[PATCH] [natty] proc: hide kernel addresses via %pK in /proc/<pid>/stack

Kees Cook kees at ubuntu.com
Thu Feb 24 00:42:27 UTC 2011


[in -mm as proc-hide-kernel-addresses-via-%pk-in-proc-pid-stack.patch]

OriginalAuthor: Konstantin Khlebnikov <khlebnikov at openvz.org>

This file is readable for the task owner.  Hide kernel addresses from
unprivileged users, leave them function names and offsets.

Signed-off-by: Konstantin Khlebnikov <khlebnikov at openvz.org>
Acked-by: Kees Cook <kees.cook at canonical.com>
Cc: Alexey Dobriyan <adobriyan at gmail.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
---

 fs/proc/base.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff -puN fs/proc/base.c~proc-hide-kernel-addresses-via-%pk-in-proc-pid-stack fs/proc/base.c
--- a/fs/proc/base.c~proc-hide-kernel-addresses-via-%pk-in-proc-pid-stack
+++ a/fs/proc/base.c
@@ -340,7 +340,7 @@ static int proc_pid_stack(struct seq_fil
 	save_stack_trace_tsk(task, &trace);
 
 	for (i = 0; i < trace.nr_entries; i++) {
-		seq_printf(m, "[<%p>] %pS\n",
+		seq_printf(m, "[<%pK>] %pS\n",
 			   (void *)entries[i], (void *)entries[i]);
 	}
 	kfree(entries);


-- 
Kees Cook
Ubuntu Security Team




More information about the kernel-team mailing list