Revision - 4ae69e6 - mmap_min_addr check CAP_SYS_RAWIO only for write - origin: https://github.com/torvalds/linux

visit type:

https://github.com/torvalds/linux

23 October 2021, 00:29:24 UTC

Revision 4ae69e6b718589abe97c9625ccbb1e0bc95a8c0e authored by Kees Cook on 22 April 2010, 19:19:17 UTC, committed by James Morris on 14 May 2010, 09:03:15 UTC

mmap_min_addr check CAP_SYS_RAWIO only for write

Redirecting directly to lsm, here's the patch discussed on lkml:
http://lkml.org/lkml/2010/4/22/219

The mmap_min_addr value is useful information for an admin to see without
being root ("is my system vulnerable to kernel NULL pointer attacks?") and
its setting is trivially easy for an attacker to determine by calling
mmap() in PAGE_SIZE increments starting at 0, so trying to keep it private
has no value.

Only require CAP_SYS_RAWIO if changing the value, not reading it.

Comment from Serge :

  Me, I like to write my passwords with light blue pen on dark blue
  paper, pasted on my window - if you're going to get my password, you're
  gonna get a headache.

Signed-off-by: Kees Cook <kees.cook@canonical.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
(cherry picked from commit 822cceec7248013821d655545ea45d1c6a9d15b3)

1 parent 6a251b0

Files
Changes

Permalinks

Tip revision: 4ae69e6b718589abe97c9625ccbb1e0bc95a8c0e authored by Kees Cook on 22 April 2010, 19:19:17 UTC
mmap_min_addr check CAP_SYS_RAWIO only for write

Tip revision: 4ae69e6

File	Mode	Size
lzo
reed_solomon
zlib_deflate
zlib_inflate
.gitignore	-rw-r--r--	51 bytes
Kconfig	-rw-r--r--	4.1 KB
Kconfig.debug	-rw-r--r--	37.5 KB
Kconfig.kgdb	-rw-r--r--	1.8 KB
Kconfig.kmemcheck	-rw-r--r--	2.9 KB
Makefile	-rw-r--r--	3.4 KB
argv_split.c	-rw-r--r--	1.8 KB
atomic64.c	-rw-r--r--	4.1 KB
audit.c	-rw-r--r--	1.2 KB
bcd.c	-rw-r--r--	257 bytes
bitmap.c	-rw-r--r--	32.6 KB
bitrev.c	-rw-r--r--	2.1 KB
btree.c	-rw-r--r--	19.1 KB
bug.c	-rw-r--r--	4.6 KB
bust_spinlocks.c	-rw-r--r--	636 bytes
check_signature.c	-rw-r--r--	599 bytes
checksum.c	-rw-r--r--	4.9 KB
cmdline.c	-rw-r--r--	3.6 KB
cpumask.c	-rw-r--r--	4.6 KB
crc-ccitt.c	-rw-r--r--	3.0 KB
crc-itu-t.c	-rw-r--r--	2.8 KB
crc-t10dif.c	-rw-r--r--	2.9 KB
crc16.c	-rw-r--r--	2.8 KB
crc32.c	-rw-r--r--	14.3 KB
crc32defs.h	-rw-r--r--	1.0 KB
crc7.c	-rw-r--r--	2.3 KB
ctype.c	-rw-r--r--	1.3 KB
debug_locks.c	-rw-r--r--	1.1 KB
debugobjects.c	-rw-r--r--	24.0 KB
dec_and_lock.c	-rw-r--r--	782 bytes
decompress.c	-rw-r--r--	1.2 KB
decompress_bunzip2.c	-rw-r--r--	23.4 KB
decompress_inflate.c	-rw-r--r--	3.6 KB
decompress_unlzma.c	-rw-r--r--	15.5 KB
decompress_unlzo.c	-rw-r--r--	4.9 KB
devres.c	-rw-r--r--	7.7 KB
div64.c	-rw-r--r--	2.3 KB
dma-debug.c	-rw-r--r--	31.5 KB
dump_stack.c	-rw-r--r--	290 bytes
dynamic_debug.c	-rw-r--r--	18.0 KB
extable.c	-rw-r--r--	2.4 KB
fault-inject.c	-rw-r--r--	7.9 KB
find_last_bit.c	-rw-r--r--	1.1 KB
find_next_bit.c	-rw-r--r--	6.4 KB
flex_array.c	-rw-r--r--	9.2 KB
gcd.c	-rw-r--r--	291 bytes
gen_crc32table.c	-rw-r--r--	1.8 KB
genalloc.c	-rw-r--r--	5.1 KB
halfmd4.c	-rw-r--r--	2.0 KB
hexdump.c	-rw-r--r--	6.1 KB
hweight.c	-rw-r--r--	1.8 KB
idr.c	-rw-r--r--	21.4 KB
inflate.c	-rw-r--r--	38.6 KB
int_sqrt.c	-rw-r--r--	533 bytes
iomap.c	-rw-r--r--	7.4 KB
iomap_copy.c	-rw-r--r--	2.1 KB
iommu-helper.c	-rw-r--r--	1.2 KB
ioremap.c	-rw-r--r--	2.1 KB
irq_regs.c	-rw-r--r--	578 bytes
is_single_threaded.c	-rw-r--r--	1.3 KB
kasprintf.c	-rw-r--r--	704 bytes
kernel_lock.c	-rw-r--r--	3.2 KB
klist.c	-rw-r--r--	9.3 KB
kobject.c	-rw-r--r--	20.9 KB
kobject_uevent.c	-rw-r--r--	8.4 KB
kref.c	-rw-r--r--	1.9 KB
lcm.c	-rw-r--r--	265 bytes
libcrc32c.c	-rw-r--r--	2.1 KB
list_debug.c	-rw-r--r--	1.5 KB
list_sort.c	-rw-r--r--	5.3 KB
lmb.c	-rw-r--r--	11.7 KB
locking-selftest-hardirq.h	-rw-r--r--	207 bytes
locking-selftest-mutex.h	-rw-r--r--	120 bytes
locking-selftest-rlock-hardirq.h	-rw-r--r--	74 bytes
locking-selftest-rlock-softirq.h	-rw-r--r--	74 bytes
locking-selftest-rlock.h	-rw-r--r--	158 bytes
locking-selftest-rsem.h	-rw-r--r--	163 bytes
locking-selftest-softirq.h	-rw-r--r--	207 bytes
locking-selftest-spin-hardirq.h	-rw-r--r--	73 bytes
locking-selftest-spin-softirq.h	-rw-r--r--	73 bytes
locking-selftest-spin.h	-rw-r--r--	118 bytes
locking-selftest-wlock-hardirq.h	-rw-r--r--	74 bytes
locking-selftest-wlock-softirq.h	-rw-r--r--	74 bytes
locking-selftest-wlock.h	-rw-r--r--	158 bytes
locking-selftest-wsem.h	-rw-r--r--	163 bytes
locking-selftest.c	-rw-r--r--	28.6 KB
lru_cache.c	-rw-r--r--	14.6 KB
nlattr.c	-rw-r--r--	12.2 KB
parser.c	-rw-r--r--	6.1 KB
percpu_counter.c	-rw-r--r--	3.2 KB
plist.c	-rw-r--r--	2.9 KB
prio_heap.c	-rw-r--r--	1.4 KB
prio_tree.c	-rw-r--r--	12.2 KB
proportions.c	-rw-r--r--	9.3 KB
radix-tree.c	-rw-r--r--	32.0 KB
random32.c	-rw-r--r--	3.8 KB
ratelimit.c	-rw-r--r--	1.5 KB
rational.c	-rw-r--r--	1.5 KB
rbtree.c	-rw-r--r--	8.5 KB
reciprocal_div.c	-rw-r--r--	159 bytes
rwsem-spinlock.c	-rw-r--r--	6.9 KB
rwsem.c	-rw-r--r--	6.5 KB
scatterlist.c	-rw-r--r--	12.0 KB
sha1.c	-rw-r--r--	2.4 KB
show_mem.c	-rw-r--r--	1.3 KB
smp_processor_id.c	-rw-r--r--	1.1 KB
sort.c	-rw-r--r--	2.5 KB
spinlock_debug.c	-rw-r--r--	6.9 KB
string.c	-rw-r--r--	14.3 KB
string_helpers.c	-rw-r--r--	1.7 KB
swiotlb.c	-rw-r--r--	25.4 KB
syscall.c	-rw-r--r--	2.4 KB
textsearch.c	-rw-r--r--	9.6 KB
ts_bm.c	-rw-r--r--	5.3 KB
ts_fsm.c	-rw-r--r--	10.6 KB
ts_kmp.c	-rw-r--r--	4.3 KB
vsprintf.c	-rw-r--r--	49.6 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...