| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1302247023.5744.44.camel@concordia>
Date: Fri, 08 Apr 2011 17:17:03 +1000
From: Michael Ellerman <michael@...erman.id.au>
To: Michel Lespinasse <walken@...gle.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org, hughd@...gle.com,
aarcange@...hat.com, riel@...hat.com,
Andrew Morton <akpm@...l.org>, linuxppc-dev@...abs.org,
Benjamin Herrenschmidt <benh@...nel.crashing.org>
Subject: Re: [PATCH] mm: Check we have the right vma in access_process_vm()
On Mon, 2011-04-04 at 23:42 -0700, Michel Lespinasse wrote:
> On Mon, Apr 4, 2011 at 11:24 PM, Michael Ellerman
> <michael@...erman.id.au> wrote:
> > In access_process_vm() we need to check that we have found the right
> > vma, not the following vma, before we try to access it. Otherwise
> > we might call the vma's access routine with an address which does
> > not fall inside the vma.
> >
> > Signed-off-by: Michael Ellerman <michael@...erman.id.au>
>
> Please note that the code has moved into __access_remote_vm() in
> current linus tree.
Ah good point, if git hadn't done such a good job of merging it I would
have noticed :)
I'll send a new version with a corrected changelog.
> Also, should len be truncated before calling vma->vm_ops->access() so
> that we can guarantee it won't overflow past the end of the vma ?
The access implementations I've looked at check len, but I guess it
could be truncated on the way in. But maybe that's being paranoid, I
dunno.
cheers
Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists