leaking_addresses: skip '/proc/1/syscall'

The pointers listed in /proc/1/syscall are user pointers, and negative
syscall args will show up like kernel addresses.

For example

/proc/31808/syscall: 0 0x3 0x55b107a38180 0x2000 0xffffffffffffffb0 \
0x55b107a302d0 0x55b107a38180 0x7fffa313b8e8 0x7ff098560d11

Skip parsing /proc/1/syscall

Suggested-by: Tycho Andersen <tycho@tycho.ws>
Signed-off-by: Tobin C. Harding <me@tobin.cc>
This commit is contained in:
Tobin C. Harding 2018-02-27 14:14:24 +11:00
parent 472c9e1085
commit 2ad7429392

View file

@ -60,6 +60,7 @@ my $page_offset_32bit = 0; # Page offset for 32-bit kernel.
my @skip_abs = (
'/proc/kmsg',
'/proc/device-tree',
'/proc/1/syscall',
'/sys/firmware/devicetree',
'/sys/kernel/debug/tracing/trace_pipe',
'/sys/kernel/security/apparmor/revision');