From 369c7a7e9f448da681655969ed903d5e6f4378aa Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Sun, 19 Dec 2021 16:40:11 +0100
Subject: [PATCH] Kernel: Don't include kmalloc perf events in JSON for
 non-superuser

These events contain sensitive kernel information and should not be
available to regular users.
---
 Kernel/PerformanceEventBuffer.cpp | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Kernel/PerformanceEventBuffer.cpp b/Kernel/PerformanceEventBuffer.cpp
index 906c9c85e4..38c04fe14f 100644
--- a/Kernel/PerformanceEventBuffer.cpp
+++ b/Kernel/PerformanceEventBuffer.cpp
@@ -196,10 +196,17 @@ ErrorOr<void> PerformanceEventBuffer::to_json_impl(Serializer& object) const
         }
     }
 
+    bool show_kernel_addresses = Process::current().is_superuser();
     auto array = object.add_array("events");
     bool seen_first_sample = false;
     for (size_t i = 0; i < m_count; ++i) {
-        auto& event = at(i);
+        auto const& event = at(i);
+
+        if (!show_kernel_addresses) {
+            if (event.type == PERF_EVENT_KMALLOC || event.type == PERF_EVENT_KFREE)
+                continue;
+        }
+
         auto event_object = array.add_object();
         switch (event.type) {
         case PERF_EVENT_SAMPLE: