checkpatch: warn for use of %px
authorTobin C. Harding <me@tobin.cc>
Tue, 10 Apr 2018 23:33:31 +0000 (16:33 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Wed, 11 Apr 2018 17:28:36 +0000 (10:28 -0700)
Usage of the new %px specifier potentially leaks sensitive information.
Printing kernel addresses exposes the kernel layout in memory, this is
potentially exploitable.  We have tools in the kernel to help us do the
right thing.  We can have checkpatch warn developers of potential
dangers of using %px.

Have checkpatch emit a warning for usage of specifier %px.

Link: http://lkml.kernel.org/r/1519700648-23108-5-git-send-email-me@tobin.cc
Signed-off-by: Tobin C. Harding <me@tobin.cc>
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
scripts/checkpatch.pl

index 8be5297..788c90c 100755 (executable)
@@ -5812,29 +5812,45 @@ sub process {
                    defined $stat &&
                    $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
                    $1 !~ /^_*volatile_*$/) {
-                       my $bad_extension = "";
+                       my $specifier;
+                       my $extension;
+                       my $bad_specifier = "";
+                       my $stat_real;
+
                        my $lc = $stat =~ tr@\n@@;
                        $lc = $lc + $linenr;
                        for (my $count = $linenr; $count <= $lc; $count++) {
                                my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0));
                                $fmt =~ s/%%//g;
-                               if ($fmt =~ /(\%[\*\d\.]*p(?![\WSsBKRraEhMmIiUDdgVCbGNOx]).)/) {
-                                       $bad_extension = $1;
-                                       last;
-                               }
-                       }
-                       if ($bad_extension ne "") {
-                               my $stat_real = get_stat_real($linenr, $lc);
-                               my $ext_type = "Invalid";
-                               my $use = "";
-                               if ($bad_extension =~ /p[Ff]/) {
-                                       $ext_type = "Deprecated";
-                                       $use = " - use %pS instead";
-                                       $use =~ s/pS/ps/ if ($bad_extension =~ /pf/);
+
+                               while ($fmt =~ /(\%[\*\d\.]*p(\w))/g) {
+                                       $specifier = $1;
+                                       $extension = $2;
+                                       if ($extension !~ /[SsBKRraEhMmIiUDdgVCbGNOx]/) {
+                                               $bad_specifier = $specifier;
+                                               last;
+                                       }
+                                       if ($extension eq "x" && !defined($stat_real)) {
+                                               if (!defined($stat_real)) {
+                                                       $stat_real = get_stat_real($linenr, $lc);
+                                               }
+                                               WARN("VSPRINTF_SPECIFIER_PX",
+                                                    "Using vsprintf specifier '\%px' potentially exposes the kernel memory layout, if you don't really need the address please consider using '\%p'.\n" . "$here\n$stat_real\n");
+                                       }
                                }
+                               if ($bad_specifier ne "") {
+                                       my $stat_real = get_stat_real($linenr, $lc);
+                                       my $ext_type = "Invalid";
+                                       my $use = "";
+                                       if ($bad_specifier =~ /p[Ff]/) {
+                                               $ext_type = "Deprecated";
+                                               $use = " - use %pS instead";
+                                               $use =~ s/pS/ps/ if ($bad_specifier =~ /pf/);
+                                       }
 
-                               WARN("VSPRINTF_POINTER_EXTENSION",
-                                    "$ext_type vsprintf pointer extension '$bad_extension'$use\n" . "$here\n$stat_real\n");
+                                       WARN("VSPRINTF_POINTER_EXTENSION",
+                                            "$ext_type vsprintf pointer extension '$bad_specifier'$use\n" . "$here\n$stat_real\n");
+                               }
                        }
                }