Skip to content
Find file Blame History Permalink
  • Linus Torvalds's avatar
    Merge tag 'leaks-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tobin/leaks · 299f89d5
    Linus Torvalds authored 
    Pull leaking-addresses updates from Tobin Harding:
 "This set represents improvements to the scripts/leaking_addresses.pl
  script.

  The major improvement is that with this set applied the script
  actually runs in a reasonable amount of time (less than a minute on a
  standard stock Ubuntu user desktop). Also, we have a second maintainer
  now and a tree hosted on kernel.org

  We do a few code clean ups. We fix the command help output. Handling
  of the vsyscall address range is fixed to check the whole range
  instead of just the start/end addresses. We add support for 5 page
  table levels (suggested on LKML). We use a system command to get the
  machine architecture instead of using Perl. Calling this command for
  every regex comparison is what previously choked the script, caching
  the result of this call gave the major speed improvement. We add
  support for scanning 32-bit kernels using the user/kernel memory
  split. Path skipping code refactored and simplified (meaning easier
  script configuration). We remove version numbering. We add a variable
  name to improve readability of a regex and finally we check filenames
  for leaking addresses.

  Currently script scans /proc/PID for all PID. With this set applied we
  only scan for PID==1. It was observed that on an idle system files
  under /proc/PID are predominantly the same for all processes. Also it
  was noted that the script does not scan _all_ the kernel since it only
  scans active processes. Scanning only for PID==1 makes explicit the
  inherent flaw in the script that the scan is only partial and also
  speeds things up"

* tag 'leaks-4.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tobin/leaks:
  MAINTAINERS: Update LEAKING_ADDRESSES
  leaking_addresses: check if file name contains address
  leaking_addresses: explicitly name variable used in regex
  leaking_addresses: remove version number
  leaking_addresses: skip '/proc/1/syscall'
  leaking_addresses: skip all /proc/PID except /proc/1
  leaking_addresses: cache architecture name
  leaking_addresses: simplify path skipping
  leaking_addresses: do not parse binary files
  leaking_addresses: add 32-bit support
  leaking_addresses: add is_arch() wrapper subroutine
  leaking_addresses: use system command to get arch
  leaking_addresses: add support for 5 page table levels
  leaking_addresses: add support for kernel config file
  leaking_addresses: add range check for vsyscall memory
  leaking_addresses: indent dependant options
  leaking_addresses: remove command examples
  leaking_addresses: remove mention of kptr_restrict
  leaking_addresses: fix typo function not called
    299f89d5