Re: [PATCH] use %pK for /proc/kallsyms and /proc/modules
From: Andrew Morton
Date: Wed Jan 26 2011 - 18:58:10 EST
On Tue, 25 Jan 2011 10:10:58 -0800
Kees Cook <kees.cook@xxxxxxxxxxxxx> wrote:
> Instead of messing with permissions on these files,
This implies that the patch alters permission handling, only it
doesn't. But I worked it out!
> use %pK for kernel
> addresses to reduce potential information leaks that might be used to
> help target kernel privilege escalation exploits.
> Note that this changes %x to %p, so some legitimately 0 values in
> /proc/kallsyms would have changed from 00000000 to "(null)". To avoid
> this, "(null)" is not used when using the "K" format. Anything parsing
> such addresses should have no problem with this change. (Thanks to Joe
> Perches for the suggestion.)
> Note that when compiling with -Wformat, these harmless warnings will
> be emitted, and can be ignored:
> warning: '0' flag used with ___%p___ gnu_printf format
OK, so what applications did this patch just break?
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/