1. Patchew
  2. linux
  3. View series

[PATCH] ref_tracker: use %p instead of %px in debugfs dentry name

Jeff Layton posted 1 patch 2 months ago
There is a newer version of this series
lib/ref_tracker.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] ref_tracker: use %p instead of %px in debugfs dentry name
Posted by Jeff Layton 2 months ago 
As Kees points out, this is a kernel address leak, and debugging is
not a sufficiently good reason to expose the real kernel address.

Fixes: 65b584f53611 ("ref_tracker: automatically register a file in debugfs for a ref_tracker_dir")
Reported-by: Kees Cook <kees@kernel.org>
Closes: https://lore.kernel.org/netdev/202507301603.62E553F93@keescook/
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
I trust that Kees is right here, so let's go ahead and fix this. I gave
this a quick build and boot this morning and it did the right thing.
---
 lib/ref_tracker.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/ref_tracker.c b/lib/ref_tracker.c
index a9e6ffcff04b1da162a5a6add6bff075c2c9405e..cce12287708ea43e9eda9fe42f82a80423cea4e3 100644
--- a/lib/ref_tracker.c
+++ b/lib/ref_tracker.c
@@ -434,7 +434,7 @@ void ref_tracker_dir_debugfs(struct ref_tracker_dir *dir)
 	if (dentry && !xa_is_err(dentry))
 		return;
 
-	ret = snprintf(name, sizeof(name), "%s@%px", dir->class, dir);
+	ret = snprintf(name, sizeof(name), "%s@%p", dir->class, dir);
 	name[sizeof(name) - 1] = '\0';
 
 	if (ret < sizeof(name)) {

---
base-commit: 260f6f4fda93c8485c8037865c941b42b9cba5d2
change-id: 20250731-reftrack-dbgfs-f99ad92068bc

Best regards,
-- 
Jeff Layton <jlayton@kernel.org>
Re: [PATCH] ref_tracker: use %p instead of %px in debugfs dentry name
Posted by Kees Cook 2 months ago 
On Thu, Jul 31, 2025 at 07:57:05AM -0400, Jeff Layton wrote:
> As Kees points out, this is a kernel address leak, and debugging is
> not a sufficiently good reason to expose the real kernel address.
> 
> Fixes: 65b584f53611 ("ref_tracker: automatically register a file in debugfs for a ref_tracker_dir")
> Reported-by: Kees Cook <kees@kernel.org>
> Closes: https://lore.kernel.org/netdev/202507301603.62E553F93@keescook/
> Signed-off-by: Jeff Layton <jlayton@kernel.org>

Probably better to use a global u64 counter, but %p can work.

Thanks for removing %px!

-- 
Kees Cook
Re: [PATCH] ref_tracker: use %p instead of %px in debugfs dentry name
Posted by Jeff Layton 2 months ago 
On Thu, 2025-07-31 at 09:32 -0700, Kees Cook wrote:
> On Thu, Jul 31, 2025 at 07:57:05AM -0400, Jeff Layton wrote:
> > As Kees points out, this is a kernel address leak, and debugging is
> > not a sufficiently good reason to expose the real kernel address.
> > 
> > Fixes: 65b584f53611 ("ref_tracker: automatically register a file in debugfs for a ref_tracker_dir")
> > Reported-by: Kees Cook <kees@kernel.org>
> > Closes: https://lore.kernel.org/netdev/202507301603.62E553F93@keescook/
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> 
> Probably better to use a global u64 counter, but %p can work.
> 

I disagree here, again for debugging purposes...

Other kernel debugging code can display a hashed pointer via tracepoint
or printk message, etc. Using the same value in the name here gives us
a mechanism to match that up to the correct debugfs file.

Using a counter would make that harder, and you'd have to store the
counter value in the object (or reach into the dentry -- yuck).

Plus if we _really_ need the physical addresses here in the future, we
can boot with no_hash_pointers and get them.

> Thanks for removing %px!

Thanks for pointing out the problem!
-- 
Jeff Layton <jlayton@kernel.org>
Re: [PATCH] ref_tracker: use %p instead of %px in debugfs dentry name
Posted by Jakub Kicinski 2 months ago 
On Thu, 31 Jul 2025 07:57:05 -0400 Jeff Layton wrote:
> As Kees points out, this is a kernel address leak, and debugging is
> not a sufficiently good reason to expose the real kernel address.
> 
> Fixes: 65b584f53611 ("ref_tracker: automatically register a file in debugfs for a ref_tracker_dir")
> Reported-by: Kees Cook <kees@kernel.org>
> Closes: https://lore.kernel.org/netdev/202507301603.62E553F93@keescook/
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> I trust that Kees is right here, so let's go ahead and fix this. I gave
> this a quick build and boot this morning and it did the right thing.

Assuming Andrew will take this one since you haven't cced netdev@ ..
Re: [PATCH] ref_tracker: use %p instead of %px in debugfs dentry name
Posted by Jeff Layton 2 months ago 
On Thu, 2025-07-31 at 07:13 -0700, Jakub Kicinski wrote:
> On Thu, 31 Jul 2025 07:57:05 -0400 Jeff Layton wrote:
> > As Kees points out, this is a kernel address leak, and debugging is
> > not a sufficiently good reason to expose the real kernel address.
> > 
> > Fixes: 65b584f53611 ("ref_tracker: automatically register a file in debugfs for a ref_tracker_dir")
> > Reported-by: Kees Cook <kees@kernel.org>
> > Closes: https://lore.kernel.org/netdev/202507301603.62E553F93@keescook/
> > Signed-off-by: Jeff Layton <jlayton@kernel.org>
> > ---
> > I trust that Kees is right here, so let's go ahead and fix this. I gave
> > this a quick build and boot this morning and it did the right thing.
> 
> Assuming Andrew will take this one since you haven't cced netdev@ ..

Ahh yeah, it wasn't net/ specific so I didn't think to add netdev.
Andrew, would you mind picking this one up?

Thanks,
-- 
Jeff Layton <jlayton@kernel.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.