Re: /dev/ksyms permissions

In article , Maxime Villard wrote: >Le 18/01/2018 à 13:43, Tom Ivar Helbekkmo a écrit : >> Maxime Villard writes: >> >>> Well, looking at the code, it seems to me that _kvm_open() should be >>> changed to

Re: /dev/ksyms permissions

Le 18/01/2018 à 13:43, Tom Ivar Helbekkmo a écrit : Maxime Villard writes: Well, looking at the code, it seems to me that _kvm_open() should be changed to keep /dev/ksyms open, the same way it keeps /dev/kmem open. Agreed. This works fine for me, with and without

Re: /dev/ksyms permissions

Maxime Villard writes: >> Agreed. This works fine for me, with and without /dev/ksyms present: >> >> Index: lib/libkvm/kvm.c >> [...] > > So, I guess I can commit it? I've been running with that modification (and /dev/ksyms mode 440 and group kmem) on all my systems since

Re: /dev/ksyms permissions

Maxime Villard writes: > Well, looking at the code, it seems to me that _kvm_open() should be > changed to keep /dev/ksyms open, the same way it keeps /dev/kmem open. Agreed. This works fine for me, with and without /dev/ksyms present: Index: lib/libkvm/kvm.c

Re: /dev/ksyms permissions

Le 18/01/2018 à 11:03, Tom Ivar Helbekkmo a écrit : Maxime Villard writes: So, making /dev/ksyms 440 root:kmem should not break anything. If it does, then there's a bug in the offending tool in the first place. Agreed. systat is one of them. It takes care to call

Re: /dev/ksyms permissions

Maxime Villard writes: > So, making /dev/ksyms 440 root:kmem should not break anything. > > If it does, then there's a bug in the offending tool in the first place. Agreed. systat is one of them. It takes care to call kvm_openfiles() while setgid kmem, but kvm_openfiles()

Re: /dev/ksyms permissions

Le 17/01/2018 à 21:43, Anders Magnusson a écrit : Den 2018-01-17 kl. 20:20, skrev Mouse: Maybe group kmem read, but that might require more elevated privileges in the programs that uses ksyms. What program uses ksyms now that doesn't require at least group kmem? You cannot give up kmem read

Re: /dev/ksyms permissions

On Wed, Jan 17, 2018 at 07:19:32PM +0100, Anders Magnusson wrote: > libkvm uses it to get the kernel symbol namelist instead of reading /netbsd > for it (originally kvmdb, which was retired when ksyms was added). > Programs like ps, netstat etc... uses it to find in-kernel stuff, so you > cannot

Re: /dev/ksyms permissions

Den 2018-01-17 kl. 20:20, skrev Mouse: Maybe group kmem read, but that might require more elevated privileges in the programs that uses ksyms. What program uses ksyms now that doesn't require at least group kmem? You cannot give up kmem read privileges when calling ksyms read routines. I

Re: /dev/ksyms permissions

>>> Maybe group kmem read, but that might require more elevated >>> privileges in the programs that uses ksyms. >> What program uses ksyms now that doesn't require at least group kmem? > You cannot give up kmem read privileges when calling ksyms read > routines. I don't see why not - or, at

Re: /dev/ksyms permissions

Den 2018-01-17 kl. 20:03, skrev Mouse: Maybe group kmem read, but that might require more elevated privileges in the programs that uses ksyms. What program uses ksyms now that doesn't require at least group kmem? You cannot give up kmem read privileges when calling ksyms read routines.

Re: /dev/ksyms permissions

> libkvm uses it to get the kernel symbol namelist instead of reading > /netbsd for it (originally kvmdb, which was retired when ksyms was > added). Programs like ps, netstat etc... uses it to find in-kernel > stuff, so you cannot change it to require root privs to be read. But the symbol values

Re: /dev/ksyms permissions

In article <20180117152524.ga11...@sdf.org>, wrote: >-=-=-=-=-=- > >This leaks information that unprivileged user probably has no reason to >own: > >> cat /dev/ksyms > ksyms >> readelf -a ksyms |wc -l > 47594 > >Any strong reason not to apply the following? >Presumably it will

Re: /dev/ksyms permissions

libkvm uses it to get the kernel symbol namelist instead of reading /netbsd for it (originally kvmdb, which was retired when ksyms was added). Programs like ps, netstat etc... uses it to find in-kernel stuff, so you cannot change it to require root privs to be read. Maybe group kmem read, but

/dev/ksyms permissions

This leaks information that unprivileged user probably has no reason to own: > cat /dev/ksyms > ksyms > readelf -a ksyms |wc -l 47594 Any strong reason not to apply the following? Presumably it will have benefits for GENERIC_KASLR, or people with Intel CPUs :-) Index: MAKEDEV.tmpl