kallsyms: Refactor kallsyms_show_value() to take cred
commit 160251842c upstream.
In order to perform future tests against the cred saved during open(),
switch kallsyms_show_value() to operate on a cred, and have all current
callers pass current_cred(). This makes it very obvious where callers
are checking the wrong credential in their "read" contexts. These will
be fixed in the coming patches.
Additionally switch return value to bool, since it is always used as a
direct permission check, not a 0-on-success, negative-on-error style
function return.
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Kees Cook
committed by
Greg Kroah-Hartman
Greg Kroah-Hartman
parent
79aaeec712
commit
2a6c8d3d0d
@ -4391,7 +4391,7 @@ static int modules_open(struct inode *inode, struct file *file)
|
||||
|
||||
if (!err) {
|
||||
struct seq_file *m = file->private_data;
|
||||
m->private = kallsyms_show_value() ? NULL : (void *)8ul;
|
||||
m->private = kallsyms_show_value(current_cred()) ? NULL : (void *)8ul;
|
||||
}
|
||||
|
||||
return err;
|
||||
|
||||
Reference in New Issue
Block a user