Commit 2ad74293 authored by Tobin C. Harding's avatar Tobin C. Harding

leaking_addresses: skip '/proc/1/syscall'

The pointers listed in /proc/1/syscall are user pointers, and negative
syscall args will show up like kernel addresses.

For example

/proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 \
0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11

Skip parsing /proc/1/syscall
Suggested-by: default avatarTycho Andersen <tycho@tycho.ws>
Signed-off-by: default avatarTobin C. Harding <me@tobin.cc>
parent 472c9e10
...@@ -60,6 +60,7 @@ my $page_offset_32bit = 0; # Page offset for 32-bit kernel. ...@@ -60,6 +60,7 @@ my $page_offset_32bit = 0; # Page offset for 32-bit kernel.
my @skip_abs = ( my @skip_abs = (
'/proc/kmsg', '/proc/kmsg',
'/proc/device-tree', '/proc/device-tree',
'/proc/1/syscall',
'/sys/firmware/devicetree', '/sys/firmware/devicetree',
'/sys/kernel/debug/tracing/trace_pipe', '/sys/kernel/debug/tracing/trace_pipe',
'/sys/kernel/security/apparmor/revision'); '/sys/kernel/security/apparmor/revision');
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment