxnBIx0qUEHN1pBhzyrgBDidZsE0nzd1
	Z/Fr6yZpv4tG2PHWwuWruvFvsg==
X-Google-Smtp-Source: ABdhPJzpy//cZm+LUaliLjKG7xToQBX9HiV1AyoPCXHsDhi3GpJCcUfMzZU+bj05fTivhbQ410a/lw==
X-Received: by 2002:adf:f1c5:: with SMTP id z5mr146578wro.391.1612907987526;
        Tue, 09 Feb 2021 13:59:47 -0800 (PST)
Received: from elver.google.com ([2a00:79e0:15:13:51c9:b9a4:3e29:2cd0])
        by smtp.gmail.com with ESMTPSA id r12sm39574767wrp.13.2021.02.09.13.59.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 09 Feb 2021 13:59:46 -0800 (PST)
Date: Tue, 9 Feb 2021 22:59:40 +0100
From: Marco Elver <elver@google.com>
To: Timur Tabi <timur@kernel.org>
Cc: Petr Mladek <pmladek@suse.com>, Steven Rostedt <rostedt@goodmis.org>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	linux-kernel@vger.kernel.org, vbabka@suse.cz, linux-mm@kvack.org,
	willy@infradead.org, akpm@linux-foundation.org,
	torvalds@linux-foundation.org, roman.fietze@magna.com,
	keescook@chromium.org, john.ogness@linutronix.de,
	akinobu.mita@gmail.com, glider@google.com, andreyknvl@google.com
Subject: Re: [PATCH][RESEND] lib/vsprintf: make-printk-non-secret printks all
 addresses as unhashed
Message-ID: <YCMFzCz8ootub9pH@elver.google.com>
References: <20210202213633.755469-1-timur@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20210202213633.755469-1-timur@kernel.org>
User-Agent: Mutt/2.0.2 (2020-11-20)
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Tue, Feb 02, 2021 at 03:36PM -0600, Timur Tabi wrote:
> If the make-printk-non-secret command-line parameter is set, then
> printk("%p") will print addresses as unhashed.  This is useful for
> debugging purposes.
> 
> A large warning message is displayed if this option is enabled,
> because unhashed addresses, while useful for debugging, exposes
> kernel addresses which can be a security risk.
> 
> Signed-off-by: Timur Tabi <timur@kernel.org>
> ---
>  lib/vsprintf.c | 34 ++++++++++++++++++++++++++++++++--
>  1 file changed, 32 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 3b53c73580c5..b9f87084afb0 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -2090,6 +2090,30 @@ char *fwnode_string(char *buf, char *end, struct fwnode_handle *fwnode,
>  	return widen_string(buf, buf - buf_start, end, spec);
>  }
>  
> +/* Disable pointer hashing if requested */
> +static bool debug_never_hash_pointers __ro_after_init;

Would it be reasonable to make this non-static? Or somehow make it
possible to get this flag from other subsystems?

There are other places in the kernel that dump sensitive data such as
registers. We'd like to be able to use 'debug_never_hash_pointers' to
decide if our debugging tools can dump registers etc. What we really
need is info if the kernel is in debug mode and we can dump all kinds of
sensitive info; debug_never_hash_pointers is would be a good enough
proxy for that.

Thanks,
-- Marco