1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * ksyms_common.c: A split of kernel/kallsyms.c 4 * Contains a few generic function definations independent of config KALLSYMS. 5 */ 6 #include <linux/kallsyms.h> 7 #include <linux/security.h> 8 kallsyms_for_perf(void)9static inline int kallsyms_for_perf(void) 10 { 11 #ifdef CONFIG_PERF_EVENTS 12 extern int sysctl_perf_event_paranoid; 13 14 if (sysctl_perf_event_paranoid <= 1) 15 return 1; 16 #endif 17 return 0; 18 } 19 20 /* 21 * We show kallsyms information even to normal users if we've enabled 22 * kernel profiling and are explicitly not paranoid (so kptr_restrict 23 * is clear, and sysctl_perf_event_paranoid isn't set). 24 * 25 * Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to 26 * block even that). 27 */ kallsyms_show_value(const struct cred * cred)28bool kallsyms_show_value(const struct cred *cred) 29 { 30 switch (kptr_restrict) { 31 case 0: 32 if (kallsyms_for_perf()) 33 return true; 34 fallthrough; 35 case 1: 36 if (security_capable(cred, &init_user_ns, CAP_SYSLOG, 37 CAP_OPT_NOAUDIT) == 0) 38 return true; 39 fallthrough; 40 default: 41 return false; 42 } 43 } 44