From patchwork Tue Jan 11 23:54:17 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 78492 X-Patchwork-Delegate: tim.gardner@canonical.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 1C047B70A3 for ; Wed, 12 Jan 2011 10:54:34 +1100 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Pco2g-0007SR-Oe; Tue, 11 Jan 2011 23:54:22 +0000 Received: from smtp.outflux.net ([198.145.64.163]) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Pco2d-0007SH-Uw for kernel-team@lists.ubuntu.com; Tue, 11 Jan 2011 23:54:20 +0000 Received: from www.outflux.net (serenity-end.outflux.net [10.2.0.2]) by vinyl.outflux.net (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id p0BNsIKa030807 for ; Tue, 11 Jan 2011 15:54:18 -0800 Date: Tue, 11 Jan 2011 15:54:17 -0800 From: Kees Cook To: kernel-team@lists.ubuntu.com Subject: [PATCH] UBUNTU: SAUCE: kernel: make /proc/kallsyms mode 400 to reduce ease of attacking Message-ID: <20110111235417.GN4979@outflux.net> MIME-Version: 1.0 Content-Disposition: inline Organization: Ubuntu X-MIMEDefang-Filter: outflux$Revision: 1.316 $ X-HELO: www.outflux.net X-Scanned-By: MIMEDefang 2.67 on 10.2.0.1 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.13 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com Making /proc/kallsyms readable only for root makes it harder for attackers to write generic kernel exploits by removing one source of knowledge where things are in the kernel. This is the second submit, discussion happened on this on first submit and mostly concerned that this is just one hole of the sieve ... but one of the bigger ones. Changing the permissions of at least System.map and vmlinux is also required to fix the same set, but a packaging issue. Target of this starter patch and follow ups is removing any kind of kernel space address information leak from the kernel. Ciao, Marcus [not upstream because some old sysklog daemons have a bug with this] OriginalAuthor: Marcus Meissner Signed-off-by: Marcus Meissner Acked-by: Tejun Heo Acked-by: Eugene Teo Reviewed-by: Jesper Juhl Signed-off-by: Kees Cook --- kernel/kallsyms.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c index 6f6d091..a8db257 100644 --- a/kernel/kallsyms.c +++ b/kernel/kallsyms.c @@ -546,7 +546,7 @@ static const struct file_operations kallsyms_operations = { static int __init kallsyms_init(void) { - proc_create("kallsyms", 0444, NULL, &kallsyms_operations); + proc_create("kallsyms", 0400, NULL, &kallsyms_operations); return 0; } device_initcall(kallsyms_init);