Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 19 Dec 2017 09:41:29 +1100
From: "Tobin C. Harding" <>
To: Felix Fietkau <>,
Cc: Steven Rostedt <>, Tycho Andersen <>,
 Linus Torvalds <>,
 Kees Cook <>,
 Andrew Morton <>,
 Daniel Borkmann <>,
 Masahiro Yamada <>,
 Alexei Starovoitov <>,,
 Network Development <>
Subject: Re: [PATCH 1/3] kallsyms: don't leak address when symbol not found

On Mon, Dec 18, 2017, at 20:55, Felix Fietkau wrote:
> On 2017-12-18 00:53, Tobin C. Harding wrote:
> > Currently if kallsyms_lookup() fails to find the symbol then the address
> > is printed. This potentially leaks sensitive information. Instead of
> > printing the address we can return an error, giving the calling code the
> > option to print the address or print some sanitized message.
> > 
> > Return error instead of printing address to argument buffer. Leave
> > buffer in a sane state.
> > 
> > Signed-off-by: Tobin C. Harding <>
> I think there should be a way to keep the old behavior for debugging.

That was the intended use of


in patch 2 of this series. Then if debugging behaviour is adversely
effected one could use string_is_no_symbol() on a case by case basis to
add back in the original behaviour. 

Current suggestion on list is to remove this function. Do you have a use
case in mind where debugging will break? We could add a fix to this
series if so. Otherwise next version will likely drop


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.