| From 60f7bb66b88b649433bf700acfc60c3f24953871 Mon Sep 17 00:00:00 2001 |
| From: Kees Cook <keescook@chromium.org> |
| Date: Thu, 2 Jul 2020 15:20:22 -0700 |
| Subject: kprobes: Do not expose probe addresses to non-CAP_SYSLOG |
| |
| From: Kees Cook <keescook@chromium.org> |
| |
| commit 60f7bb66b88b649433bf700acfc60c3f24953871 upstream. |
| |
| The kprobe show() functions were using "current"'s creds instead |
| of the file opener's creds for kallsyms visibility. Fix to use |
| seq_file->file->f_cred. |
| |
| Cc: Masami Hiramatsu <mhiramat@kernel.org> |
| Cc: stable@vger.kernel.org |
| Fixes: 81365a947de4 ("kprobes: Show address of kprobes if kallsyms does") |
| Fixes: ffb9bd68ebdb ("kprobes: Show blacklist addresses as same as kallsyms does") |
| Signed-off-by: Kees Cook <keescook@chromium.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| kernel/kprobes.c | 4 ++-- |
| 1 file changed, 2 insertions(+), 2 deletions(-) |
| |
| --- a/kernel/kprobes.c |
| +++ b/kernel/kprobes.c |
| @@ -2362,7 +2362,7 @@ static void report_probe(struct seq_file |
| else |
| kprobe_type = "k"; |
| |
| - if (!kallsyms_show_value(current_cred())) |
| + if (!kallsyms_show_value(pi->file->f_cred)) |
| addr = NULL; |
| |
| if (sym) |
| @@ -2463,7 +2463,7 @@ static int kprobe_blacklist_seq_show(str |
| * If /proc/kallsyms is not showing kernel address, we won't |
| * show them here either. |
| */ |
| - if (!kallsyms_show_value(current_cred())) |
| + if (!kallsyms_show_value(m->file->f_cred)) |
| seq_printf(m, "0x%px-0x%px\t%ps\n", NULL, NULL, |
| (void *)ent->start_addr); |
| else |