bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() - linux-dev - Linux kernel development work

diff options

author	Kees Cook <keescook@chromium.org>	2020-07-02 15:45:23 -0700
committer	Kees Cook <keescook@chromium.org>	2020-07-08 16:01:21 -0700
commit	63960260457a02af2a6cb35d75e6bdb17299c882 (patch)
tree	f228a9c11508b12047dba30ae47457d4043955ea /tools
parent	kprobes: Do not expose probe addresses to non-CAP_SYSLOG (diff)
download	linux-dev-63960260457a02af2a6cb35d75e6bdb17299c882.tar.xz linux-dev-63960260457a02af2a6cb35d75e6bdb17299c882.zip

bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok()

When evaluating access control over kallsyms visibility, credentials at open() time need to be used, not the "current" creds (though in BPF's case, this has likely always been the same). Plumb access to associated file->f_cred down through bpf_dump_raw_ok() and its callers now that kallsysm_show_value() has been refactored to take struct cred. Cc: Alexei Starovoitov <ast@kernel.org> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: bpf@vger.kernel.org Cc: stable@vger.kernel.org Fixes: 7105e828c087 ("bpf: allow for correlation of maps and helpers in dump") Signed-off-by: Kees Cook <keescook@chromium.org>

Diffstat (limited to 'tools')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: