Re: [PATCH] /proc/modules: honor kptr_restrict even without CONFIG_KALLSYMS

From: Aleksander Mazur
Date: Fri May 26 2023 - 19:02:34 EST


Hi,

Have you had a chance to review my patch?

--

Dnia 2022-06-05, o godz. 22:43:47
Aleksander Mazur <deweloper@xxxxx> napisał(a):

> Commit e4a8ca3baa55 fixed building without CONFIG_KALLSYMS by providing
> dummy kallsyms_show_value(). Unfortunately -- due to hard-coded "false"
> being returned -- access to addresses in /proc/modules became permanently
> disabled.
>
> My proposal is to change this unconditional "false" to !kptr_restrict.
> This re-enables addresses in /proc/modules even without CONFIG_KALLSYSMS
> unless restricted by means of sysctl (kernel.kptr_restrict).
>
> Fixes: e4a8ca3baa55 ("/proc/module: fix building without kallsyms")
> Signed-off-by: Aleksander Mazur <deweloper@xxxxx>
> ---
> include/linux/kallsyms.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/linux/kallsyms.h b/include/linux/kallsyms.h
> index ad39636e0c3f..cf64f9709f46 100644
> --- a/include/linux/kallsyms.h
> +++ b/include/linux/kallsyms.h
> @@ -160,7 +160,7 @@ static inline int lookup_symbol_attrs(unsigned long addr,
> unsigned long *size, u
> static inline bool kallsyms_show_value(const struct cred *cred)
> {
> - return false;
> + return !kptr_restrict;
> }
>
> static inline int kallsyms_on_each_symbol(int (*fn)(void *, const char *,
> struct module *,