diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-11-29 14:28:09 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-11-29 14:28:09 -0500 |
| commit | ef0010a30935de4e0211cbc7bdffc30446cdee9b (patch) | |
| tree | 8390d91f247b724dd00ad91f25d8bcf391e3a52c /lib | |
| parent | 668533dc0764b30c9dd2baf3ca800156f688326b (diff) | |
vsprintf: don't use 'restricted_pointer()' when not restricting
Instead, just fall back on the new '%p' behavior which hashes the
pointer.
Otherwise, '%pK' - that was intended to mark a pointer as restricted -
just ends up leaking pointers that a normal '%p' wouldn't leak. Which
just make the whole thing pointless.
I suspect we should actually get rid of '%pK' entirely, and make it just
work as '%p' regardless, but this is the minimal obvious fix. People
who actually use 'kptr_restrict' should weigh in on which behavior they
want.
Cc: Tobin Harding <me@tobin.cc>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/vsprintf.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/vsprintf.c b/lib/vsprintf.c index d960aead0336..01c3957b2de6 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c | |||
| @@ -1931,6 +1931,8 @@ char *pointer(const char *fmt, char *buf, char *end, void *ptr, | |||
| 1931 | return buf; | 1931 | return buf; |
| 1932 | } | 1932 | } |
| 1933 | case 'K': | 1933 | case 'K': |
| 1934 | if (!kptr_restrict) | ||
| 1935 | break; | ||
| 1934 | return restricted_pointer(buf, end, ptr, spec); | 1936 | return restricted_pointer(buf, end, ptr, spec); |
| 1935 | case 'N': | 1937 | case 'N': |
| 1936 | return netdev_bits(buf, end, ptr, fmt); | 1938 | return netdev_bits(buf, end, ptr, fmt); |