From patchwork Tue Feb 27 04:45:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tobin Harding X-Patchwork-Id: 10244265 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 82CA9602DC for ; Tue, 27 Feb 2018 04:45:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 711312A306 for ; Tue, 27 Feb 2018 04:45:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 627EF2A32C; Tue, 27 Feb 2018 04:45:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 78BE32A306 for ; Tue, 27 Feb 2018 04:45:53 +0000 (UTC) Received: (qmail 9249 invoked by uid 550); 27 Feb 2018 04:45:41 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 8060 invoked from network); 27 Feb 2018 04:45:40 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=gUBKdolFc0w/IlaLB AmeHqsoAro/iin3sJJv8C733sQ=; b=s19EOirGEhOdHeJmEPnCVUBjy0LaWXjG9 kqCDmMOA4Fz6Dv5BC2tPfwfQa6npd6ky0OZ/lHy13GNf47V54s+DL3JUkU28FuPY 1gGlNCcmK9l3AOyKemNd7J+d80jvSal/GsbYVedkZeFugkQZ/gCm09YebBi83iZy 4SQ55Q2ZiaChWTknd3FAZyOQ/NVw6I+YUP6bWo75RDl3R/Ocnx+oK+aPREUeDtQF xAbmCRtsfqJQu5giGCIC5wq0ju3npmvSJugwXhQsaHkfLDQOG5gEwAuCAuDsN7rf 4zvjhshtfHAYAy6oNY9Aypul0Lw5zCiA5uMIMRRIxhweouejOFTog== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=gUBKdolFc0w/IlaLBAmeHqsoAro/iin3sJJv8C733sQ=; b=V8M8r1bl XUstQy1+n/UsFPZW9U6/iFlhGJ8nwrY9j8p2dPvJg9QdWaxPpfzBH+3Qo/E15kaz 0IeakyLCqoVBsnIO7J7hJ4b6c5+lYNETuZTRrT1rjcQjKfY/I0FoXJYLi1mv2QLQ CWxiv0jQcLZ5Pa57CJWdbKBqbgl/6HN7KgJUSUkLxbhauXYD5qa41Pg9ZrG2BpfY eU7BRAXugifRrLgXKPz6U6Y3SAXHepCVRWyHJIsXLXeyTM6+X+Nr1iZcebuBsmCR Tn+g+E2JmC8AbE6t9U+k4CLcta3abi8h/o7JqwB1KY6Md5j8vfp8sjuBJtBK23x7 h6ExKbWNNsrBlA== X-ME-Sender: From: "Tobin C. Harding" To: Kernel Hardening Cc: "Tobin C. Harding" , Tycho Andersen , LKML Subject: [PATCH 2/3] leaking_addresses: skip '/proc/1/syscall' Date: Tue, 27 Feb 2018 15:45:10 +1100 Message-Id: <1519706711-18580-3-git-send-email-me@tobin.cc> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519706711-18580-1-git-send-email-me@tobin.cc> References: <1519706711-18580-1-git-send-email-me@tobin.cc> X-Virus-Scanned: ClamAV using ClamSMTP The pointers listed in /proc/1/syscall are user pointers, and negative syscall args will show up like kernel addresses. For example /proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 \ 0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11 Skip parsing /proc/1/syscall Reported-by: Tycho Andersen Signed-off-by: Tobin C. Harding --- scripts/leaking_addresses.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl index fb40e2828f43..ac84a164a528 100755 --- a/scripts/leaking_addresses.pl +++ b/scripts/leaking_addresses.pl @@ -60,6 +60,7 @@ my $page_offset_32bit = 0; # Page offset for 32-bit kernel. my @skip_abs = ( '/proc/kmsg', '/proc/device-tree', + '/proc/1/syscall', '/sys/firmware/devicetree', '/sys/kernel/debug/tracing/trace_pipe', '/sys/kernel/security/apparmor/revision');