| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 May 2014 23:11:46 +0200 From: Erik Bosman <erik@...emu.org> To: linux-kernel@...r.kernel.org Subject: [PATCH 4/4] x86: SROP mitigation: implement signal counting This patch implements signal counting for x86-64, x86-32 and x32. Signed-off-by: Erik Bosman <erik@...emu.org> --- arch/x86/Kconfig | 1 + arch/x86/ia32/ia32_signal.c | 10 ++++++++++ arch/x86/kernel/signal.c | 19 +++++++++++++++++++ 3 files changed, 30 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 83eea28..82d779f 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -129,6 +129,7 @@ config X86 select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64 select HAVE_CC_STACKPROTECTOR select HAVE_SIGNAL_CANARY + select HAVE_SIGNAL_BOOKKEEPING select GENERIC_CPU_AUTOPROBE select HAVE_ARCH_AUDITSYSCALL diff --git a/arch/x86/ia32/ia32_signal.c b/arch/x86/ia32/ia32_signal.c index 1a9285a..5b95c26 100644 --- a/arch/x86/ia32/ia32_signal.c +++ b/arch/x86/ia32/ia32_signal.c @@ -219,6 +219,11 @@ asmlinkage long sys32_sigreturn(void) if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) goto badframe; +#ifdef CONFIG_SIGNAL_BOOKKEEPING + if (signals_in_progress_dec(current)) + goto badframe; +#endif + #ifdef CONFIG_SIGNAL_CANARY if (__get_user(canary, &frame->canary) || (canary != current->signal_canary)) goto badframe; @@ -257,6 +262,11 @@ asmlinkage long sys32_rt_sigreturn(void) if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) goto badframe; +#ifdef CONFIG_SIGNAL_BOOKKEEPING + if (signals_in_progress_dec(current)) + goto badframe; +#endif + #ifdef CONFIG_SIGNAL_CANARY if (__get_user(canary, &frame->canary) || (canary != current->signal_canary)) goto badframe; diff --git a/arch/x86/kernel/signal.c b/arch/x86/kernel/signal.c index 0cc4556..5f51e8c 100644 --- a/arch/x86/kernel/signal.c +++ b/arch/x86/kernel/signal.c @@ -558,6 +558,11 @@ asmlinkage unsigned long sys_sigreturn(void) u32 canary; #endif +#ifdef CONFIG_SIGNAL_BOOKKEEPING + if (signals_in_progress_dec(current)) + goto badframe; +#endif + frame = (struct sigframe __user *)(regs->sp - 8); if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) @@ -600,6 +605,11 @@ asmlinkage long sys_rt_sigreturn(void) if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) goto badframe; +#ifdef CONFIG_SIGNAL_BOOKKEEPING + if (signals_in_progress_dec(current)) + goto badframe; +#endif + #ifdef CONFIG_SIGNAL_CANARY if (__get_user(canary, &frame->canary) || (canary != current->signal_canary)) goto badframe; @@ -708,6 +718,10 @@ handle_signal(struct ksignal *ksig, struct pt_regs *regs) regs->flags &= ~(X86_EFLAGS_DF|X86_EFLAGS_RF|X86_EFLAGS_TF); } signal_setup_done(failed, ksig, test_thread_flag(TIF_SINGLESTEP)); + +#ifdef CONFIG_SIGNAL_BOOKKEEPING + signals_in_progress_inc(current); +#endif } #ifdef CONFIG_X86_32 @@ -824,6 +838,11 @@ asmlinkage long sys32_x32_rt_sigreturn(void) if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set))) goto badframe; +#ifdef CONFIG_SIGNAL_BOOKKEEPING + if (signals_in_progress_dec(current)) + goto badframe; +#endif + #ifdef CONFIG_SIGNAL_CANARY if (__get_user(canary, &frame->canary) || (canary != current->signal_canary)) goto badframe; -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists