Linux 2.6.30 and the "init_cred" symbol

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all !

I have recently become interested in understanding some recent exploits written by Brad Spengler, and especially the one using a null-pointer dereference in tun_chr_poll() (this exploit can be found here : http://grsecurity.net/~spender/cheddar_bay.tgz).

After taking a look at his code, I decided to compile Linux 2.6.30, so I could run the exploit and play with the code a little. I ended up cloning the following repository (http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git;a=summary) and doing a checkout of an older branch (in which the patch http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git;a=commit;h=3f8fd3f9f677ce452556aca82473b7fcac370830 had not been applied). I compiled the kernel as a .deb package, and it works perfectly on a virtual machine running Debian.

The problem is I can't get to run the exploit : to do so, I would need to be able to resolve the address of the "init_cred" symbol. The fact is that the following command does not return anything :
$ grep init_cred /proc/kallsyms

According to http://lwn.net/Articles/287091/, init_cred is "the set of credentials used by the init process and by all kernel daemons", which makes me think this symbol should be there. Do you think I did something wrong when compiling the kernel, or is that normal not to find this symbol on certain versions of Linux ?

Thanks in advance !

Cyril Roelandt.
--
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

[Index of Archives]     [Audio]     [Hams]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Fedora Users]

  Powered by Linux