| Message ID | 1510112259-11572-6-git-send-email-me@tobin.cc (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed 2017-11-08 14:37:37, Tobin C. Harding wrote: > Developers may not have the time (or inclination) to investigate script > output. This information is, however, useful. If we add functionality to > the script to email results for further investigation. > > Add --send-report flag to email scan results (to Tobin C. Harding). I am not sure that it is wise to make spaming one person so easy ;-) It might make sense to add some more information into the message. For example: + uname -a + whether the log was generated using root access Also people might feel more comfortable if this feature: + prints the message + printks where it is being sent + ask yes/no before doing so > scripts/leaking_addresses.pl | 42 ++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 42 insertions(+) > mode change 100755 => 100644 scripts/leaking_addresses.pl ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl > old mode 100755 > new mode 100644 I guess that this was not intended. Best Regards, Petr
On Wed, Nov 08, 2017 at 11:16:43AM +0100, Petr Mladek wrote: > On Wed 2017-11-08 14:37:37, Tobin C. Harding wrote: > > Developers may not have the time (or inclination) to investigate script > > output. This information is, however, useful. If we add functionality to > > the script to email results for further investigation. > > > > Add --send-report flag to email scan results (to Tobin C. Harding). > > I am not sure that it is wise to make spaming one person > so easy ;-) I agree, I would strongly discourage this, as you will end up getting reports from really old kernels for the next 20+ years. We have seen that happen for every time we have added a "report this to foo@baz" in a kernel log message. If you _really_ want to do this, at least point it at a mailing list. thanks, greg k-h
On Wed, Nov 08, 2017 at 12:51:20PM +0100, Greg KH wrote: > On Wed, Nov 08, 2017 at 11:16:43AM +0100, Petr Mladek wrote: > > On Wed 2017-11-08 14:37:37, Tobin C. Harding wrote: > > > Developers may not have the time (or inclination) to investigate script > > > output. This information is, however, useful. If we add functionality to > > > the script to email results for further investigation. > > > > > > Add --send-report flag to email scan results (to Tobin C. Harding). > > > > I am not sure that it is wise to make spaming one person > > so easy ;-) > > I agree, I would strongly discourage this, as you will end up getting > reports from really old kernels for the next 20+ years. We have seen > that happen for every time we have added a "report this to foo@baz" in a > kernel log message. > > If you _really_ want to do this, at least point it at a mailing list. Will remove --send-report for next version. thanks, Tobin.
diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl old mode 100755 new mode 100644 index 4c31e935319b..e43105662306 --- a/scripts/leaking_addresses.pl +++ b/scripts/leaking_addresses.pl @@ -34,6 +34,7 @@ my $output = "scan.out"; my $suppress_dmesg = 0; my $squash_by_path = 0; my $raw = 0; +my $send_report = 0; my $help = 0; my $debug = 0; @@ -90,6 +91,7 @@ Options: --suppress-dmesg Do not show dmesg results. --squash-by-path Show one result per unique path. --raw Show raw results. + --send-report Submit raw results for someone else to worry about. -d, --debug Display debugging output. -h, --help, --version Display this help and exit. @@ -103,6 +105,7 @@ GetOptions( 'suppress-dmesg' => \$suppress_dmesg, 'squash-by-path' => \$squash_by_path, 'raw' => \$raw, + 'send-report' => \$send_report, 'd|debug' => \$debug, 'h|help' => \$help, 'version' => \$help @@ -124,6 +127,12 @@ if ($command eq 'scan') { scan(); } +if ($send_report) { + send_report(); + print "Raw scan results sent, thank you.\n"; + exit(0); +} + format_output(); exit 0; @@ -144,6 +153,39 @@ sub scan select STDOUT; } +sub send_report +{ + my $subject = 'LEAK REPORT'; + my $email = 'leaks@tobin.cc'; + + my $message = sprintf("kptr_restrict: %s\n", get_kptr_restrict()); + + # Slurp raw results. + $message .= do { + local $/ = undef; + open my $fh, "<", $output + or die "could not open $output: $!"; + <$fh>; + }; + + open my $mailh, '|-', "mail -s '$subject' $email" + or die( "Could not open pipe! $!" ); + + print $mailh $message; + close $mailh; +} + +sub get_kptr_restrict +{ + my $filename = "/proc/sys/kernel/kptr_restrict"; + my @array = do { + open my $fh, "<", $filename + or die "could not open $filename: $!"; + <$fh>; + }; + return $array[0]; +} + sub is_false_positive { my ($match) = @_;
Developers may not have the time (or inclination) to investigate script output. This information is, however, useful. If we add functionality to the script to email results for further investigation. Add --send-report flag to email scan results (to Tobin C. Harding). Signed-off-by: Tobin C. Harding <me@tobin.cc> --- scripts/leaking_addresses.pl | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) mode change 100755 => 100644 scripts/leaking_addresses.pl