Commit f1a41453 authored Jul 09, 2023 by Yafang Shao Committed by Alexei Starovoitov Jul 11, 2023

bpf: Protect probed address based on kptr_restrict setting

The probed address can be accessed by userspace through querying the task
file descriptor (fd). However, it is crucial to adhere to the kptr_restrict
setting and refrain from exposing the address if it is not permitted.

Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230709025630.3735-5-laoar.shao@gmail.com

Signed-off-by: Alexei Starovoitov <ast@kernel.org>

parent edd7f49b

kernel/trace/trace_kprobe.c

+4 −1

Original line number	Diff line number	Diff line
		@@ -1551,7 +1551,10 @@ int bpf_get_kprobe_info(const struct perf_event event, u32 fd_type,
		} else {
		*symbol = NULL;
		*probe_offset = 0;
		if (kallsyms_show_value(current_cred()))
		*probe_addr = (unsigned long)tk->rp.kp.addr;
		else
		*probe_addr = 0;
		}
		return 0;
		}