Skip to content

Commit

Permalink
cc: remove a spurious check for UID 0
Browse files Browse the repository at this point in the history 
This drops an hardcoded check for the root user-ID before accessing
`/proc/kallsyms`, in order to fix a bug which is preventing proper
kernel symbols resolution by non-root users.

The `/proc/kallsyms` file is generally available to non-privileged
users:
```
> runuser -u nobody -- wc -l /proc/kallsyms

217514 /proc/kallsyms
```

Its content is further controlled by the `CAP_SYSLOG` capability
through `/proc/sys/kernel/kptr_restrict`:
https://man7.org/linux/man-pages/man7/capabilities.7.html

As such, it is better to directly open it and rely on `fopen()`
for privileges checking.
  • Loading branch information
@lucab @yonghong-song
lucab authored and yonghong-song committed Aug 31, 2023
1 parent 6813fbc commit 0fcb346
Showing 1 changed file with 0 additions and 4 deletions.
4 changes: 0 additions & 4 deletions src/cc/bcc_proc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -262,10 +262,6 @@ int bcc_procutils_each_ksym(bcc_procutils_ksymcb callback, void *payload) {
FILE *kallsyms;
unsigned long long addr;

/* root is needed to list ksym addresses */
if (geteuid() != 0)
return -1;

kallsyms = fopen("/proc/kallsyms", "r");
if (!kallsyms)
return -1;
Expand Down

0 comments on commit 0fcb346

Please sign in to comment.