From patchwork Tue Feb 27 04:45:09 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobin Harding <me@tobin.cc>
X-Patchwork-Id: 10244263
Return-Path: 
 <kernel-hardening-return-11989-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D117C60362 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 27 Feb 2018 04:45:46 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C3D0D2A22E
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 27 Feb 2018 04:45:46 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B848B2A31D; Tue, 27 Feb 2018 04:45:46 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.3 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id CC2302A22E
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Tue, 27 Feb 2018 04:45:45 +0000 (UTC)
Received: (qmail 7932 invoked by uid 550); 27 Feb 2018 04:45:37 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 7822 invoked from network); 27 Feb 2018 04:45:37 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc
	:date:from:in-reply-to:message-id:references:subject:to
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=sXjBP4a8D9Z/IdtHk
	vecjg5IkuRFM6EfJVv9dB6qmgY=; b=b8h+e2xSjb6wcvtQ4rChlr7LThIMNkiq1
	0nnhza8Ogd99dhIrPZPfFv1o5Wuab5kv2RrMpL9nN50dS1nOF6IrLEh3Z6R1RkkF
	pDL2yEBoOZsh1kaVR7G90h4KzGzfSTy7rBo58U7v5bGiqLmGCKZAT7YQoIoe1EeE
	LE6Vp5C0nDgHnhHF6nh/TdReZ0DfQYIV3AHPjxQ/jHjjbgG3G5cnMh4rV6n1LZqV
	a+0UAiamdCtWd8Xaqr36P+Cy66kCAM7SXI8U9bNi4271heAnBiOyVWHZ0K5R+r4w
	Dr694jEgrXKY3xtyTNnXmrB8mcM3/P3IaG0orF9o1jXYuJrmp4/jw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=sXjBP4a8D9Z/IdtHkvecjg5IkuRFM6EfJVv9dB6qmgY=; b=UkmoseHj
	pNnuAhP4q15vBd8otZ9BbyXqOGCrUlnAY0uQOG40muZUK/zzf2YED5006C4s5V+a
	cqMO5q82f7xW3iR7v+paHNox/pgFNVG7y6UYdxSk+tcysWTNanOsMZJyMtw9kjIZ
	Oth7bmQg8R0hlZoRSy0uiCU+tQSPUJ77nHsPZ7fiQK1DH84ogMuu82sWfwGQnq9y
	C0hWa/a/JsUlRq2mVFgVzN3Jl/QjE6d+wQuYmkrM8lXSMw4UeOpQQsgJDWxd708T
	rmYJrmdipcdvfGaeeFY5SJPjPEctsfw5roJ2X7jysyx0gP6uBEzK9jsXOuWr9xZS
	i6Hy6voA50ioyw==
X-ME-Sender: <xms:ZeKUWht1GfC5Jo-SmGdb-zlwTpoMnCTCl1GS-DKt6PdzeLnrOiKobg>
From: "Tobin C. Harding" <me@tobin.cc>
To: Kernel Hardening <kernel-hardening@lists.openwall.com>
Cc: "Tobin C. Harding" <me@tobin.cc>, Tycho Andersen <tycho@tycho.ws>,
	LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH 1/3] leaking_addresses: skip all /proc/PID except /proc/1
Date: Tue, 27 Feb 2018 15:45:09 +1100
Message-Id: <1519706711-18580-2-git-send-email-me@tobin.cc>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1519706711-18580-1-git-send-email-me@tobin.cc>
References: <1519706711-18580-1-git-send-email-me@tobin.cc>
X-Virus-Scanned: ClamAV using ClamSMTP

When the system is idle it is likely that most files under /proc/PID
will be identical for various processes.  Scanning _all_ the PIDs under
/proc is unnecessary and implies that we are thoroughly scanning /proc.
This is _not_ the case because there may be ways userspace can trigger
creation of /proc files that leak addresses but were not present during
a scan.  For these two reasons we should exclude all PID directories
under /proc except '1/'

Exclude all /proc/PID except /proc/1.

Signed-off-by: Tobin C. Harding <me@tobin.cc>
---
 scripts/leaking_addresses.pl | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index 6e5bc57caeaa..fb40e2828f43 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -10,6 +10,14 @@
 # Use --debug to output path before parsing, this is useful to find files that
 # cause the script to choke.
 
+#
+# When the system is idle it is likely that most files under /proc/PID will be
+# identical for various processes.  Scanning _all_ the PIDs under /proc is
+# unnecessary and implies that we are thoroughly scanning /proc.  This is _not_
+# the case because there may be ways userspace can trigger creation of /proc
+# files that leak addresses but were not present during a scan.  For these two
+# reasons we exclude all PID directories under /proc except '1/'
+
 use warnings;
 use strict;
 use POSIX;
@@ -472,6 +480,9 @@ sub walk
 			my $path = "$pwd/$file";
 			next if (-l $path);
 
+			# skip /proc/PID except /proc/1
+			next if ($path =~ /\/proc\/(?:[2-9][0-9]*|1[0-9]+)/);
+
 			next if (skip($path));
 
 			if (-d $path) {