| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Apr 2016 18:06:25 +0200 (CEST)
From: Jiri Kosina <jikos@...nel.org>
To: Dan Carpenter <dan.carpenter@...cle.com>
cc: jeyu@...hat.com, Josh Poimboeuf <jpoimboe@...hat.com>,
Miroslav Benes <mbenes@...e.cz>,
Petr Mladek <pmladek@...e.com>, live-patching@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] livepatch: robustify klp_register_patch() API error
checking
From: Jiri Kosina <jkosina@...e.cz>
Commit 425595a7fc20 ("livepatch: reuse module loader code to write
relocations") adds a possibility of dereferncing pointers supplied by the
consumer of the livepatch API before sanity (NULL) checking them (patch
and patch->mod).
Spotted by smatch tool.
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Jiri Kosina <jkosina@...e.cz>
---
kernel/livepatch/core.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index eb5db6e..28c37fa 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -876,6 +876,9 @@ int klp_register_patch(struct klp_patch *patch)
{
int ret;
+ if (!patch || !patch->mod)
+ return -EINVAL;
+
if (!is_livepatch_module(patch->mod)) {
pr_err("module %s is not marked as a livepatch module",
patch->mod->name);
@@ -885,9 +888,6 @@ int klp_register_patch(struct klp_patch *patch)
if (!klp_initialized())
return -ENODEV;
- if (!patch || !patch->mod)
- return -EINVAL;
-
/*
* A reference is taken on the patch module to prevent it from being
* unloaded. Right now, we don't allow patch modules to unload since
--
Jiri Kosina
SUSE Labs
Powered by blists - more mailing lists