CVS commit: src/sys/kern

Thu, 13 Sep 2018 07:45:02 -0700 

Module Name:    src
Committed By:   maxv
Date:           Thu Sep 13 14:44:09 UTC 2018

Modified Files:
        src/sys/kern: kern_descrip.c

Log Message:
Don't leak kernel pointers to userland in kern.file2, same as kern.proc2.


To generate a diff of this commit:
cvs rdiff -u -r1.236 -r1.237 src/sys/kern/kern_descrip.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_descrip.c
diff -u src/sys/kern/kern_descrip.c:1.236 src/sys/kern/kern_descrip.c:1.237
--- src/sys/kern/kern_descrip.c:1.236	Mon Sep  3 16:29:35 2018
+++ src/sys/kern/kern_descrip.c	Thu Sep 13 14:44:09 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_descrip.c,v 1.236 2018/09/03 16:29:35 riastradh Exp $	*/
+/*	$NetBSD: kern_descrip.c,v 1.237 2018/09/13 14:44:09 maxv Exp $	*/
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.236 2018/09/03 16:29:35 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.237 2018/09/13 14:44:09 maxv Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -2283,35 +2283,50 @@ sysctl_kern_file2(SYSCTLFN_ARGS)
 	return error;
 }
 
+#define SET_KERN_ADDR(dst, src, allow)	\
+	do {				\
+		if (allow)		\
+			dst = src;	\
+	} while (0);
+
 static void
 fill_file(struct kinfo_file *kp, const file_t *fp, const fdfile_t *ff,
 	  int i, pid_t pid)
 {
+	bool allowaddr;
+	int error;
+
+	/* If not privileged, don't expose kernel addresses. */
+	error = kauth_authorize_process(kauth_cred_get(), KAUTH_PROCESS_CANSEE,
+	    curproc, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_KPTR), NULL, NULL);
+	allowaddr = (error == 0);
 
 	memset(kp, 0, sizeof(*kp));
 
-	kp->ki_fileaddr =	PTRTOUINT64(fp);
+	SET_KERN_ADDR(kp->ki_fileaddr, PTRTOUINT64(fp), allowaddr);
 	kp->ki_flag =		fp->f_flag;
 	kp->ki_iflags =		0;
 	kp->ki_ftype =		fp->f_type;
 	kp->ki_count =		fp->f_count;
 	kp->ki_msgcount =	fp->f_msgcount;
-	kp->ki_fucred =		PTRTOUINT64(fp->f_cred);
+	SET_KERN_ADDR(kp->ki_fucred, PTRTOUINT64(fp->f_cred), allowaddr);
 	kp->ki_fuid =		kauth_cred_geteuid(fp->f_cred);
 	kp->ki_fgid =		kauth_cred_getegid(fp->f_cred);
-	kp->ki_fops =		PTRTOUINT64(fp->f_ops);
+	SET_KERN_ADDR(kp->ki_fops, PTRTOUINT64(fp->f_ops), allowaddr);
 	kp->ki_foffset =	fp->f_offset;
-	kp->ki_fdata =		PTRTOUINT64(fp->f_data);
+	SET_KERN_ADDR(kp->ki_fdata, PTRTOUINT64(fp->f_data), allowaddr);
 
 	/* vnode information to glue this file to something */
 	if (fp->f_type == DTYPE_VNODE) {
 		struct vnode *vp = fp->f_vnode;
 
-		kp->ki_vun =	PTRTOUINT64(vp->v_un.vu_socket);
+		SET_KERN_ADDR(kp->ki_vun, PTRTOUINT64(vp->v_un.vu_socket),
+		    allowaddr);
 		kp->ki_vsize =	vp->v_size;
 		kp->ki_vtype =	vp->v_type;
 		kp->ki_vtag =	vp->v_tag;
-		kp->ki_vdata =	PTRTOUINT64(vp->v_data);
+		SET_KERN_ADDR(kp->ki_vdata, PTRTOUINT64(vp->v_data),
+		    allowaddr);
 	}
 
 	/* process information when retrieved via KERN_FILE_BYPID */

Reply via email to