From patchwork Thu Nov  9 05:09:34 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobin Harding <me@tobin.cc>
X-Patchwork-Id: 10050123
Return-Path: 
 <kernel-hardening-return-10469-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	AA5F3602D7 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:18 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 94D142AAEF
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:18 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 86AE52AAF1; Thu,  9 Nov 2017 05:11:18 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 77C702AAEF
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:16 +0000 (UTC)
Received: (qmail 3598 invoked by uid 550); 9 Nov 2017 05:10:30 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 3446 invoked from network); 9 Nov 2017 05:10:27 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc
	:date:from:in-reply-to:message-id:references:subject:to
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=fetdASzV08h0yGSTQ
	hixCWQOsiy+K9uV+nUueevc0qk=; b=W7l7vMKktIKg7qDE4C1psdJn383og++x1
	0HkQpSchBhjSacUD7pAXE5mkyJpe9dUaW07AFTGPcRsotKEE3qMSe7Jj2vJ+j160
	Wv66jOhq5IOI9/rvkjGAV7XJbFc02lBPh9paGMv7rph4RcGNcF1+D8T1wRQVyK3D
	8B+Y8MWvyf3L1LSWGAHgafb4qeV2pNPLKvakUkETujAUeI1GH/WFVOdo3gqDt5R7
	SLqqm98zplTatAsCsMELu+cpZb1Hw6x7omzKy3Rbm5bEOERJreC6DsfgekTNnBHF
	zHKs7sY8SDu11LIWlgrALeCZBd4XF9SsYyNWc5/nK+cOcAqB8jeVw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm1; bh=fetdASzV08h0yGSTQhixCWQOsiy+K9uV+nUueevc0qk=; b=pquIJK9l
	6mM71xYFQtyP9V2U3UAeA1N89cUGspHWGeQx0UPAzArqiQ6CxMRfQKdbOUAhXEBu
	5O3FrMkmPQqYEGZO/bPZrQIWN5Fu5dkFKwFeYM+kyD2BGfdwu3LMfFetiskzSS1c
	bXR/piE+fS3bjeT6rdxRs3kBbrwd7TKn7H07ibyR9k9MJzFn/nYKtXoxfefmsQ7i
	GzT4NYmPobZIO30bwl2fxw8CAThSSfIuqukC4uHiZykGXBipR54OOzp9/BKRWhpJ
	lGUgKHjXS0y+ywM0IPuNVgM7j76ZUyYdJXy2AK8MT6AI89CjpWgwQDjyNwEXPQAE
	Byofd+u69piXig==
X-ME-Sender: <xms:OOMDWvVli01Gsofy_n6gWqWL6luBAtGAJtYJV1xvSmIeACRCVIpR3A>
From: "Tobin C. Harding" <me@tobin.cc>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Tobin C. Harding" <me@tobin.cc>, "Jason A. Donenfeld" <Jason@zx2c4.com>,
	Theodore Ts'o <tytso@mit.edu>,	Kees Cook <keescook@chromium.org>,
	Paolo Bonzini <pbonzini@redhat.com>, Tycho Andersen <tycho@docker.com>,
	"Roberts, William C" <william.c.roberts@intel.com>,
	Tejun Heo <tj@kernel.org>,
	Jordan Glover <Golden_Miller83@protonmail.ch>,
	Greg KH <gregkh@linuxfoundation.org>, Petr Mladek <pmladek@suse.com>,
	Joe Perches <joe@perches.com>,	Ian Campbell <ijc@hellion.org.uk>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <wil.deacon@arm.com>, Steven Rostedt <rostedt@goodmis.org>,
	Chris Fries <cfries@google.com>, Dave Weinstein <olorin@google.com>,
	Daniel Micay <danielmicay@gmail.com>, Djalal Harouni <tixxdz@gmail.com>,
	"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
	Andy Lutomirski <luto@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Michael Ellerman <mpe@ellerman.id.au>,
	David Miller <davem@davemloft.net>,
	Network Development <netdev@vger.kernel.org>,
	linux-kernel@vger.kernel.org,	kernel-hardening@lists.openwall.com
Date: Thu,  9 Nov 2017 16:09:34 +1100
Message-Id: <1510204175-10138-8-git-send-email-me@tobin.cc>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1510204175-10138-1-git-send-email-me@tobin.cc>
References: <1510204175-10138-1-git-send-email-me@tobin.cc>
Subject: [kernel-hardening] [PATCH v2 7/8] scripts/leaking_addresses: add
	support for ppc64
X-Virus-Scanned: ClamAV using ClamSMTP

Currently script is targeted at x86_64. We can support other
architectures by using the correct regular expressions for each
architecture.

Add the infrastructure to support multiple architectures. Add support
for ppc64.

Signed-off-by: Tobin C. Harding <me@tobin.cc>
---
 scripts/leaking_addresses.pl | 66 ++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 60 insertions(+), 6 deletions(-)

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index 4610ad3c80c2..1d6ab7f1b10c 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -21,6 +21,7 @@ use File::Spec;
 use Cwd 'abs_path';
 use Term::ANSIColor qw(:constants);
 use Getopt::Long qw(:config no_auto_abbrev);
+use Config;
 
 my $P = $0;
 my $V = '0.01';
@@ -28,6 +29,11 @@ my $V = '0.01';
 # Directories to scan.
 my @DIRS = ('/proc', '/sys');
 
+# Script can only grep for kernel addresses on the following architectures. If
+# your architecture is not listed here and has a grep'able kernel address please
+# consider submitting a patch.
+my @SUPPORTED_ARCHITECTURES = ('x86_64', 'ppc64');
+
 # Command line options.
 my $help = 0;
 my $debug = 0;
@@ -137,6 +143,20 @@ if (!$input_raw and ($squash_by_path or $squash_by_filename)) {
 	exit(128);
 }
 
+if (!is_supported_architecture()) {
+	printf "\nScript does not support your architecture, sorry.\n";
+	printf "\nCurrently we support: \n\n";
+	foreach(@SUPPORTED_ARCHITECTURES) {
+		printf "\t%s\n", $_;
+	}
+
+	my $archname = $Config{archname};
+	printf "\n\$ perl -MConfig -e \'print \"\$Config{archname}\\n\"\'\n";
+	printf "%s\n", $archname;
+
+	exit(129);
+}
+
 if ($output_raw) {
 	open my $fh, '>', $output_raw or die "$0: $output_raw: $!\n";
 	select $fh;
@@ -152,6 +172,31 @@ sub dprint
 	printf(STDERR @_) if $debug;
 }
 
+sub is_supported_architecture
+{
+	return (is_x86_64() or is_ppc64());
+}
+
+sub is_x86_64
+{
+	my $archname = $Config{archname};
+
+	if ($archname =~ m/x86_64/) {
+		return 1;
+	}
+	return 0;
+}
+
+sub is_ppc64
+{
+	my $archname = $Config{archname};
+
+	if ($archname =~ m/powerpc/ and $archname =~ m/64/) {
+		return 1;
+	}
+	return 0;
+}
+
 sub is_false_positive
 {
 	my ($match) = @_;
@@ -161,10 +206,12 @@ sub is_false_positive
 		return 1;
 	}
 
-
-	if ($match =~ '\bf{10}600000\b' or# vsyscall memory region, we should probably check against a range here.
-	    $match =~ '\bf{10}601000\b') {
-		return 1;
+	if (is_x86_64) {
+		# vsyscall memory region, we should probably check against a range here.
+		if ($match =~ '\bf{10}600000\b' or
+		    $match =~ '\bf{10}601000\b') {
+			return 1;
+		}
 	}
 
 	return 0;
@@ -174,7 +221,7 @@ sub is_false_positive
 sub may_leak_address
 {
 	my ($line) = @_;
-	my $address = '\b(0x)?ffff[[:xdigit:]]{12}\b';
+	my $address_re;
 
 	# Signal masks.
 	if ($line =~ '^SigBlk:' or
@@ -187,7 +234,14 @@ sub may_leak_address
 		return 0;
 	}
 
-	while (/($address)/g) {
+	# One of these is guaranteed to be true.
+	if (is_x86_64()) {
+		$address_re = '\b(0x)?ffff[[:xdigit:]]{12}\b';
+	} elsif (is_ppc64()) {
+		$address_re = '\b(0x)?[89abcdef]00[[:xdigit:]]{13}\b';
+	}
+
+	while (/($address_re)/g) {
 		if (!is_false_positive($1)) {
 			return 1;
 		}