Arch Linux

TJM

Member

Registered: 2016-09-18

Posts: 118

[Solved] Confused about kernel.kptr_restrict

Greetings everyone.
I'm currently on the kernel v6.1.61-1-lts. The kernel document reads, "When kptr_restrict is set to 0 (the default), the address is hashed before printing. (This is the equivalent to %p.)" However, in the real system, setting kernel.kptr_restrict to 0 seems no different compared to setting it to 1, where "kernel pointers printed using the %pK format specifier will be replaced with 0's unless the user has CAP_SYSLOG and effective user and group ids are equal to the real ids."

$ cat /proc/sys/kernel/kptr_restrict
0
$ tail /proc/modules
xhci_pci 24576 0 - Live 0x0000000000000000
i8042 49152 0 - Live 0x0000000000000000
sha512_ssse3 53248 0 - Live 0x0000000000000000
rtsx_pci 114688 1 rtsx_pci_sdmmc, Live 0x0000000000000000
xhci_pci_renesas 24576 1 xhci_pci, Live 0x0000000000000000
serio 28672 8 rmi_core,psmouse,serio_raw,atkbd,i8042, Live 0x0000000000000000
xfs 2244608 1 - Live 0x0000000000000000
libcrc32c 16384 4 nf_nat,nf_conntrack,nf_tables,xfs, Live 0x0000000000000000
crc32c_generic 16384 0 - Live 0x0000000000000000
crc32c_intel 24576 1 - Live 0x0000000000000000
$ tail /proc/kallsyms
0000000000000000 t bpf_prog_fbee7646fdd03110_sd_devices	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_egress	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_ingress	[bpf]
0000000000000000 t bpf_prog_ee0e253c78993a24_sd_devices	[bpf]
0000000000000000 t bpf_prog_5f1e575687748ea5_sd_devices	[bpf]
0000000000000000 t bpf_prog_ee0e253c78993a24_sd_devices	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_egress	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_ingress	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_egress	[bpf]
0000000000000000 t bpf_prog_6deef7357e7b4530_sd_fw_ingress	[bpf]
$ rg -v -e '^0000000000000000\s+' /proc/kallsyms | wc -l
0
$ rg -v '0000000000000000' /proc/modules | wc -l
0

Any ideas on why this happening ?

Last edited by TJM (2023-11-22 11:10:25)

loqs

Member

Registered: 2014-03-06

Posts: 18,877

Re: [Solved] Confused about kernel.kptr_restrict

Did the user you ran the commands as have CAP_SYSLOG and effective user and group ids are equal to the real ids?

Last edited by loqs (2023-11-08 10:57:56)

ArthurBorsboom

Member

Registered: 2014-05-20

Posts: 56

Re: [Solved] Confused about kernel.kptr_restrict

I have tested on my system with kernel 6.5.9 and I noticed that

tail /proc/modules

returns only the addresses when run by root, regardless of the kptr_restrict setting.

arthur@z97:~$ tail /proc/modules
drm_ttm_helper 12288 1 amdgpu, Live 0x0000000000000000
ttm 110592 2 amdgpu,drm_ttm_helper, Live 0x0000000000000000
video 77824 2 asus_wmi,amdgpu, Live 0x0000000000000000
wmi 45056 3 asus_wmi,wmi_bmof,video, Live 0x0000000000000000
drm_suballoc_helper 12288 1 amdgpu, Live 0x0000000000000000
amdxcp 12288 1 amdgpu, Live 0x0000000000000000
drm_buddy 20480 1 amdgpu, Live 0x0000000000000000
gpu_sched 57344 1 amdgpu, Live 0x0000000000000000
drm_display_helper 229376 1 amdgpu, Live 0x0000000000000000
cec 86016 1 drm_display_helper, Live 0x0000000000000000

arthur@z97:~$ sudo tail /proc/modules
drm_ttm_helper 12288 1 amdgpu, Live 0xffffffffc0436000
ttm 110592 2 amdgpu,drm_ttm_helper, Live 0xffffffffc040d000
video 77824 2 asus_wmi,amdgpu, Live 0xffffffffc03ef000
wmi 45056 3 asus_wmi,wmi_bmof,video, Live 0xffffffffc03d9000
drm_suballoc_helper 12288 1 amdgpu, Live 0xffffffffc03d1000
amdxcp 12288 1 amdgpu, Live 0xffffffffc03c9000
drm_buddy 20480 1 amdgpu, Live 0xffffffffc03bc000
gpu_sched 57344 1 amdgpu, Live 0xffffffffc03a1000
drm_display_helper 229376 1 amdgpu, Live 0xffffffffc034f000
cec 86016 1 drm_display_helper, Live 0xffffffffc032e000

Is that of any help to you?

TJM

Member

Registered: 2016-09-18

Posts: 118

Re: [Solved] Confused about kernel.kptr_restrict

I have tested on my system with kernel 6.5.9 and I noticed that

tail /proc/modules

returns only the addresses when run by root, regardless of the kptr_restrict setting.

arthur@z97:~$ tail /proc/modules
drm_ttm_helper 12288 1 amdgpu, Live 0x0000000000000000
ttm 110592 2 amdgpu,drm_ttm_helper, Live 0x0000000000000000
video 77824 2 asus_wmi,amdgpu, Live 0x0000000000000000
wmi 45056 3 asus_wmi,wmi_bmof,video, Live 0x0000000000000000
drm_suballoc_helper 12288 1 amdgpu, Live 0x0000000000000000
amdxcp 12288 1 amdgpu, Live 0x0000000000000000
drm_buddy 20480 1 amdgpu, Live 0x0000000000000000
gpu_sched 57344 1 amdgpu, Live 0x0000000000000000
drm_display_helper 229376 1 amdgpu, Live 0x0000000000000000
cec 86016 1 drm_display_helper, Live 0x0000000000000000

arthur@z97:~$ sudo tail /proc/modules
drm_ttm_helper 12288 1 amdgpu, Live 0xffffffffc0436000
ttm 110592 2 amdgpu,drm_ttm_helper, Live 0xffffffffc040d000
video 77824 2 asus_wmi,amdgpu, Live 0xffffffffc03ef000
wmi 45056 3 asus_wmi,wmi_bmof,video, Live 0xffffffffc03d9000
drm_suballoc_helper 12288 1 amdgpu, Live 0xffffffffc03d1000
amdxcp 12288 1 amdgpu, Live 0xffffffffc03c9000
drm_buddy 20480 1 amdgpu, Live 0xffffffffc03bc000
gpu_sched 57344 1 amdgpu, Live 0xffffffffc03a1000
drm_display_helper 229376 1 amdgpu, Live 0xffffffffc034f000
cec 86016 1 drm_display_helper, Live 0xffffffffc032e000

Is that of any help to you?

Thanks for the attempt. However, that's exactly the part I'm confused about, as this behaviour from kernel against the abovementioned document. I'm doubting if there is a kernel config entry that supersedes the runtime kptr_restrict setting. However, I currently have no clue ¯\_(ツ)_/¯

schard

Forum Moderator

From: Hannover

Registered: 2016-05-06

Posts: 2,640

Website

Re: [Solved] Confused about kernel.kptr_restrict

# echo 1 > /proc/sys/kernel/perf_event_paranoid

https://elixir.bootlin.com/linux/v6.1.6 … yms.c#L979

Last edited by schard (2023-11-14 18:01:44)

---

Inofficial first vice president of the Rust Evangelism Strike Force

TJM

Member

Registered: 2016-09-18

Posts: 118

Re: [Solved] Confused about kernel.kptr_restrict

# echo 1 > /proc/sys/kernel/perf_event_paranoid

https://elixir.bootlin.com/linux/v6.1.6 … yms.c#L979

Brilliant!