[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <6101e8c40802061506x297eb52by6d4d30e1e406f97b@mail.gmail.com>
Date: Thu, 7 Feb 2008 00:06:45 +0100
From: "Oliver Pinter" <oliver.pntr@...il.com>
To: "Linux Kernel" <linux-kernel@...r.kernel.org>, stable@...nel.org,
stable-commits@...r.kernel.org
Subject: Re: [2.6.22.y] {07/17} - i386-fixup-TRACE_IRQ-breakage - series for stable kernel #2
From: Peter Zijlstra <peterz@...radead.org>
Date: Wed, 18 Jul 2007 18:59:22 +0000 (+0200)
Subject: i386: fixup TRACE_IRQ breakage
Patch-mainline: 2.6.23-rc1
References: 326270, CVE-2007-3731
i386: fixup TRACE_IRQ breakage
The TRACE_IRQS_ON function in iret_exc: calls a C function without
ensuring that the segments are set properly. Move the trace function and
the enabling of interrupt into the C stub.
Signed-off-by: Peter Zijlstra <a.p.zijlstra@...llo.nl>
Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org>
Acked-by: Jeff Mahoney <jeffm@...e.com>
---
arch/i386/kernel/entry.S | 2 --
arch/i386/kernel/traps.c | 10 ++++++----
2 files changed, 6 insertions(+), 6 deletions(-)
--- linux-2.6.22.orig/arch/i386/kernel/entry.S
+++ linux-2.6.22/arch/i386/kernel/entry.S
@@ -409,8 +409,6 @@ restore_nocheck_notrace:
1: INTERRUPT_RETURN
.section .fixup,"ax"
iret_exc:
- TRACE_IRQS_ON
- ENABLE_INTERRUPTS(CLBR_NONE)
pushl $0 # no error code
pushl $do_iret_error
jmp error_code
--- linux-2.6.22.orig/arch/i386/kernel/traps.c
+++ linux-2.6.22/arch/i386/kernel/traps.c
@@ -517,10 +517,12 @@ fastcall void do_##name(struct pt_regs *
do_trap(trapnr, signr, str, 0, regs, error_code, NULL); \
}
-#define DO_ERROR_INFO(trapnr, signr, str, name, sicode, siaddr) \
+#define DO_ERROR_INFO(trapnr, signr, str, name, sicode, siaddr, irq) \
fastcall void do_##name(struct pt_regs * regs, long error_code) \
{ \
siginfo_t info; \
+ if (irq) \
+ local_irq_enable(); \
info.si_signo = signr; \
info.si_errno = 0; \
info.si_code = sicode; \
@@ -560,13 +562,13 @@ DO_VM86_ERROR( 3, SIGTRAP, "int3", int3)
#endif
DO_VM86_ERROR( 4, SIGSEGV, "overflow", overflow)
DO_VM86_ERROR( 5, SIGSEGV, "bounds", bounds)
-DO_ERROR_INFO( 6, SIGILL, "invalid opcode", invalid_op, ILL_ILLOPN, regs->eip)
+DO_ERROR_INFO( 6, SIGILL, "invalid opcode", invalid_op, ILL_ILLOPN,
regs->eip, 0)
DO_ERROR( 9, SIGFPE, "coprocessor segment overrun",
coprocessor_segment_overrun)
DO_ERROR(10, SIGSEGV, "invalid TSS", invalid_TSS)
DO_ERROR(11, SIGBUS, "segment not present", segment_not_present)
DO_ERROR(12, SIGBUS, "stack segment", stack_segment)
-DO_ERROR_INFO(17, SIGBUS, "alignment check", alignment_check, BUS_ADRALN, 0)
-DO_ERROR_INFO(32, SIGSEGV, "iret exception", iret_error, ILL_BADSTK, 0)
+DO_ERROR_INFO(17, SIGBUS, "alignment check", alignment_check, BUS_ADRALN, 0, 0)
+DO_ERROR_INFO(32, SIGSEGV, "iret exception", iret_error, ILL_BADSTK, 0, 1)
fastcall void __kprobes do_general_protection(struct pt_regs * regs,
long error_code)
On 2/2/08, Oliver Pinter (Pintér Olivér) <oliver.pntr@...il.com> wrote:
> mainline: a10d9a71bafd3a283da240d2868e71346d2aef6f
>
>
> --
> Thanks,
> Oliver
>
--
Thanks,
Oliver
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists