| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20131205113348.GE4360@n2100.arm.linux.org.uk> Date: Thu, 5 Dec 2013 11:33:48 +0000 From: Russell King - ARM Linux <linux@....linux.org.uk> To: Konstantin Khlebnikov <k.khlebnikov@...sung.com> Cc: linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, Will Deacon <will.deacon@....com>, Vyacheslav Tyrtov <v.tyrtov@...sung.com> Subject: Re: [PATCH 1/2] ARM: check stack pointer in get_wchan On Thu, Dec 05, 2013 at 12:34:24PM +0400, Konstantin Khlebnikov wrote: > get_wchan() is lockless. Task may wakeup at any time and change its own stack, > thus each next stack frame may be overwritten and filled with random stuff. > > /proc/$pid/stack interface had been disabled for non-current tasks, see [1] > But 'wchan' still allows to trigger stack frame unwinding on volatile stack. > > This patch fixes oops in unwind_frame() by adding stack pointer validation on > each step (as x86 code do), unwind_frame() already checks frame pointer. > > Also I've found another report of this oops on stackoverflow (irony). Your two patches look fine to me. Please put them in the patch system and we'll get them merged - I think they should also be merged into stable trees too - it looks like this goes all the way back to 2.6.30 kernels. Thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists