mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-12-28 16:56:26 +00:00
44 lines
1015 B
C
44 lines
1015 B
C
|
// SPDX-License-Identifier: GPL-2.0-only
|
||
|
/*
|
||
|
* ksyms_common.c: A split of kernel/kallsyms.c
|
||
|
* Contains a few generic function definations independent of config KALLSYMS.
|
||
|
*/
|
||
|
#include <linux/kallsyms.h>
|
||
|
#include <linux/security.h>
|
||
|
|
||
|
static inline int kallsyms_for_perf(void)
|
||
|
{
|
||
|
#ifdef CONFIG_PERF_EVENTS
|
||
|
extern int sysctl_perf_event_paranoid;
|
||
|
|
||
|
if (sysctl_perf_event_paranoid <= 1)
|
||
|
return 1;
|
||
|
#endif
|
||
|
return 0;
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
* We show kallsyms information even to normal users if we've enabled
|
||
|
* kernel profiling and are explicitly not paranoid (so kptr_restrict
|
||
|
* is clear, and sysctl_perf_event_paranoid isn't set).
|
||
|
*
|
||
|
* Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to
|
||
|
* block even that).
|
||
|
*/
|
||
|
bool kallsyms_show_value(const struct cred *cred)
|
||
|
{
|
||
|
switch (kptr_restrict) {
|
||
|
case 0:
|
||
|
if (kallsyms_for_perf())
|
||
|
return true;
|
||
|
fallthrough;
|
||
|
case 1:
|
||
|
if (security_capable(cred, &init_user_ns, CAP_SYSLOG,
|
||
|
CAP_OPT_NOAUDIT) == 0)
|
||
|
return true;
|
||
|
fallthrough;
|
||
|
default:
|
||
|
return false;
|
||
|
}
|
||
|
}
|