From: Kees Cook keescook@chromium.org
commit b25a7c5af9051850d4f3d93ca500056ab6ec724b upstream.
The printing of section addresses in /sys/module/*/sections/* was not using the correct credentials to evaluate visibility.
Before:
# cat /sys/module/*/sections/.*text 0xffffffffc0458000 ... # capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text" 0xffffffffc0458000 ...
After:
# cat /sys/module/*/sections/*.text 0xffffffffc0458000 ... # capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text" 0x0000000000000000 ...
Additionally replaces the existing (safe) /proc/modules check with file->f_cred for consistency.
Reported-by: Dominik Czarnota dominik.czarnota@trailofbits.com Fixes: be71eda5383f ("module: Fix display of wrong module .text address") Cc: stable@vger.kernel.org Tested-by: Jessica Yu jeyu@kernel.org Acked-by: Jessica Yu jeyu@kernel.org Signed-off-by: Kees Cook keescook@chromium.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- kernel/module.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
--- a/kernel/module.c +++ b/kernel/module.c @@ -1527,8 +1527,8 @@ static ssize_t module_sect_read(struct f if (pos != 0) return -EINVAL;
- return sprintf(buf, "0x%px\n", kptr_restrict < 2 ? - (void *)sattr->address : NULL); + return sprintf(buf, "0x%px\n", + kallsyms_show_value(file->f_cred) ? (void *)sattr->address : NULL); }
static void free_sect_attrs(struct module_sect_attrs *sect_attrs) @@ -4351,7 +4351,7 @@ static int modules_open(struct inode *in
if (!err) { struct seq_file *m = file->private_data; - m->private = kallsyms_show_value(current_cred()) ? NULL : (void *)8ul; + m->private = kallsyms_show_value(file->f_cred) ? NULL : (void *)8ul; }
return err;