• Kees Cook's avatar
    printk: use %pK for /proc/kallsyms and /proc/modules · 9f36e2c4
    Kees Cook authored
    In an effort to reduce kernel address leaks that might be used to help
    target kernel privilege escalation exploits, this patch uses %pK when
    displaying addresses in /proc/kallsyms, /proc/modules, and
    /sys/module/*/sections/*.
    
    Note that this changes %x to %p, so some legitimately 0 values in
    /proc/kallsyms would have changed from 00000000 to "(null)".  To avoid
    this, "(null)" is not used when using the "K" format.  Anything that was
    already successfully parsing "(null)" in addition to full hex digits
    should have no problem with this change.  (Thanks to Joe Perches for the
    suggestion.) Due to the %x to %p, "void *" casts are needed since these
    addresses are already "unsigned long" everywhere internally, due to their
    starting life as ELF section offsets.
    Signed-off-by: default avatarKees Cook <kees.cook@canonical.com>
    Cc: Eugene Teo <eugene@redhat.com>
    Cc: Dan Rosenberg <drosenberg@vsecurity.com>
    Cc: Rusty Russell <rusty@rustcorp.com.au>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    9f36e2c4
kallsyms.c 12.9 KB