From patchwork Wed Nov  8 03:37:37 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobin Harding <me@tobin.cc>
X-Patchwork-Id: 10047613
Return-Path: 
 <kernel-hardening-return-10427-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	793C6603FA for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed,  8 Nov 2017 03:38:55 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6CEB92A3A9
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed,  8 Nov 2017 03:38:55 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 5F5A02A3AB; Wed,  8 Nov 2017 03:38:55 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 629C32A3A9
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Wed,  8 Nov 2017 03:38:54 +0000 (UTC)
Received: (qmail 11598 invoked by uid 550); 8 Nov 2017 03:38:17 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 11492 invoked from network); 8 Nov 2017 03:38:16 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc
	:date:from:in-reply-to:message-id:references:subject:to
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=Q/KLKATYldN8wtVU+
	QSN3jSZUTmmmIA3yAyHXGJytLM=; b=cBblt7Lk0kSyg0vvSUxk6jPcf4VFJc/JK
	CtkGK2ec/N7dLcuA3td9a4nAvMXiZneWHqb9KtiPlpXtl8hcF9lGIeDgIfT17vqL
	vb/7hj7ticBlv19GSBoAx/vtGkrmuOVLzAAKGCSjjXnbVlG2V0vUrUbcT+FeiDmk
	Lz8XcY5wjVWfnp51DYlxD2839qlRFwoTdeMVSerHdqlxvkLQMAq1rO+JCCz5E9jT
	eHXc7mT5cs9mGwhBvo9IrwpSpwaI4SY2BS1MYYAxDqgww7wCLh3H4sdBtDhK6ZND
	xeQUY8QoX4oftvRp4XeXph5xTwUgi3zHAS32NteFds6k8YQKoAj4w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm1; bh=Q/KLKATYldN8wtVU+QSN3jSZUTmmmIA3yAyHXGJytLM=; b=NQDkXU+L
	jVl0TF6QVg7Oe5nynA8UX4UeLIB7REsDs+SfTFVeylsZ04KxEi0s0mNq1qouK4pX
	55g/tWYSciv48mSXrkOvqDXuldUTQ5qQDUR2eEDaedlqSRXoX9k1rXKKX+/K15uk
	/ubuGAzBKVEU0JjSTQB3yIOVvJYVD0HUlURYtZPjiZiY2BUHz2OY5nENpaT7i6VV
	NyYaeLhLnSbszp7JgMFmrziMGFyJHI0D4GVJCDgltd1bYWNaqwswzL5N+CfscHPq
	Y/u1d7R7n3ZtGRP9whA9JFXTkuTWS5Xy/kcgzFGwEZzvZ7MVhDw+9H2LnvgKVjGj
	eRfAP6BS3ddjFw==
X-ME-Sender: <xms:HHwCWpv70teXnsoOcpO9NaPVRHov3RpuOW8eLDDP5bsWKImVKekg_g>
From: "Tobin C. Harding" <me@tobin.cc>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Tobin C. Harding" <me@tobin.cc>, "Jason A. Donenfeld" <Jason@zx2c4.com>,
	Theodore Ts'o <tytso@mit.edu>,	Kees Cook <keescook@chromium.org>,
	Paolo Bonzini <pbonzini@redhat.com>, Tycho Andersen <tycho@docker.com>,
	"Roberts, William C" <william.c.roberts@intel.com>,
	Tejun Heo <tj@kernel.org>,
	Jordan Glover <Golden_Miller83@protonmail.ch>,
	Greg KH <gregkh@linuxfoundation.org>, Petr Mladek <pmladek@suse.com>,
	Joe Perches <joe@perches.com>,	Ian Campbell <ijc@hellion.org.uk>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <wilal.deacon@arm.com>,
	Steven Rostedt <rostedt@goodmis.org>,
	Chris Fries <cfries@google.com>, Dave Weinstein <olorin@google.com>,
	Daniel Micay <danielmicay@gmail.com>, Djalal Harouni <tixxdz@gmail.com>,
	linux-kernel@vger.kernel.org,
	Network Development <netdev@vger.kernel.org>,
	David Miller <davem@davemloft.net>, kernel-hardening@lists.openwall.com,
	"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
	Andy Lutomirski <luto@kernel.org>, Peter Zijlstra <peterz@infradead.org>
Date: Wed,  8 Nov 2017 14:37:37 +1100
Message-Id: <1510112259-11572-6-git-send-email-me@tobin.cc>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1510112259-11572-1-git-send-email-me@tobin.cc>
References: <1510112259-11572-1-git-send-email-me@tobin.cc>
Subject: [kernel-hardening] [PATCH 5/7] scripts/leaking_addresses: add
	emailing results
X-Virus-Scanned: ClamAV using ClamSMTP

Developers may not have the time (or inclination) to investigate script
output. This information is, however, useful. If we add functionality to
the script to email results for further investigation.

Add --send-report flag to email scan results (to Tobin C. Harding).

Signed-off-by: Tobin C. Harding <me@tobin.cc>
---
 scripts/leaking_addresses.pl | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 mode change 100755 => 100644 scripts/leaking_addresses.pl

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
old mode 100755
new mode 100644
index 4c31e935319b..e43105662306
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -34,6 +34,7 @@ my $output = "scan.out";
 my $suppress_dmesg = 0;
 my $squash_by_path = 0;
 my $raw = 0;
+my $send_report = 0;
 my $help = 0;
 my $debug = 0;
 
@@ -90,6 +91,7 @@ Options:
 	    --suppress-dmesg	 Do not show dmesg results.
 	    --squash-by-path	 Show one result per unique path.
 	    --raw	 	 Show raw results.
+	    --send-report	 Submit raw results for someone else to worry about.
 	-d, --debug              Display debugging output.
 	-h, --help, --version    Display this help and exit.
 
@@ -103,6 +105,7 @@ GetOptions(
 	'suppress-dmesg'	=> \$suppress_dmesg,
 	'squash-by-path'	=> \$squash_by_path,
 	'raw'			=> \$raw,
+	'send-report'		=> \$send_report,
 	'd|debug'		=> \$debug,
 	'h|help'		=> \$help,
 	'version'		=> \$help
@@ -124,6 +127,12 @@ if ($command eq 'scan') {
 	scan();
 }
 
+if ($send_report) {
+	send_report();
+	print "Raw scan results sent, thank you.\n";
+	exit(0);
+}
+
 format_output();
 
 exit 0;
@@ -144,6 +153,39 @@ sub scan
 	select STDOUT;
 }
 
+sub send_report
+{
+	my $subject = 'LEAK REPORT';
+	my $email = 'leaks@tobin.cc';
+
+	my $message = sprintf("kptr_restrict: %s\n", get_kptr_restrict());
+
+	# Slurp raw results.
+	$message .= do {
+		local $/ = undef;
+		open my $fh, "<", $output
+		    or die "could not open $output: $!";
+		<$fh>;
+	};
+
+	open my $mailh, '|-', "mail -s '$subject' $email"
+	    or die( "Could not open pipe! $!" );
+
+	print $mailh $message;
+	close $mailh;
+}
+
+sub get_kptr_restrict
+{
+	my $filename = "/proc/sys/kernel/kptr_restrict";
+	my @array = do {
+		open my $fh, "<", $filename
+		    or die "could not open $filename: $!";
+		<$fh>;
+	};
+	return $array[0];
+}
+
 sub is_false_positive
 {
 	my ($match) = @_;