> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of Kees > Cook > Sent: Wednesday, November 29, 2017 2:28 PM > To: David Laight <[email protected]> > Cc: Linus Torvalds <[email protected]>; Tobin C. Harding > <[email protected]>; [email protected]; Jason A. Donenfeld > <[email protected]>; Theodore Ts'o <[email protected]>; Paolo Bonzini > <[email protected]>; Tycho Andersen <[email protected]>; Roberts, William C > <[email protected]>; Tejun Heo <[email protected]>; Jordan Glover > <[email protected]>; Greg KH <[email protected]>; > Petr Mladek <[email protected]>; Joe Perches <[email protected]>; Ian > Campbell <[email protected]>; Sergey Senozhatsky > <[email protected]>; Catalin Marinas <[email protected]>; > Will Deacon <[email protected]>; Steven Rostedt <[email protected]>; > Chris Fries <[email protected]>; Dave Weinstein <[email protected]>; Daniel > Micay <[email protected]>; Djalal Harouni <[email protected]>; Radim > Krcmár <[email protected]>; Linux Kernel Mailing List <linux- > [email protected]>; Network Development <[email protected]>; > David Miller <[email protected]>; Stephen Rothwell > <[email protected]>; Andrey Ryabinin <[email protected]>; > Alexander Potapenko <[email protected]>; Dmitry Vyukov > <[email protected]>; Andrew Morton <[email protected]> > Subject: Re: [PATCH V11 4/5] vsprintf: add printk specifier %px > > On Wed, Nov 29, 2017 at 2:07 AM, David Laight <[email protected]> > wrote: > > From: Linus Torvalds > >> Sent: 29 November 2017 02:29 > >> > >> On Tue, Nov 28, 2017 at 6:05 PM, Tobin C. Harding <[email protected]> wrote: > >> > > >> > Let's add specifier %px as a > >> > clear, opt-in, way to print a pointer and maintain some level of > >> > isolation from all the other hex integer output within the Kernel. > >> > >> Yes, I like this model. It's easy and it's obvious ("'x' for hex"), > >> and it gives people a good way to say "yes, I really want the actual > >> address as hex" for if/when the hashed pointer doesn't work for some > >> reason. > > > > Remind me to change every %p to %px on kernels that support it. > > > > Although the absolute values of pointers may not be useful, knowing > > that two pointer differ by a small amount is useful. > > It is also useful to know whether pointers are to stack, code, static > > data or heap. > > > > This change to %p is going to make debugging a nightmare. > > In the future, maybe we could have a knob: unhashed, hashed (default), or > zeroed.
Isn't that just kptr_restrict and get us right back to the simpler patches I proposed? > > -Kees > > -- > Kees Cook > Pixel Security
