Commit 6eea242f authored by Petr Mladek's avatar Petr Mladek
Browse files

vsprintf: Shuffle restricted_pointer() 

This is just a preparation step for further changes.

The patch does not change the code.

Link: http://lkml.kernel.org/r/20190417115350.20479-2-pmladek@suse.com


To: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Tobin C . Harding" <me@tobin.cc>
Cc: Joe Perches <joe@perches.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Michal Hocko <mhocko@suse.cz>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: linux-kernel@vger.kernel.org
Reviewed-by: default avatarAndy Shevchenko <andriy.shevchenko@linux.intel.com>
Reviewed-by: default avatarSergey Senozhatsky <sergey.senozhatsky@gmail.com>
Signed-off-by: default avatarPetr Mladek <pmladek@suse.com>
parent c4703acd

lib/vsprintf.c

+49 −49
Original line number Diff line number Diff line
@@ -717,6 +717,55 @@ static char *ptr_to_id(char *buf, char *end, const void *ptr, 
	return pointer_string(buf, end, (const void *)hashval, spec);

}



int kptr_restrict __read_mostly;



static noinline_for_stack

char *restricted_pointer(char *buf, char *end, const void *ptr,

			 struct printf_spec spec)

{

	switch (kptr_restrict) {

	case 0:

		/* Always print %pK values */

		break;

	case 1: {

		const struct cred *cred;



		/*

		 * kptr_restrict==1 cannot be used in IRQ context

		 * because its test for CAP_SYSLOG would be meaningless.

		 */

		if (in_irq() || in_serving_softirq() || in_nmi()) {

			if (spec.field_width == -1)

				spec.field_width = 2 * sizeof(ptr);

			return string(buf, end, "pK-error", spec);

		}



		/*

		 * Only print the real pointer value if the current

		 * process has CAP_SYSLOG and is running with the

		 * same credentials it started with. This is because

		 * access to files is checked at open() time, but %pK

		 * checks permission at read() time. We don't want to

		 * leak pointer values if a binary opens a file using

		 * %pK and then elevates privileges before reading it.

		 */

		cred = current_cred();

		if (!has_capability_noaudit(current, CAP_SYSLOG) ||

		    !uid_eq(cred->euid, cred->uid) ||

		    !gid_eq(cred->egid, cred->gid))

			ptr = NULL;

		break;

	}

	case 2:

	default:

		/* Always print 0's for %pK */

		ptr = NULL;

		break;

	}



	return pointer_string(buf, end, ptr, spec);

}



static noinline_for_stack

char *dentry_name(char *buf, char *end, const struct dentry *d, struct printf_spec spec,

		  const char *fmt)
@@ -1476,55 +1525,6 @@ char *uuid_string(char *buf, char *end, const u8 *addr, 
	return string(buf, end, uuid, spec);

}



int kptr_restrict __read_mostly;



static noinline_for_stack

char *restricted_pointer(char *buf, char *end, const void *ptr,

			 struct printf_spec spec)

{

	switch (kptr_restrict) {

	case 0:

		/* Always print %pK values */

		break;

	case 1: {

		const struct cred *cred;



		/*

		 * kptr_restrict==1 cannot be used in IRQ context

		 * because its test for CAP_SYSLOG would be meaningless.

		 */

		if (in_irq() || in_serving_softirq() || in_nmi()) {

			if (spec.field_width == -1)

				spec.field_width = 2 * sizeof(ptr);

			return string(buf, end, "pK-error", spec);

		}



		/*

		 * Only print the real pointer value if the current

		 * process has CAP_SYSLOG and is running with the

		 * same credentials it started with. This is because

		 * access to files is checked at open() time, but %pK

		 * checks permission at read() time. We don't want to

		 * leak pointer values if a binary opens a file using

		 * %pK and then elevates privileges before reading it.

		 */

		cred = current_cred();

		if (!has_capability_noaudit(current, CAP_SYSLOG) ||

		    !uid_eq(cred->euid, cred->uid) ||

		    !gid_eq(cred->egid, cred->gid))

			ptr = NULL;

		break;

	}

	case 2:

	default:

		/* Always print 0's for %pK */

		ptr = NULL;

		break;

	}



	return pointer_string(buf, end, ptr, spec);

}



static noinline_for_stack

char *netdev_bits(char *buf, char *end, const void *addr,

		  struct printf_spec spec,  const char *fmt)

CRA Git | Maintained and supported by SUSTech CRA and CCSE