lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <54EB3110.2070108@monstr.eu>
Date:	Mon, 23 Feb 2015 14:54:24 +0100
From:	Michal Simek <monstr@...str.eu>
To:	Jamie Garside <jamie.garside@...k.ac.uk>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] /arch/microblaze/kernel/entry.S kernel 3.14 Fix crash
 when calling invalid syscall ID

Hi Jamie,

On 02/23/2015 02:43 PM, Jamie Garside wrote:
> There appears to be a couple of bugs in the initial syscall handler on
> Microblaze when passing an invalid syscall ID.
> 
> The code at line 351 should check for a syscall ID above __NR_syscalls,
> then jump to the error exit routine. In this case, _user_exception returns
> using the wrong register (r15 instead of r14), and doesn't clean up the
> stack, causing the running user-land to hang.
> 
> Additionally, it does not cause an error if the syscall ID is negative (as
> can be returned from do_syscall_trace_enter), causing the kernel to attempt
> to jump to an invalid syscall handler and cause a kernel oops.
> 
> This patch adds a check for negative syscall ID, and modifies the error
> exit to jump to ret_from_trap instead (as would happen after a successful
> syscall) to perform cleanup, returning -ENOSYS. I believe this should be
> safe in this condition.
> 
> This patch has been edited against the Linux 3.14 code, but a glance over
> the git logs shows this file has not been changed in the past two years,
> hence this patch should be safe for the most recent kernel version.

Please rebase it on the latest 4.0-rc1 kernel and send the patch via
git send-email with proper description and SoB line. Then I will look at it.

Thanks,
Michal


-- 
Michal Simek, Ing. (M.Eng), OpenPGP -> KeyID: FE3D1F91
w: www.monstr.eu p: +42-0-721842854
Maintainer of Linux kernel - Microblaze cpu - http://www.monstr.eu/fdt/
Maintainer of Linux kernel - Xilinx Zynq ARM architecture
Microblaze U-BOOT custodian and responsible for u-boot arm zynq platform



Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ