From: Kees Cook <keesc...@chromium.org>
commit b25a7c5af9051850d4f3d93ca500056ab6ec724b upstream.
The printing of section addresses in /sys/module/*/sections/* was not
using the correct credentials to evaluate visibility.
Before:
# cat /sys/module/*/sections/.*text
0xffffffffc0458000
...
# capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text"
0xffffffffc0458000
...
After:
# cat /sys/module/*/sections/*.text
0xffffffffc0458000
...
# capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text"
0x0000000000000000
...
Additionally replaces the existing (safe) /proc/modules check with
file->f_cred for consistency.
Reported-by: Dominik Czarnota <dominik.czarn...@trailofbits.com>
Fixes: be71eda5383f ("module: Fix display of wrong module .text address")
Cc: sta...@vger.kernel.org
Tested-by: Jessica Yu <j...@kernel.org>
Acked-by: Jessica Yu <j...@kernel.org>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
kernel/module.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1471,8 +1471,8 @@ static ssize_t module_sect_read(struct f
if (pos != 0)
return -EINVAL;
- return sprintf(buf, "0x%px\n", kptr_restrict < 2 ?
- (void *)sattr->address : NULL);
+ return sprintf(buf, "0x%px\n",
+ kallsyms_show_value(file->f_cred) ? (void
*)sattr->address : NULL);
}
static void free_sect_attrs(struct module_sect_attrs *sect_attrs)
@@ -4260,7 +4260,7 @@ static int modules_open(struct inode *in
if (!err) {
struct seq_file *m = file->private_data;
- m->private = kallsyms_show_value(current_cred()) ? NULL : (void
*)8ul;
+ m->private = kallsyms_show_value(file->f_cred) ? NULL : (void
*)8ul;
}
return err;
