44 строки
1015 B
C
44 строки
1015 B
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* ksyms_common.c: A split of kernel/kallsyms.c
|
|
* Contains a few generic function definations independent of config KALLSYMS.
|
|
*/
|
|
#include <linux/kallsyms.h>
|
|
#include <linux/security.h>
|
|
|
|
static inline int kallsyms_for_perf(void)
|
|
{
|
|
#ifdef CONFIG_PERF_EVENTS
|
|
extern int sysctl_perf_event_paranoid;
|
|
|
|
if (sysctl_perf_event_paranoid <= 1)
|
|
return 1;
|
|
#endif
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* We show kallsyms information even to normal users if we've enabled
|
|
* kernel profiling and are explicitly not paranoid (so kptr_restrict
|
|
* is clear, and sysctl_perf_event_paranoid isn't set).
|
|
*
|
|
* Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to
|
|
* block even that).
|
|
*/
|
|
bool kallsyms_show_value(const struct cred *cred)
|
|
{
|
|
switch (kptr_restrict) {
|
|
case 0:
|
|
if (kallsyms_for_perf())
|
|
return true;
|
|
fallthrough;
|
|
case 1:
|
|
if (security_capable(cred, &init_user_ns, CAP_SYSLOG,
|
|
CAP_OPT_NOAUDIT) == 0)
|
|
return true;
|
|
fallthrough;
|
|
default:
|
|
return false;
|
|
}
|
|
}
|