Commit e3c6bc95 authored by Tobin C. Harding's avatar Tobin C. Harding Committed by Linus Torvalds

checkpatch: warn for use of %px

Usage of the new %px specifier potentially leaks sensitive information.
Printing kernel addresses exposes the kernel layout in memory, this is
potentially exploitable.  We have tools in the kernel to help us do the
right thing.  We can have checkpatch warn developers of potential
dangers of using %px.

Have checkpatch emit a warning for usage of specifier %px.

Link: http://lkml.kernel.org/r/1519700648-23108-5-git-send-email-me@tobin.ccSigned-off-by: default avatarTobin C. Harding <me@tobin.cc>
Signed-off-by: default avatarJoe Perches <joe@perches.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent e3d95a2a
...@@ -5812,29 +5812,45 @@ sub process { ...@@ -5812,29 +5812,45 @@ sub process {
defined $stat && defined $stat &&
$stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s && $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
$1 !~ /^_*volatile_*$/) { $1 !~ /^_*volatile_*$/) {
my $bad_extension = ""; my $specifier;
my $extension;
my $bad_specifier = "";
my $stat_real;
my $lc = $stat =~ tr@\n@@; my $lc = $stat =~ tr@\n@@;
$lc = $lc + $linenr; $lc = $lc + $linenr;
for (my $count = $linenr; $count <= $lc; $count++) { for (my $count = $linenr; $count <= $lc; $count++) {
my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0)); my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0));
$fmt =~ s/%%//g; $fmt =~ s/%%//g;
if ($fmt =~ /(\%[\*\d\.]*p(?![\WSsBKRraEhMmIiUDdgVCbGNOx]).)/) {
$bad_extension = $1; while ($fmt =~ /(\%[\*\d\.]*p(\w))/g) {
$specifier = $1;
$extension = $2;
if ($extension !~ /[SsBKRraEhMmIiUDdgVCbGNOx]/) {
$bad_specifier = $specifier;
last; last;
} }
if ($extension eq "x" && !defined($stat_real)) {
if (!defined($stat_real)) {
$stat_real = get_stat_real($linenr, $lc);
}
WARN("VSPRINTF_SPECIFIER_PX",
"Using vsprintf specifier '\%px' potentially exposes the kernel memory layout, if you don't really need the address please consider using '\%p'.\n" . "$here\n$stat_real\n");
} }
if ($bad_extension ne "") { }
if ($bad_specifier ne "") {
my $stat_real = get_stat_real($linenr, $lc); my $stat_real = get_stat_real($linenr, $lc);
my $ext_type = "Invalid"; my $ext_type = "Invalid";
my $use = ""; my $use = "";
if ($bad_extension =~ /p[Ff]/) { if ($bad_specifier =~ /p[Ff]/) {
$ext_type = "Deprecated"; $ext_type = "Deprecated";
$use = " - use %pS instead"; $use = " - use %pS instead";
$use =~ s/pS/ps/ if ($bad_extension =~ /pf/); $use =~ s/pS/ps/ if ($bad_specifier =~ /pf/);
} }
WARN("VSPRINTF_POINTER_EXTENSION", WARN("VSPRINTF_POINTER_EXTENSION",
"$ext_type vsprintf pointer extension '$bad_extension'$use\n" . "$here\n$stat_real\n"); "$ext_type vsprintf pointer extension '$bad_specifier'$use\n" . "$here\n$stat_real\n");
}
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment