From patchwork Thu Mar 1 22:03:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tobin Harding X-Patchwork-Id: 10252665 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F0F156037D for ; Thu, 1 Mar 2018 22:04:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E057628658 for ; Thu, 1 Mar 2018 22:04:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D2D8228678; Thu, 1 Mar 2018 22:04:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id E684428658 for ; Thu, 1 Mar 2018 22:04:17 +0000 (UTC) Received: (qmail 28322 invoked by uid 550); 1 Mar 2018 22:03:58 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 28242 invoked from network); 1 Mar 2018 22:03:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobin.cc; h=cc :date:from:in-reply-to:message-id:references:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=RmE0ZjSsR0eAmT1Bl ZoC1Zz7Sha0mGlimZtZTd+2KdA=; b=M+IYLsadUlXn6oRFoIti10MEhXpFzclxA NYXctHvZWLc9ny/boAcANrP2xzPjL/BM98KI0Fc6kMKwTDiD+tFGuJ4Q4mz17bhP LCSi7U7CY8YNdfKJN9N0ITIxpbO9X9ye/YKZeKj25dxfCfByrq3tzmbFj6cNVshl DyxvR8gILduK/ggh7WubxDUk/9KxwundKnhpeADgitttDr00xcHNJAWKS323OM2H qTAszPBrlY6FIt75osuMKIMtZny67JG3WDZoFlnZ4K+R8H2P+shBt/zokWrDxyJW FQRvjNuVtuzbsUnQL5H0i11HJLKATemMWkzpHEiuSeFyVW6np9osw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:message-id :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=RmE0ZjSsR0eAmT1BlZoC1Zz7Sha0mGlimZtZTd+2KdA=; b=XDtnqaAT kmfo4RTeAdHVweirjVAsDDTygThJQxbOWpq5Le+cLJ4dErQdwt3zfi0W3VscrJ90 6KwqqgMiWaWV35s1EPpwhnhMek2fKKL5KqT3SXePhgR+qX24bzNUDnVhqoKFTq6Z 1mMwzOVMmKWDDyZxlU6uc73MK9FpE9NGS3Tc8n5cGpfHLXSCjuNmSidao45BO49H 4ePSzZL6rIy9BW95Hr0885UujXYo+m5hdktoNdtkJtipDJXrbCIayzUNbhJl0KcJ 4myqcoPhdGE4S92EIz3uYhhjCcxe0r4IZGWrOfYISd9RoKhaS6ryM4gUrxpJTyOE dL4Cwx1KhKpcOw== X-ME-Sender: From: "Tobin C. Harding" To: Kernel Hardening Cc: "Tobin C. Harding" , Tycho Andersen , LKML Subject: [PATCH 2/2] leaking_addresses: check if file name contains address Date: Fri, 2 Mar 2018 09:03:20 +1100 Message-Id: <1519941800-27710-3-git-send-email-me@tobin.cc> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519941800-27710-1-git-send-email-me@tobin.cc> References: <1519941800-27710-1-git-send-email-me@tobin.cc> X-Virus-Scanned: ClamAV using ClamSMTP Sometimes files may be created by using output from printk. As the scan traverses the directory tree we should parse each path name and check if it is leaking an address. Add check for leaking address on each path name. Suggested-by: Tycho Andersen Signed-off-by: Tobin C. Harding Acked-by: Tycho Andersen --- scripts/leaking_addresses.pl | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl index 65a65aa64d26..a550c9bc34f5 100755 --- a/scripts/leaking_addresses.pl +++ b/scripts/leaking_addresses.pl @@ -463,6 +463,16 @@ sub parse_file close $fh; } +# Checks if the actual path name is leaking a kernel address. +sub check_path_for_leaks +{ + my ($path) = @_; + + if (may_leak_address($path)) { + printf("Path name may contain address: $path\n"); + } +} + # Recursively walk directory tree. sub walk { @@ -484,6 +494,8 @@ sub walk next if (skip($path)); + check_path_for_leaks($path); + if (-d $path) { push @dirs, $path; next;