The patch titled
kptr_restrict-for-hiding-kernel-pointers-v6
has been removed from the -mm tree. Its filename was
kptr_restrict-for-hiding-kernel-pointers-v6.patch
This patch was dropped because it was folded into kptr_restrict-for-hiding-kernel-pointers-from-unprivileged-users.patch
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: kptr_restrict-for-hiding-kernel-pointers-v6
From: Dan Rosenberg <drosenberg@xxxxxxxxxxxxx>
v6 removes the WARN_ONCE in favor of returning "pK-error" to avoid
breaking in certain cases, thanks to Ingo Molnar.
v5 sets kptr_restrict to a default value of 1, and properly handles the
case where it's incorrectly used in IRQ context.
Signed-off-by: Dan Rosenberg <drosenberg@xxxxxxxxxxxxx>
Cc: James Morris <jmorris@xxxxxxxxx>
Cc: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Cc: Thomas Graf <tgraf@xxxxxxxxxxxxx>
Cc: Eugene Teo <eugeneteo@xxxxxxxxxx>
Cc: Kees Cook <kees.cook@xxxxxxxxxxxxx>
Cc: Ingo Molnar <mingo@xxxxxxx>
Cc: David S. Miller <davem@xxxxxxxxxxxxx>
Cc: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>
Cc: Eric Paris <eparis@xxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
Documentation/sysctl/kernel.txt | 4 ++--
lib/vsprintf.c | 13 ++++++++-----
2 files changed, 10 insertions(+), 7 deletions(-)
diff -puN Documentation/sysctl/kernel.txt~kptr_restrict-for-hiding-kernel-pointers-v6 Documentation/sysctl/kernel.txt
--- a/Documentation/sysctl/kernel.txt~kptr_restrict-for-hiding-kernel-pointers-v6
+++ a/Documentation/sysctl/kernel.txt
@@ -266,8 +266,8 @@ kptr_restrict:
This toggle indicates whether restrictions are placed on
exposing kernel addresses via /proc and other interfaces. When
-kptr_restrict is set to (0), the default, there are no
-restrictions. When kptr_restrict is set to (1), kernel pointers
+kptr_restrict is set to (0), there are no restrictions. When
+kptr_restrict is set to (1), the default, kernel pointers
printed using the %pK format specifier will be replaced with 0's
unless the user has CAP_SYSLOG. When kptr_restrict is set to
(2), kernel pointers printed using %pK will be replaced with 0's
diff -puN lib/vsprintf.c~kptr_restrict-for-hiding-kernel-pointers-v6 lib/vsprintf.c
--- a/lib/vsprintf.c~kptr_restrict-for-hiding-kernel-pointers-v6
+++ a/lib/vsprintf.c
@@ -936,7 +936,7 @@ char *uuid_string(char *buf, char *end,
return string(buf, end, uuid, spec);
}
-int kptr_restrict;
+int kptr_restrict = 1;
/*
* Show a '%p' thing. A kernel extension is that the '%p' is followed
@@ -1043,13 +1043,16 @@ char *pointer(const char *fmt, char *buf
* %pK cannot be used in IRQ context because its test
* for CAP_SYSLOG would be meaningless.
*/
- if (in_irq() || in_serving_softirq() || in_nmi())
- WARN_ONCE(1, "%%pK used in interrupt context.\n");
+ if (in_irq() || in_serving_softirq() || in_nmi()) {
+ if (spec.field_width == -1)
+ spec.field_width = 2 * sizeof(void *);
+ return string(buf, end, "pK-error", spec);
+ }
- if (!kptr_restrict)
+ else if (!kptr_restrict)
break; /* %pK does not obscure pointers */
- if ((kptr_restrict != 2) &&
+ else if ((kptr_restrict != 2) &&
has_capability_noaudit(current, CAP_SYSLOG))
break; /* privileged apps expose pointers,
unless kptr_restrict is 2 */
_
Patches currently in -mm which might be from drosenberg@xxxxxxxxxxxxx are
origin.patch
kptr_restrict-for-hiding-kernel-pointers-from-unprivileged-users.patch
kptr_restrict-for-hiding-kernel-pointers-v7.patch
kptr_restrict-for-hiding-kernel-pointers-v7-fix.patch
kptr_restrict-fix-build-when-printk-not-enabled.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
