summaryrefslogtreecommitdiffstats
path: root/net/core
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2020-07-02 15:45:23 -0700
committerKees Cook <keescook@chromium.org>2020-07-08 16:01:21 -0700
commit63960260457a02af2a6cb35d75e6bdb17299c882 (patch)
treef228a9c11508b12047dba30ae47457d4043955ea /net/core
parent60f7bb66b88b649433bf700acfc60c3f24953871 (diff)
downloadlinux-63960260457a02af2a6cb35d75e6bdb17299c882.tar.gz
linux-63960260457a02af2a6cb35d75e6bdb17299c882.tar.bz2
linux-63960260457a02af2a6cb35d75e6bdb17299c882.zip
bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok()
When evaluating access control over kallsyms visibility, credentials at open() time need to be used, not the "current" creds (though in BPF's case, this has likely always been the same). Plumb access to associated file->f_cred down through bpf_dump_raw_ok() and its callers now that kallsysm_show_value() has been refactored to take struct cred. Cc: Alexei Starovoitov <ast@kernel.org> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: bpf@vger.kernel.org Cc: stable@vger.kernel.org Fixes: 7105e828c087 ("bpf: allow for correlation of maps and helpers in dump") Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'net/core')
-rw-r--r--net/core/sysctl_net_core.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index f93f8ace6c56..6ada114bbcca 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -274,7 +274,7 @@ static int proc_dointvec_minmax_bpf_enable(struct ctl_table *table, int write,
ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
if (write && !ret) {
if (jit_enable < 2 ||
- (jit_enable == 2 && bpf_dump_raw_ok())) {
+ (jit_enable == 2 && bpf_dump_raw_ok(current_cred()))) {
*(int *)table->data = jit_enable;
if (jit_enable == 2)
pr_warn("bpf_jit_enable = 2 was set! NEVER use this in production, only for JIT debugging!\n");