lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1436370037-25874-57-git-send-email-kamal@canonical.com>
Date:	Wed,  8 Jul 2015 08:40:37 -0700
From:	Kamal Mostafa <kamal@...onical.com>
To:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	kernel-team@...ts.ubuntu.com
Cc:	dann frazier <dannf@...ntu.com>,
	Kamal Mostafa <kamal@...onical.com>
Subject: [PATCH 3.13.y-ckt 56/56] [3-13-stable only] vm: Fix incomplete backport of VM_FAULT_SIGSEGV handling support

3.13.11-ckt23 -stable review patch.  If anyone has any objections, please let me know.

------------------

From: dann frazier <dannf@...ntu.com>

BugLink: http://bugs.launchpad.net/bugs/1471892

Commit b9496d0cc02900b74f01f294b76d3af9f3b12bfe in the 3.13.y-ckt tree is an
incomplete backport of upstream commit 33692f27597fcab536d7cbbcc8f52905133e4aa7.
The commit notes that the changes to mm/gup.c were omitted - presumably because
that file didn't exist in 3.13. However, the relevant code does exist in
3.13.y - it just hadn't been split out from mm/memory.c yet.

This introduced a regression in the Ubuntu kernel that resulted in panics
on arm64 when running the coreutils test suite:

  [...]
  PASS: tests/misc/chcon-fail.sh
  PASS: tests/misc/cut.pl
  [  141.509350] Kernel panic - not syncing: BUG!
  [  141.510301] CPU: 0 PID: 22674 Comm: bash Not tainted 3.13.11-ckt22 #20
  [  141.511641] Call trace:
  [  141.512115] [<ffffffc00008839c>] dump_backtrace+0x0/0x164
  [  141.513133] [<ffffffc000088510>] show_stack+0x10/0x1c
  [  141.514079] [<ffffffc000615460>] dump_stack+0x78/0x94
  [  141.515022] [<ffffffc000613fd8>] panic+0xe0/0x20c
  [  141.515903] [<ffffffc00017a7e4>] __get_user_pages+0x454/0x4c8
  [  141.516971] [<ffffffc00017a898>] get_user_pages+0x40/0x4c
  [  141.517973] [<ffffffc0001b1580>] get_arg_page+0x40/0xb4
  [  141.518956] [<ffffffc0001b1fb0>] copy_strings.isra.21+0x158/0x248
  [  141.520095] [<ffffffc0001b2d50>] do_execve_common.isra.26+0x3f4/0x5a0
  [  141.521280] [<ffffffc0001b2f14>] do_execve+0x18/0x24
  [  141.522203] [<ffffffc0001b3174>] SyS_execve+0x34/0x70

This commit completes the backport by retrofiting the missing changes to
mm/memory.c. This does not appear to impact upstream stable kernels. I checked
3.12.y, and it has already included these changes in the initial backport.

Signed-off-by: dann frazier <dannf@...ntu.com>
Signed-off-by: Kamal Mostafa <kamal@...onical.com>
---
 mm/memory.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/mm/memory.c b/mm/memory.c
index 0d58cbc..8203f8f 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1833,7 +1833,8 @@ long __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
 						else
 							return -EFAULT;
 					}
-					if (ret & VM_FAULT_SIGBUS)
+					if (ret & (VM_FAULT_SIGBUS |
+							VM_FAULT_SIGSEGV))
 						return i ? i : -EFAULT;
 					BUG();
 				}
@@ -1943,7 +1944,7 @@ int fixup_user_fault(struct task_struct *tsk, struct mm_struct *mm,
 			return -ENOMEM;
 		if (ret & (VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE))
 			return -EHWPOISON;
-		if (ret & VM_FAULT_SIGBUS)
+		if (ret & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV))
 			return -EFAULT;
 		BUG();
 	}
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ