linux-stable/kernel/ksyms_common.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 * ksyms_common.c: A split of kernel/kallsyms.c
 * Contains a few generic function definations independent of config KALLSYMS.
 */
#include <linux/kallsyms.h>
#include <linux/security.h>

static inline int kallsyms_for_perf(void)
{
#ifdef CONFIG_PERF_EVENTS
	extern int sysctl_perf_event_paranoid;

	if (sysctl_perf_event_paranoid <= 1)
		return 1;
#endif
	return 0;
}

/*
 * We show kallsyms information even to normal users if we've enabled
 * kernel profiling and are explicitly not paranoid (so kptr_restrict
 * is clear, and sysctl_perf_event_paranoid isn't set).
 *
 * Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to
 * block even that).
 */
bool kallsyms_show_value(const struct cred *cred)
{
	switch (kptr_restrict) {
	case 0:
		if (kallsyms_for_perf())
			return true;
		fallthrough;
	case 1:
		if (security_capable(cred, &init_user_ns, CAP_SYSLOG,
				     CAP_OPT_NOAUDIT) == 0)
			return true;
		fallthrough;
	default:
		return false;
	}
}
kallsyms: move kallsyms_show_value() out of kallsyms.c function kallsyms_show_value() is used by other parts like modules_open(), kprobes_read() etc. which can work in case of !KALLSYMS also. e.g. as of now lsmod do not show module address if KALLSYMS is disabled. since kallsyms_show_value() defination is not present, it returns false in !KALLSYMS. / # lsmod test 12288 0 - Live 0x0000000000000000 (O) So kallsyms_show_value() can be made generic without dependency on KALLSYMS. Thus moving out function to a new file ksyms_common.c. With this patch code is just moved to new file and no functional change. Co-developed-by: Onkarnath <onkarnath.1@samsung.com> Signed-off-by: Onkarnath <onkarnath.1@samsung.com> Signed-off-by: Maninder Singh <maninder1.s@samsung.com> Reviewed-by: Zhen Lei <thunder.leizhen@huawei.com> Signed-off-by: Luis Chamberlain <mcgrof@kernel.org> 2023-06-08 03:31:18 +00:00			`// SPDX-License-Identifier: GPL-2.0-only`
			`/*`
			`* ksyms_common.c: A split of kernel/kallsyms.c`
			`* Contains a few generic function definations independent of config KALLSYMS.`
			`*/`
			`#include <linux/kallsyms.h>`
			`#include <linux/security.h>`

			`static inline int kallsyms_for_perf(void)`
			`{`
			`#ifdef CONFIG_PERF_EVENTS`
			`extern int sysctl_perf_event_paranoid;`

			`if (sysctl_perf_event_paranoid <= 1)`
			`return 1;`
			`#endif`
			`return 0;`
			`}`

			`/*`
			`* We show kallsyms information even to normal users if we've enabled`
			`* kernel profiling and are explicitly not paranoid (so kptr_restrict`
			`* is clear, and sysctl_perf_event_paranoid isn't set).`
			`*`
			`* Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to`
			`* block even that).`
			`*/`
			`bool kallsyms_show_value(const struct cred *cred)`
			`{`
			`switch (kptr_restrict) {`
			`case 0:`
			`if (kallsyms_for_perf())`
			`return true;`
			`fallthrough;`
			`case 1:`
			`if (security_capable(cred, &init_user_ns, CAP_SYSLOG,`
			`CAP_OPT_NOAUDIT) == 0)`
			`return true;`
			`fallthrough;`
			`default:`
			`return false;`
			`}`
			`}`