tracing/user_events: Don't use %pK through printk

Message ID	20250217-restricted-pointers-trace-v1-1-bbe9ea279848@linutronix.de (mailing list archive)
State	New
Headers	show Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 254FB21C188; Mon, 17 Feb 2025 13:16:33 +0000 (UTC) From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas.weissschuh@linutronix.de> Date: Mon, 17 Feb 2025 14:16:12 +0100 Subject: [PATCH] tracing/user_events: Don't use %pK through printk Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Message-Id: <20250217-restricted-pointers-trace-v1-1-bbe9ea279848@linutronix.de> To: Steven Rostedt <rostedt@goodmis.org>, Masami Hiramatsu <mhiramat@kernel.org>, Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas.weissschuh@linutronix.de>
Series	tracing/user_events: Don't use %pK through printk \| expand tracing/user_events: Don't use %pK through printk

Message ID

20250217-restricted-pointers-trace-v1-1-bbe9ea279848@linutronix.de (mailing list archive)

State

New

Headers

From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas.weissschuh@linutronix.de>
Date: Mon, 17 Feb 2025 14:16:12 +0100
Subject: [PATCH] tracing/user_events: Don't use %pK through printk
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-Id: 
 <20250217-restricted-pointers-trace-v1-1-bbe9ea279848@linutronix.de>
To: Steven Rostedt <rostedt@goodmis.org>,
 Masami Hiramatsu <mhiramat@kernel.org>,
 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org,
	=?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas.weissschuh@linutronix.de>

Series

tracing/user_events: Don't use %pK through printk | expand

Commit Message

Thomas Weißschuh Feb. 17, 2025, 1:16 p.m. UTC

Restricted pointers ("%pK") are not meant to be used through printk().
It can unintentionally expose security sensitive, raw pointer values.

Use regular pointer formatting instead.

Link: https://lore.kernel.org/lkml/20250113171731-dc10e3c1-da64-4af0-b767-7c7070468023@linutronix.de/
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
---
 kernel/trace/trace_events_user.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---
base-commit: 0ad2507d5d93f39619fc42372c347d6006b64319
change-id: 20250217-restricted-pointers-trace-a0fb12707ac6

Best regards,

Comments

Masami Hiramatsu (Google) Feb. 19, 2025, 12:10 a.m. UTC | #1

On Mon, 17 Feb 2025 14:16:12 +0100
Thomas Weißschuh <thomas.weissschuh@linutronix.de> wrote:

> Restricted pointers ("%pK") are not meant to be used through printk().
> It can unintentionally expose security sensitive, raw pointer values.
> 
> Use regular pointer formatting instead.
> 
> Link: https://lore.kernel.org/lkml/20250113171731-dc10e3c1-da64-4af0-b767-7c7070468023@linutronix.de/

This is only for the kernel pointer, but the "uaddr" below means it
has a user space address. So I think this does not need to be applied.

Thank you,

> Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
> ---
>  kernel/trace/trace_events_user.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
> index 97325fbd62836f4fb477c4a2b2936eff544291ec..3effc6fce20e65a8077de5221eb69db04fb1a775 100644
> --- a/kernel/trace/trace_events_user.c
> +++ b/kernel/trace/trace_events_user.c
> @@ -455,7 +455,7 @@ static void user_event_enabler_fault_fixup(struct work_struct *work)
>  	if (ret && ret != -ENOENT) {
>  		struct user_event *user = enabler->event;
>  
> -		pr_warn("user_events: Fault for mm: 0x%pK @ 0x%llx event: %s\n",
> +		pr_warn("user_events: Fault for mm: 0x%p @ 0x%llx event: %s\n",
>  			mm->mm, (unsigned long long)uaddr, EVENT_NAME(user));
>  	}
>  
> 
> ---
> base-commit: 0ad2507d5d93f39619fc42372c347d6006b64319
> change-id: 20250217-restricted-pointers-trace-a0fb12707ac6
> 
> Best regards,
> -- 
> Thomas Weißschuh <thomas.weissschuh@linutronix.de>
>

Thomas Weißschuh Feb. 19, 2025, 7:14 a.m. UTC | #2

On Wed, Feb 19, 2025 at 09:10:23AM +0900, Masami Hiramatsu wrote:
> On Mon, 17 Feb 2025 14:16:12 +0100
> Thomas Weißschuh <thomas.weissschuh@linutronix.de> wrote:
> 
> > Restricted pointers ("%pK") are not meant to be used through printk().
> > It can unintentionally expose security sensitive, raw pointer values.
> > 
> > Use regular pointer formatting instead.
> > 
> > Link: https://lore.kernel.org/lkml/20250113171731-dc10e3c1-da64-4af0-b767-7c7070468023@linutronix.de/
> 
> This is only for the kernel pointer, but the "uaddr" below means it
> has a user space address. So I think this does not need to be applied.

"uaddr" is formatted with %llx, which is fine.
"%pK" is used for mm->mm, which is a kernel pointer.

> Thank you,
> 
> > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
> > ---
> >  kernel/trace/trace_events_user.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
> > index 97325fbd62836f4fb477c4a2b2936eff544291ec..3effc6fce20e65a8077de5221eb69db04fb1a775 100644
> > --- a/kernel/trace/trace_events_user.c
> > +++ b/kernel/trace/trace_events_user.c
> > @@ -455,7 +455,7 @@ static void user_event_enabler_fault_fixup(struct work_struct *work)
> >  	if (ret && ret != -ENOENT) {
> >  		struct user_event *user = enabler->event;
> >  
> > -		pr_warn("user_events: Fault for mm: 0x%pK @ 0x%llx event: %s\n",
> > +		pr_warn("user_events: Fault for mm: 0x%p @ 0x%llx event: %s\n",
> >  			mm->mm, (unsigned long long)uaddr, EVENT_NAME(user));
> >  	}
> >  
> > 
> > ---
> > base-commit: 0ad2507d5d93f39619fc42372c347d6006b64319
> > change-id: 20250217-restricted-pointers-trace-a0fb12707ac6
> > 
> > Best regards,
> > -- 
> > Thomas Weißschuh <thomas.weissschuh@linutronix.de>

Masami Hiramatsu (Google) Feb. 19, 2025, 8:36 a.m. UTC | #3

On Wed, 19 Feb 2025 08:14:34 +0100
Thomas Weißschuh <thomas.weissschuh@linutronix.de> wrote:

> On Wed, Feb 19, 2025 at 09:10:23AM +0900, Masami Hiramatsu wrote:
> > On Mon, 17 Feb 2025 14:16:12 +0100
> > Thomas Weißschuh <thomas.weissschuh@linutronix.de> wrote:
> > 
> > > Restricted pointers ("%pK") are not meant to be used through printk().
> > > It can unintentionally expose security sensitive, raw pointer values.
> > > 
> > > Use regular pointer formatting instead.
> > > 
> > > Link: https://lore.kernel.org/lkml/20250113171731-dc10e3c1-da64-4af0-b767-7c7070468023@linutronix.de/
> > 
> > This is only for the kernel pointer, but the "uaddr" below means it
> > has a user space address. So I think this does not need to be applied.
> 
> "uaddr" is formatted with %llx, which is fine.
> "%pK" is used for mm->mm, which is a kernel pointer.

Oops, I misread it. OK. looks good to me.

Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>


Thank you,

> 
> > Thank you,
> > 
> > > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
> > > ---
> > >  kernel/trace/trace_events_user.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
> > > index 97325fbd62836f4fb477c4a2b2936eff544291ec..3effc6fce20e65a8077de5221eb69db04fb1a775 100644
> > > --- a/kernel/trace/trace_events_user.c
> > > +++ b/kernel/trace/trace_events_user.c
> > > @@ -455,7 +455,7 @@ static void user_event_enabler_fault_fixup(struct work_struct *work)
> > >  	if (ret && ret != -ENOENT) {
> > >  		struct user_event *user = enabler->event;
> > >  
> > > -		pr_warn("user_events: Fault for mm: 0x%pK @ 0x%llx event: %s\n",
> > > +		pr_warn("user_events: Fault for mm: 0x%p @ 0x%llx event: %s\n",
> > >  			mm->mm, (unsigned long long)uaddr, EVENT_NAME(user));
> > >  	}
> > >  
> > > 
> > > ---
> > > base-commit: 0ad2507d5d93f39619fc42372c347d6006b64319
> > > change-id: 20250217-restricted-pointers-trace-a0fb12707ac6
> > > 
> > > Best regards,
> > > -- 
> > > Thomas Weißschuh <thomas.weissschuh@linutronix.de>

diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 97325fbd62836f4fb477c4a2b2936eff544291ec..3effc6fce20e65a8077de5221eb69db04fb1a775 100644
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -455,7 +455,7 @@  static void user_event_enabler_fault_fixup(struct work_struct *work)
 	if (ret && ret != -ENOENT) {
 		struct user_event *user = enabler->event;
 
-		pr_warn("user_events: Fault for mm: 0x%pK @ 0x%llx event: %s\n",
+		pr_warn("user_events: Fault for mm: 0x%p @ 0x%llx event: %s\n",
 			mm->mm, (unsigned long long)uaddr, EVENT_NAME(user));
 	}

tracing/user_events: Don't use %pK through printk

Commit Message

Comments

Patch