From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B1816C433F5 for ; Tue, 8 Feb 2022 13:51:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 326D66B0073; Tue, 8 Feb 2022 08:51:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2AE1E6B0075; Tue, 8 Feb 2022 08:51:42 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 151096B007B; Tue, 8 Feb 2022 08:51:42 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.25]) by kanga.kvack.org (Postfix) with ESMTP id 0455A6B0073 for ; Tue, 8 Feb 2022 08:51:42 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id C0C7A226E6 for ; Tue, 8 Feb 2022 13:51:41 +0000 (UTC) X-FDA: 79119750402.01.C8C7AA9 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by imf31.hostedemail.com (Postfix) with ESMTP id 4950620005 for ; Tue, 8 Feb 2022 13:51:41 +0000 (UTC) Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id DEE1A1F387; Tue, 8 Feb 2022 13:51:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1644328299; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KdBmHlpiWVoOGJrAAEL9T6nI45p+Xd30noXSDXWqouo=; b=XfWeGKbvKx6pedZHAsn1NdiA7AYox4E41PKEamA/hgEiAcW3xIwQlj5qrchfieR/gW4T01 X2M138V1wLSeEPCyzgWBhpDuR7RzOUTOmuKKW+/uRhgunNC2IoB2OSqcSEHe4FQTtIYBMo OQs3lKNKVuJ6YPdpmyLaB4ysNKau11o= Received: from suse.cz (unknown [10.100.216.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 59DA2A3B84; Tue, 8 Feb 2022 13:51:39 +0000 (UTC) Date: Tue, 8 Feb 2022 14:51:39 +0100 From: Petr Mladek To: Christophe Leroy Cc: Steven Rostedt , Sergey Senozhatsky , Andy Shevchenko , Rasmus Villemoes , "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" , Kees Cook , Linus Torvalds Subject: Re: [PATCH] vsprintf: Fix %pK with kptr_restrict == 0 Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4950620005 Authentication-Results: imf31.hostedemail.com; dkim=pass header.d=suse.com header.s=susede1 header.b=XfWeGKbv; spf=pass (imf31.hostedemail.com: domain of pmladek@suse.com designates 195.135.220.29 as permitted sender) smtp.mailfrom=pmladek@suse.com; dmarc=pass (policy=quarantine) header.from=suse.com X-Stat-Signature: uapjwr988kq6hw5mxbf5big1nguz56kp X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1644328301-560558 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Adding Kees and Linus in Cc because it modifies %pK behavior. On Thu 2022-01-27 11:11:02, Christophe Leroy wrote: > Although kptr_restrict is set to 0 and the kernel is booted with > no_hash_pointers parameter, the content of /proc/vmallocinfo is > lacking the real addresses. > > / # cat /proc/vmallocinfo > 0x(ptrval)-0x(ptrval) 8192 load_module+0xc0c/0x2c0c pages=1 vmalloc > 0x(ptrval)-0x(ptrval) 12288 start_kernel+0x4e0/0x690 pages=2 vmalloc > 0x(ptrval)-0x(ptrval) 12288 start_kernel+0x4e0/0x690 pages=2 vmalloc > 0x(ptrval)-0x(ptrval) 8192 _mpic_map_mmio.constprop.0+0x20/0x44 phys=0x80041000 ioremap > 0x(ptrval)-0x(ptrval) 12288 _mpic_map_mmio.constprop.0+0x20/0x44 phys=0x80041000 ioremap > ... > > According to the documentation for /proc/sys/kernel/, %pK is > equivalent to %p when kptr_restrict is set to 0. Good catch! BTW: The behavior is strange also when kptr_restrict == 1. It allways prints non-hashed pointers for user space adresses. It means that it is less restrictive than kptr_restrict == 0 by default when no_hash_pointers == 0. It is probably not a big deal but... > --- > lib/vsprintf.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/lib/vsprintf.c b/lib/vsprintf.c > index 3b8129dd374c..9c60d6e1a0d6 100644 > --- a/lib/vsprintf.c > +++ b/lib/vsprintf.c > @@ -857,6 +861,8 @@ char *restricted_pointer(char *buf, char *end, const void *ptr, > switch (kptr_restrict) { > case 0: > /* Handle as %p, hash and do _not_ leak addresses. */ > + if (unlikely(no_hash_pointers)) > + break; > return ptr_to_id(buf, end, ptr, spec); This is a twisted duplication of the following code from pointer(): static noinline_for_stack char *pointer(const char *fmt, char *buf, char *end, void *ptr, struct printf_spec spec) { [...] /* * default is to _not_ leak addresses, so hash before printing, * unless no_hash_pointers is specified on the command line. */ if (unlikely(no_hash_pointers)) return pointer_string(buf, end, ptr, spec); else return ptr_to_id(buf, end, ptr, spec); } Instead, I would create: /* * default is to _not_ leak addresses, so hash before printing, * unless no_hash_pointers is specified on the command line. */ static noinline_for_stack char *default_pointer(const char *fmt, char *buf, char *end, void *ptr, struct printf_spec spec) { if (unlikely(no_hash_pointers)) return pointer_string(buf, end, ptr, spec); return ptr_to_id(buf, end, ptr, spec); } and use it in both hash_pointer() and pointer(). And I would use is also for kptr_restrict == 1. But it probably should be done in a separate patch and should be acked by Kees. > case 1: { > const struct cred *cred; Best Regards, Petr