Commit 9f36e2c4 authored by Kees Cook's avatar Kees Cook Committed by Linus Torvalds

printk: use %pK for /proc/kallsyms and /proc/modules

In an effort to reduce kernel address leaks that might be used to help
target kernel privilege escalation exploits, this patch uses %pK when
displaying addresses in /proc/kallsyms, /proc/modules, and
/sys/module/*/sections/*.

Note that this changes %x to %p, so some legitimately 0 values in
/proc/kallsyms would have changed from 00000000 to "(null)".  To avoid
this, "(null)" is not used when using the "K" format.  Anything that was
already successfully parsing "(null)" in addition to full hex digits
should have no problem with this change.  (Thanks to Joe Perches for the
suggestion.) Due to the %x to %p, "void *" casts are needed since these
addresses are already "unsigned long" everywhere internally, due to their
starting life as ELF section offsets.
Signed-off-by: default avatarKees Cook <kees.cook@canonical.com>
Cc: Eugene Teo <eugene@redhat.com>
Cc: Dan Rosenberg <drosenberg@vsecurity.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent fe3d8ad3
...@@ -477,13 +477,11 @@ static int s_show(struct seq_file *m, void *p) ...@@ -477,13 +477,11 @@ static int s_show(struct seq_file *m, void *p)
*/ */
type = iter->exported ? toupper(iter->type) : type = iter->exported ? toupper(iter->type) :
tolower(iter->type); tolower(iter->type);
seq_printf(m, "%0*lx %c %s\t[%s]\n", seq_printf(m, "%pK %c %s\t[%s]\n", (void *)iter->value,
(int)(2 * sizeof(void *)), type, iter->name, iter->module_name);
iter->value, type, iter->name, iter->module_name);
} else } else
seq_printf(m, "%0*lx %c %s\n", seq_printf(m, "%pK %c %s\n", (void *)iter->value,
(int)(2 * sizeof(void *)), iter->type, iter->name);
iter->value, iter->type, iter->name);
return 0; return 0;
} }
......
...@@ -1168,7 +1168,7 @@ static ssize_t module_sect_show(struct module_attribute *mattr, ...@@ -1168,7 +1168,7 @@ static ssize_t module_sect_show(struct module_attribute *mattr,
{ {
struct module_sect_attr *sattr = struct module_sect_attr *sattr =
container_of(mattr, struct module_sect_attr, mattr); container_of(mattr, struct module_sect_attr, mattr);
return sprintf(buf, "0x%lx\n", sattr->address); return sprintf(buf, "0x%pK\n", (void *)sattr->address);
} }
static void free_sect_attrs(struct module_sect_attrs *sect_attrs) static void free_sect_attrs(struct module_sect_attrs *sect_attrs)
...@@ -3224,7 +3224,7 @@ static int m_show(struct seq_file *m, void *p) ...@@ -3224,7 +3224,7 @@ static int m_show(struct seq_file *m, void *p)
mod->state == MODULE_STATE_COMING ? "Loading": mod->state == MODULE_STATE_COMING ? "Loading":
"Live"); "Live");
/* Used by oprofile and other similar tools. */ /* Used by oprofile and other similar tools. */
seq_printf(m, " 0x%p", mod->module_core); seq_printf(m, " 0x%pK", mod->module_core);
/* Taints info */ /* Taints info */
if (mod->taints) if (mod->taints)
......
...@@ -991,7 +991,7 @@ static noinline_for_stack ...@@ -991,7 +991,7 @@ static noinline_for_stack
char *pointer(const char *fmt, char *buf, char *end, void *ptr, char *pointer(const char *fmt, char *buf, char *end, void *ptr,
struct printf_spec spec) struct printf_spec spec)
{ {
if (!ptr) { if (!ptr && *fmt != 'K') {
/* /*
* Print (null) with the same width as a pointer so it makes * Print (null) with the same width as a pointer so it makes
* tabular output look nice. * tabular output look nice.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment