mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

leaking_addresses: Ignore input device status lines 

These are false positives from the input subsystem:

/proc/bus/input/devices: B: KEY=402000000 3803078f800d001 feffffdfffefffff fffffffffffffffe
/sys/devices/platform/i8042/serio0/input/input1/uevent: KEY=402000000 3803078f800d001 feffffdfffefffff fffffffffffffffe
/sys/devices/platform/i8042/serio0/input/input1/capabilities/key: 402000000 3803078f800d001 feffffdf

Pass in the filename for more context and expand the "ignored pattern"
matcher to notice these.

Reviewed-by: Tycho Andersen <tandersen@netflix.com>
Link: https://lore.kernel.org/r/20240222220053.1475824-3-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
Kees Cook 2024-02-22 14:00:50 -08:00
parent 1b1bcbf454
commit 3e389d457b
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
scripts/leaking_addresses.pl
View File

@ -284,9 +284,10 @@ sub is_false_positive
return is_false_positive_32bit($match); return is_false_positive_32bit($match);
} }
# 64 bit false positives. # Ignore 64 bit false positives:
# 0xfffffffffffffff[0-f]
if ($match =~ '\b(0x)?(f|F){16}\b' or # 0x0000000000000000
if ($match =~ '\b(0x)?(f|F){15}[0-9a-f]\b' or
$match =~ '\b(0x)?0{16}\b') { $match =~ '\b(0x)?0{16}\b') {
return 1; return 1;
} }
@ -303,7 +304,7 @@ sub is_false_positive_32bit
my ($match) = @_; my ($match) = @_;
state $page_offset = get_page_offset(); state $page_offset = get_page_offset();
if ($match =~ '\b(0x)?(f|F){8}\b') { if ($match =~ '\b(0x)?(f|F){7}[0-9a-f]\b') {
return 1; return 1;
} }
@ -346,18 +347,23 @@ sub is_in_vsyscall_memory_region
# True if argument potentially contains a kernel address. # True if argument potentially contains a kernel address.
sub may_leak_address sub may_leak_address
{ {
my ($line) = @_; my ($path, $line) = @_;
my $address_re; my $address_re;
# Signal masks. # Ignore Signal masks.
if ($line =~ '^SigBlk:' or if ($line =~ '^SigBlk:' or
$line =~ '^SigIgn:' or $line =~ '^SigIgn:' or
$line =~ '^SigCgt:') { $line =~ '^SigCgt:') {
return 0; return 0;
} }
if ($line =~ '\bKEY=[[:xdigit:]]{14} [[:xdigit:]]{16} [[:xdigit:]]{16}\b' or # Ignore input device reporting.
$line =~ '\b[[:xdigit:]]{14} [[:xdigit:]]{16} [[:xdigit:]]{16}\b') { # /proc/bus/input/devices: B: KEY=402000000 3803078f800d001 feffffdfffefffff fffffffffffffffe
# /sys/devices/platform/i8042/serio0/input/input1/uevent: KEY=402000000 3803078f800d001 feffffdfffefffff fffffffffffffffe
# /sys/devices/platform/i8042/serio0/input/input1/capabilities/key: 402000000 3803078f800d001 feffffdfffefffff fffffffffffffffe
if ($line =~ '\bKEY=[[:xdigit:]]{9,14} [[:xdigit:]]{16} [[:xdigit:]]{16}\b' or
($path =~ '\bkey$' and
$line =~ '\b[[:xdigit:]]{9,14} [[:xdigit:]]{16} [[:xdigit:]]{16}\b')) {
return 0; return 0;
} }
@ -400,7 +406,7 @@ sub parse_dmesg
{ {
open my $cmd, '-|', 'dmesg'; open my $cmd, '-|', 'dmesg';
while (<$cmd>) { while (<$cmd>) {
if (may_leak_address($_)) { if (may_leak_address("dmesg", $_)) {
print 'dmesg: ' . $_; print 'dmesg: ' . $_;
} }
} }
@ -456,7 +462,7 @@ sub parse_file
open my $fh, "<", $file or return; open my $fh, "<", $file or return;
while ( <$fh> ) { while ( <$fh> ) {
chomp; chomp;
if (may_leak_address($_)) { if (may_leak_address($file, $_)) {
printf("$file: $_\n"); printf("$file: $_\n");
} }
} }
@ -468,7 +474,7 @@ sub check_path_for_leaks
{ {
my ($path) = @_; my ($path) = @_;
if (may_leak_address($path)) { if (may_leak_address($path, $path)) {
printf("Path name may contain address: $path\n"); printf("Path name may contain address: $path\n");
} }
} }