| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Sep 2017 01:58:02 +0530
From: "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: Oleg Nesterov <oleg@...hat.com>,
Srikar Dronamraju <srikar@...ux.vnet.ibm.com>,
Anton Blanchard <anton@...ba.org>,
Michael Ellerman <mpe@...erman.id.au>,
Ananth N Mavinakayanahalli <ananth@...ux.vnet.ibm.com>,
linux-kernel@...r.kernel.org
Subject: [PATCH v2 3/3] kernel/uprobes: Fix check for active uprobe
If we try to install a uprobe on a breakpoint instruction, we register the
probe, but refuse to install it. In this case, when the breakpoint hits, we
incorrectly assume that the probe hit and end up looping.
Fix this by checking that the trap was actually installed in
find_active_uprobe().
Reported-by: Anton Blanchard <anton@...ba.org>
Signed-off-by: Naveen N. Rao <naveen.n.rao@...ux.vnet.ibm.com>
---
kernel/events/uprobes.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
index e14eb0a6e4f3..599078e6a092 100644
--- a/kernel/events/uprobes.c
+++ b/kernel/events/uprobes.c
@@ -1752,6 +1752,13 @@ static struct uprobe *find_active_uprobe(unsigned long bp_vaddr, int *is_swbp)
uprobe = find_uprobe(inode, offset);
}
+ /* Ensure that the breakpoint was actually installed */
+ if (uprobe) {
+ smp_rmb(); /* pairs with wmb() in prepare_uprobe() */
+ if (unlikely(!test_bit(UPROBE_COPY_INSN, &uprobe->flags)))
+ uprobe = NULL;
+ }
+
if (!uprobe)
*is_swbp = is_trap_at_addr(mm, bp_vaddr);
} else {
--
2.14.1
Powered by blists - more mailing lists