aboutsummaryrefslogtreecommitdiffstats
path: root/module/spl
diff options
context:
space:
mode:
authorSara Hartse <[email protected]>2019-04-04 18:57:06 -0700
committerBrian Behlendorf <[email protected]>2019-04-04 18:57:06 -0700
commita887d653b32aaba3fe04c7b25ff0091b9ea9c64e (patch)
tree6d0bd45a6d2080fce9223ae252f5c93782418dd7 /module/spl
parentaf6507930051e9ee481cad1130df84636c4a770c (diff)
Restrict kstats and print real pointers
There are several places where we use zfs_dbgmsg and %p to print pointers. In the Linux kernel, these values obfuscated to prevent information leaks which means the pointers aren't very useful for debugging crash dumps. We decided to restrict the permissions of dbgmsg (and some other kstats while we were at it) and print pointers with %px in zfs_dbgmsg as well as spl_dumpstack Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: John Gallagher <[email protected]> Signed-off-by: sara hartse <[email protected]> Closes #8467 Closes #8476
Diffstat (limited to 'module/spl')
-rw-r--r--module/spl/spl-kstat.c14
-rw-r--r--module/spl/spl-procfs-list.c3
2 files changed, 13 insertions, 4 deletions
diff --git a/module/spl/spl-kstat.c b/module/spl/spl-kstat.c
index 7207a35e0..feff31e6c 100644
--- a/module/spl/spl-kstat.c
+++ b/module/spl/spl-kstat.c
@@ -659,7 +659,7 @@ kstat_detect_collision(kstat_proc_entry_t *kpep)
* kstat.
*/
void
-kstat_proc_entry_install(kstat_proc_entry_t *kpep,
+kstat_proc_entry_install(kstat_proc_entry_t *kpep, mode_t mode,
const struct file_operations *file_ops, void *data)
{
kstat_module_t *module;
@@ -693,7 +693,7 @@ kstat_proc_entry_install(kstat_proc_entry_t *kpep,
list_add_tail(&kpep->kpe_list, &module->ksm_kstat_list);
kpep->kpe_owner = module;
- kpep->kpe_proc = proc_create_data(kpep->kpe_name, 0644,
+ kpep->kpe_proc = proc_create_data(kpep->kpe_name, mode,
module->ksm_proc, file_ops, data);
if (kpep->kpe_proc == NULL) {
list_del_init(&kpep->kpe_list);
@@ -710,7 +710,15 @@ void
__kstat_install(kstat_t *ksp)
{
ASSERT(ksp);
- kstat_proc_entry_install(&ksp->ks_proc, &proc_kstat_operations, ksp);
+ mode_t mode;
+ /* Specify permission modes for different kstats */
+ if (strncmp(ksp->ks_proc.kpe_name, "dbufs", KSTAT_STRLEN) == 0) {
+ mode = 0600;
+ } else {
+ mode = 0644;
+ }
+ kstat_proc_entry_install(
+ &ksp->ks_proc, mode, &proc_kstat_operations, ksp);
}
EXPORT_SYMBOL(__kstat_install);
diff --git a/module/spl/spl-procfs-list.c b/module/spl/spl-procfs-list.c
index 4902e0a56..f6a00da5c 100644
--- a/module/spl/spl-procfs-list.c
+++ b/module/spl/spl-procfs-list.c
@@ -201,6 +201,7 @@ static struct file_operations procfs_list_operations = {
void
procfs_list_install(const char *module,
const char *name,
+ mode_t mode,
procfs_list_t *procfs_list,
int (*show)(struct seq_file *f, void *p),
int (*show_header)(struct seq_file *f),
@@ -218,7 +219,7 @@ procfs_list_install(const char *module,
procfs_list->pl_node_offset = procfs_list_node_off;
kstat_proc_entry_init(&procfs_list->pl_kstat_entry, module, name);
- kstat_proc_entry_install(&procfs_list->pl_kstat_entry,
+ kstat_proc_entry_install(&procfs_list->pl_kstat_entry, mode,
&procfs_list_operations, procfs_list);
}
EXPORT_SYMBOL(procfs_list_install);