| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20110708112706.9014d306.akpm@linux-foundation.org> Date: Fri, 8 Jul 2011 11:27:06 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Dan Rosenberg <drosenberg@...curity.com> Cc: chris@...kel.net, security@...nel.org, linux-kernel@...r.kernel.org, Oleg Nesterov <oleg@...hat.com> Subject: Re: [Security] [PATCH] xtensa: prevent arbitrary read in ptrace On Thu, 07 Jul 2011 20:03:54 -0400 Dan Rosenberg <drosenberg@...curity.com> wrote: > Prevent an arbitrary kernel read. Check the user pointer with > access_ok() before copying data in. > > Signed-off-by: Dan Rosenberg <drosenberg@...curity.com> > Cc: stable@...nel.org > --- > arch/xtensa/kernel/ptrace.c | 3 +++ > 1 files changed, 3 insertions(+), 0 deletions(-) > > diff --git a/arch/xtensa/kernel/ptrace.c b/arch/xtensa/kernel/ptrace.c > index c72c947..ddce75e 100644 > --- a/arch/xtensa/kernel/ptrace.c > +++ b/arch/xtensa/kernel/ptrace.c > @@ -147,6 +147,9 @@ int ptrace_setxregs(struct task_struct *child, void __user *uregs) > elf_xtregs_t *xtregs = uregs; > int ret = 0; > > + if (!access_ok(VERIFY_READ, uregs, sizeof(elf_xtregs_t))) > + return -EIO; This should be -EFAULT, methinks? > + > #if XTENSA_HAVE_COPROCESSORS > /* Flush all coprocessors before we overwrite them. */ > coprocessor_flush_all(ti); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists