leaking_addresses: skip '/proc/1/syscall'
authorTobin C. Harding <me@tobin.cc>
Tue, 27 Feb 2018 03:14:24 +0000 (14:14 +1100)
committerTobin C. Harding <me@tobin.cc>
Fri, 6 Apr 2018 22:50:34 +0000 (08:50 +1000)
The pointers listed in /proc/1/syscall are user pointers, and negative
syscall args will show up like kernel addresses.

For example

/proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 \
0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11

Skip parsing /proc/1/syscall

Suggested-by: Tycho Andersen <tycho@tycho.ws>
Signed-off-by: Tobin C. Harding <me@tobin.cc>
scripts/leaking_addresses.pl

index 2075d98278f2973a6d0b26d3b78deca85839258a..db6f39df879f0015028d4906753b479de340ce6c 100755 (executable)
@@ -60,6 +60,7 @@ my $page_offset_32bit = 0;    # Page offset for 32-bit kernel.
 my @skip_abs = (
        '/proc/kmsg',
        '/proc/device-tree',
+       '/proc/1/syscall',
        '/sys/firmware/devicetree',
        '/sys/kernel/debug/tracing/trace_pipe',
        '/sys/kernel/security/apparmor/revision');