From patchwork Thu Nov  9 05:09:35 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobin Harding <me@tobin.cc>
X-Patchwork-Id: 10050125
Return-Path: 
 <kernel-hardening-return-10470-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	B1F79602D7 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:28 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9F9B02AA5E
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:28 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 944332AAEF; Thu,  9 Nov 2017 05:11:28 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 9C4DF2AA63
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Thu,  9 Nov 2017 05:11:27 +0000 (UTC)
Received: (qmail 3929 invoked by uid 550); 9 Nov 2017 05:10:33 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 3712 invoked from network); 9 Nov 2017 05:10:31 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc
	:date:from:in-reply-to:message-id:references:subject:to
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=QPkr2cRVwxXCZwazm
	sALfESR/4gZE3z1s6NChZjZWyk=; b=FiBlxMlD8HsRA2dFciIgsMp1sQx2R3URB
	WyhmaAHxTJLM51/H6I9wVWwD3x0fagic+hBr1SDlOvvz6+qi39PcjtCSqSNs8CkN
	O3VC4uwfKhWQovEUI9qS+mgF8BWeXfi53rG88VzZ1QgvPY8fkSK31kCDCxROniK2
	OwI3V1EFJmTP4UXl5nPzPd8HvGJ5yYjBM//XTsOG4Cvu6asj0lcL7LOXctiP4ad5
	VSBcf/ymqAPVp5KhgAglGEt2HZ/0QNVrdWP0vup7yeabc0SzIJSfoo/Jfaupe4N1
	FnE0aAAp3/uKhnBpsM9ygtQJSihRIUo/ZyTYbBI+5MB4dZ2yfKiXg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm1; bh=QPkr2cRVwxXCZwazmsALfESR/4gZE3z1s6NChZjZWyk=; b=GZizkP1I
	6+txmCcxJRrNXShW4PzpCstTHiEFq41BLtQOqykHSfQb0/V8GRz+Z+sHo0IeH/T9
	YhwIOLM6HvFVLH8YJegXRvx6qEm/uBoZZUO/6h+vepwFmzzaj09/OnuPw83hDQZV
	Hn1ojipS6b6Z33AbGi46lRwNhQ8Pv7c1YPU88opf9Qnzu6ZNEGjzbMX0h9iBpeV/
	3Fsz0WdQiHqGu7Fh4nnyTFqc6OWFLeRy41TPW4FfP52iPbaRJUrS4DFBTt/UGHae
	9kBXk9KCmT/oajnnAEkWEVH8+TXOCSwzkysq0y4ZjLBmXeJjQ4+MmPtTcsoSSzEF
	5u6176nxLVbZeA==
X-ME-Sender: <xms:O-MDWqOJppJK7QvMBeBeZXhotckroctkuJb-XG3b1VutnzeFEG-YUg>
From: "Tobin C. Harding" <me@tobin.cc>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Tobin C. Harding" <me@tobin.cc>, "Jason A. Donenfeld" <Jason@zx2c4.com>,
	Theodore Ts'o <tytso@mit.edu>,	Kees Cook <keescook@chromium.org>,
	Paolo Bonzini <pbonzini@redhat.com>, Tycho Andersen <tycho@docker.com>,
	"Roberts, William C" <william.c.roberts@intel.com>,
	Tejun Heo <tj@kernel.org>,
	Jordan Glover <Golden_Miller83@protonmail.ch>,
	Greg KH <gregkh@linuxfoundation.org>, Petr Mladek <pmladek@suse.com>,
	Joe Perches <joe@perches.com>,	Ian Campbell <ijc@hellion.org.uk>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <wil.deacon@arm.com>, Steven Rostedt <rostedt@goodmis.org>,
	Chris Fries <cfries@google.com>, Dave Weinstein <olorin@google.com>,
	Daniel Micay <danielmicay@gmail.com>, Djalal Harouni <tixxdz@gmail.com>,
	"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
	Andy Lutomirski <luto@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Michael Ellerman <mpe@ellerman.id.au>,
	David Miller <davem@davemloft.net>,
	Network Development <netdev@vger.kernel.org>,
	linux-kernel@vger.kernel.org,	kernel-hardening@lists.openwall.com
Date: Thu,  9 Nov 2017 16:09:35 +1100
Message-Id: <1510204175-10138-9-git-send-email-me@tobin.cc>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1510204175-10138-1-git-send-email-me@tobin.cc>
References: <1510204175-10138-1-git-send-email-me@tobin.cc>
Subject: [kernel-hardening] [PATCH v2 8/8] scripts/leaking_addresses: add
	timeout on file read
X-Virus-Scanned: ClamAV using ClamSMTP

Currently script can stall if we read certain files (like
/proc/kmsg). While we have a mechanism to skip these files once they are
discovered it would be nice to not stall on as yet undiscovered files of
this kind.

Set a timer before each file is parsed, warn user if timer expires.

Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Tobin C. Harding <me@tobin.cc>
---
 scripts/leaking_addresses.pl | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index 1d6ab7f1b10c..6efd1fdb7d25 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -29,6 +29,9 @@ my $V = '0.01';
 # Directories to scan.
 my @DIRS = ('/proc', '/sys');
 
+# Timer for parsing each file, in seconds.
+my $TIMEOUT = 10;
+
 # Script can only grep for kernel addresses on the following architectures. If
 # your architecture is not listed here and has a grep'able kernel address please
 # consider submitting a patch.
@@ -284,6 +287,23 @@ sub skip_parse
 	return skip($path, \@skip_parse_files_abs, \@skip_parse_files_any);
 }
 
+sub timed_parse_file
+{
+	my ($file) = @_;
+
+	eval {
+		local $SIG{ALRM} = sub { die "alarm\n" }; # NB: \n required.
+		alarm $TIMEOUT;
+		parse_file($file);
+		alarm 0;
+	};
+
+	if ($@) {
+		die unless $@ eq "alarm\n";	# Propagate unexpected errors.
+		printf STDERR "timed out parsing: %s\n", $file;
+	}
+}
+
 sub parse_file
 {
 	my ($file) = @_;
@@ -335,7 +355,7 @@ sub walk
 			if (-d $path) {
 				push @dirs, $path;
 			} else {
-				parse_file($path);
+				timed_parse_file($path);
 			}
 		}
 	}