Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/kern Don't leak kernel pointers to userland in kern.file...



details:   https://anonhg.NetBSD.org/src/rev/84ac565bcbc0
branches:  trunk
changeset: 993466:84ac565bcbc0
user:      maxv <maxv%NetBSD.org@localhost>
date:      Thu Sep 13 14:44:09 2018 +0000

description:
Don't leak kernel pointers to userland in kern.file2, same as kern.proc2.

diffstat:

 sys/kern/kern_descrip.c |  31 +++++++++++++++++++++++--------
 1 files changed, 23 insertions(+), 8 deletions(-)

diffs (75 lines):

diff -r f4b7245cfb62 -r 84ac565bcbc0 sys/kern/kern_descrip.c
--- a/sys/kern/kern_descrip.c   Thu Sep 13 12:53:00 2018 +0000
+++ b/sys/kern/kern_descrip.c   Thu Sep 13 14:44:09 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_descrip.c,v 1.236 2018/09/03 16:29:35 riastradh Exp $     */
+/*     $NetBSD: kern_descrip.c,v 1.237 2018/09/13 14:44:09 maxv Exp $  */
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.236 2018/09/03 16:29:35 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_descrip.c,v 1.237 2018/09/13 14:44:09 maxv Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -2283,35 +2283,50 @@
        return error;
 }
 
+#define SET_KERN_ADDR(dst, src, allow) \
+       do {                            \
+               if (allow)              \
+                       dst = src;      \
+       } while (0);
+
 static void
 fill_file(struct kinfo_file *kp, const file_t *fp, const fdfile_t *ff,
          int i, pid_t pid)
 {
+       bool allowaddr;
+       int error;
+
+       /* If not privileged, don't expose kernel addresses. */
+       error = kauth_authorize_process(kauth_cred_get(), KAUTH_PROCESS_CANSEE,
+           curproc, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_KPTR), NULL, NULL);
+       allowaddr = (error == 0);
 
        memset(kp, 0, sizeof(*kp));
 
-       kp->ki_fileaddr =       PTRTOUINT64(fp);
+       SET_KERN_ADDR(kp->ki_fileaddr, PTRTOUINT64(fp), allowaddr);
        kp->ki_flag =           fp->f_flag;
        kp->ki_iflags =         0;
        kp->ki_ftype =          fp->f_type;
        kp->ki_count =          fp->f_count;
        kp->ki_msgcount =       fp->f_msgcount;
-       kp->ki_fucred =         PTRTOUINT64(fp->f_cred);
+       SET_KERN_ADDR(kp->ki_fucred, PTRTOUINT64(fp->f_cred), allowaddr);
        kp->ki_fuid =           kauth_cred_geteuid(fp->f_cred);
        kp->ki_fgid =           kauth_cred_getegid(fp->f_cred);
-       kp->ki_fops =           PTRTOUINT64(fp->f_ops);
+       SET_KERN_ADDR(kp->ki_fops, PTRTOUINT64(fp->f_ops), allowaddr);
        kp->ki_foffset =        fp->f_offset;
-       kp->ki_fdata =          PTRTOUINT64(fp->f_data);
+       SET_KERN_ADDR(kp->ki_fdata, PTRTOUINT64(fp->f_data), allowaddr);
 
        /* vnode information to glue this file to something */
        if (fp->f_type == DTYPE_VNODE) {
                struct vnode *vp = fp->f_vnode;
 
-               kp->ki_vun =    PTRTOUINT64(vp->v_un.vu_socket);
+               SET_KERN_ADDR(kp->ki_vun, PTRTOUINT64(vp->v_un.vu_socket),
+                   allowaddr);
                kp->ki_vsize =  vp->v_size;
                kp->ki_vtype =  vp->v_type;
                kp->ki_vtag =   vp->v_tag;
-               kp->ki_vdata =  PTRTOUINT64(vp->v_data);
+               SET_KERN_ADDR(kp->ki_vdata, PTRTOUINT64(vp->v_data),
+                   allowaddr);
        }
 
        /* process information when retrieved via KERN_FILE_BYPID */



Home | Main Index | Thread Index | Old Index