diff options
| author | Kees Cook <keescook@chromium.org> | 2020-07-02 11:49:23 -0700 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2020-07-08 15:59:57 -0700 |
| commit | 160251842cd35a75edfb0a1d76afa3eb674ff40a (patch) | |
| tree | a1ce82f3b8d23a325c151bd998b815af9574617c /kernel/module.c | |
| parent | 48778464bb7d346b47157d21ffde2af6b2d39110 (diff) | |
| download | linux-stable-160251842cd35a75edfb0a1d76afa3eb674ff40a.tar.gz linux-stable-160251842cd35a75edfb0a1d76afa3eb674ff40a.tar.bz2 linux-stable-160251842cd35a75edfb0a1d76afa3eb674ff40a.zip | |
kallsyms: Refactor kallsyms_show_value() to take cred
In order to perform future tests against the cred saved during open(),
switch kallsyms_show_value() to operate on a cred, and have all current
callers pass current_cred(). This makes it very obvious where callers
are checking the wrong credential in their "read" contexts. These will
be fixed in the coming patches.
Additionally switch return value to bool, since it is always used as a
direct permission check, not a 0-on-success, negative-on-error style
function return.
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'kernel/module.c')
| -rw-r--r-- | kernel/module.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/module.c b/kernel/module.c index e8a198588f26..a5022ae84e50 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -4377,7 +4377,7 @@ static int modules_open(struct inode *inode, struct file *file) if (!err) { struct seq_file *m = file->private_data; - m->private = kallsyms_show_value() ? NULL : (void *)8ul; + m->private = kallsyms_show_value(current_cred()) ? NULL : (void *)8ul; } return err; |