lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1401279583-1027-1-git-send-email-pkern@google.com>
Date:	Wed, 28 May 2014 14:19:43 +0200
From:	Philipp Kern <pkern@...gle.com>
To:	hpa@...ux.intel.com
Cc:	Philipp Kern <pkern@...gle.com>, linux-kernel@...r.kernel.org,
	"H. J. Lu" <hjl.tools@...il.com>, Eric Paris <eparis@...hat.com>
Subject: [PATCH] x32: Mask away the x32 syscall bit in the ptrace codepath

audit_filter_syscall uses the syscall number to reference into a
bitmask (e->rule.mask[word]). Not removing the x32 bit before passing
the number to this architecture independent codepath will fail to
lookup the proper audit bit. Furthermore it will cause an invalid memory
access in the kernel if the out of bound location is not mapped:

  BUG: unable to handle kernel paging request at ffff8800e5446630
  IP: [<ffffffff810fcdd0>] audit_filter_syscall+0x90/0xf0

Together with the entrypoint in entry_64.S this change causes x32
programs to pass in both AUDIT_ARCH_X86_64 and AUDIT_ARCH_I386 depending
on the syscall path.

Cc: linux-kernel@...r.kernel.org
Cc: H. J. Lu <hjl.tools@...il.com>
Cc: Eric Paris <eparis@...hat.com>
Signed-off-by: Philipp Kern <pkern@...gle.com>
---
 arch/x86/kernel/ptrace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
index 678c0ad..166a3c7 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -1489,7 +1489,7 @@ long syscall_trace_enter(struct pt_regs *regs)
 
 	if (IS_IA32)
 		audit_syscall_entry(AUDIT_ARCH_I386,
-				    regs->orig_ax,
+				    regs->orig_ax & __SYSCALL_MASK,
 				    regs->bx, regs->cx,
 				    regs->dx, regs->si);
 #ifdef CONFIG_X86_64
-- 
1.9.1.423.g4596e3a

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ