checkpatch: warn for use of %px
authorTobin C. Harding <me@tobin.cc>
Tue, 10 Apr 2018 23:33:31 +0000 (16:33 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Wed, 11 Apr 2018 17:28:36 +0000 (10:28 -0700)
Usage of the new %px specifier potentially leaks sensitive information.
Printing kernel addresses exposes the kernel layout in memory, this is
potentially exploitable.  We have tools in the kernel to help us do the
right thing.  We can have checkpatch warn developers of potential
dangers of using %px.

Have checkpatch emit a warning for usage of specifier %px.

Link: http://lkml.kernel.org/r/1519700648-23108-5-git-send-email-me@tobin.cc
Signed-off-by: Tobin C. Harding <me@tobin.cc>
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
scripts/checkpatch.pl

index 8be5297d18b6dc4d6154132cd8282aafb0c245e7..788c90c1ae2a732ef670135784e9c3af96562de6 100755 (executable)
@@ -5812,29 +5812,45 @@ sub process {
                    defined $stat &&
                    $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
                    $1 !~ /^_*volatile_*$/) {
-                       my $bad_extension = "";
+                       my $specifier;
+                       my $extension;
+                       my $bad_specifier = "";
+                       my $stat_real;
+
                        my $lc = $stat =~ tr@\n@@;
                        $lc = $lc + $linenr;
                        for (my $count = $linenr; $count <= $lc; $count++) {
                                my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0));
                                $fmt =~ s/%%//g;
-                               if ($fmt =~ /(\%[\*\d\.]*p(?![\WSsBKRraEhMmIiUDdgVCbGNOx]).)/) {
-                                       $bad_extension = $1;
-                                       last;
-                               }
-                       }
-                       if ($bad_extension ne "") {
-                               my $stat_real = get_stat_real($linenr, $lc);
-                               my $ext_type = "Invalid";
-                               my $use = "";
-                               if ($bad_extension =~ /p[Ff]/) {
-                                       $ext_type = "Deprecated";
-                                       $use = " - use %pS instead";
-                                       $use =~ s/pS/ps/ if ($bad_extension =~ /pf/);
+
+                               while ($fmt =~ /(\%[\*\d\.]*p(\w))/g) {
+                                       $specifier = $1;
+                                       $extension = $2;
+                                       if ($extension !~ /[SsBKRraEhMmIiUDdgVCbGNOx]/) {
+                                               $bad_specifier = $specifier;
+                                               last;
+                                       }
+                                       if ($extension eq "x" && !defined($stat_real)) {
+                                               if (!defined($stat_real)) {
+                                                       $stat_real = get_stat_real($linenr, $lc);
+                                               }
+                                               WARN("VSPRINTF_SPECIFIER_PX",
+                                                    "Using vsprintf specifier '\%px' potentially exposes the kernel memory layout, if you don't really need the address please consider using '\%p'.\n" . "$here\n$stat_real\n");
+                                       }
                                }
+                               if ($bad_specifier ne "") {
+                                       my $stat_real = get_stat_real($linenr, $lc);
+                                       my $ext_type = "Invalid";
+                                       my $use = "";
+                                       if ($bad_specifier =~ /p[Ff]/) {
+                                               $ext_type = "Deprecated";
+                                               $use = " - use %pS instead";
+                                               $use =~ s/pS/ps/ if ($bad_specifier =~ /pf/);
+                                       }
 
-                               WARN("VSPRINTF_POINTER_EXTENSION",
-                                    "$ext_type vsprintf pointer extension '$bad_extension'$use\n" . "$here\n$stat_real\n");
+                                       WARN("VSPRINTF_POINTER_EXTENSION",
+                                            "$ext_type vsprintf pointer extension '$bad_specifier'$use\n" . "$here\n$stat_real\n");
+                               }
                        }
                }