[PATCH 2/3] leaking_addresses: skip '/proc/1/syscall'

From: Tobin C. Harding
Date: Mon Feb 26 2018 - 23:45:40 EST

Next message: Tobin C. Harding: "[PATCH 3/3] leaking_addresses: remove version number"
Previous message: Tobin C. Harding: "[PATCH 1/3] leaking_addresses: skip all /proc/PID except /proc/1"
In reply to: Tobin C. Harding: "Re: [PATCH 1/3] leaking_addresses: skip all /proc/PID except /proc/1"
Next in thread: Tobin C. Harding: "[PATCH 3/3] leaking_addresses: remove version number"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The pointers listed in /proc/1/syscall are user pointers, and negative
syscall args will show up like kernel addresses.

For example

/proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 \
0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11

Skip parsing /proc/1/syscall

Reported-by: Tycho Andersen <tycho@xxxxxxxx>
Signed-off-by: Tobin C. Harding <me@xxxxxxxx>
---
scripts/leaking_addresses.pl | 1 +
1 file changed, 1 insertion(+)

diff --git a/scripts/leaking_addresses.pl b/scripts/leaking_addresses.pl
index fb40e2828f43..ac84a164a528 100755
--- a/scripts/leaking_addresses.pl
+++ b/scripts/leaking_addresses.pl
@@ -60,6 +60,7 @@ my $page_offset_32bit = 0; # Page offset for 32-bit kernel.
my @skip_abs = (
'/proc/kmsg',
'/proc/device-tree',
+ '/proc/1/syscall',
'/sys/firmware/devicetree',
'/sys/kernel/debug/tracing/trace_pipe',
'/sys/kernel/security/apparmor/revision');
--
2.7.4

Next message: Tobin C. Harding: "[PATCH 3/3] leaking_addresses: remove version number"
Previous message: Tobin C. Harding: "[PATCH 1/3] leaking_addresses: skip all /proc/PID except /proc/1"
In reply to: Tobin C. Harding: "Re: [PATCH 1/3] leaking_addresses: skip all /proc/PID except /proc/1"
Next in thread: Tobin C. Harding: "[PATCH 3/3] leaking_addresses: remove version number"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]