| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <184ceb0edb5740aa10db7c6f633e434793dd208b.1727345233.git.fthain@linux-m68k.org>
Date: Thu, 26 Sep 2024 20:07:13 +1000
From: Finn Thain <fthain@...ux-m68k.org>
To: stable@...nel.org
Cc: Geert Uytterhoeven <geert@...ux-m68k.org>,
Liam Howlett <liam.howlett@...cle.com>,
linux-m68k@...ts.linux-m68k.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] m68k: Add missing mmap_read_lock() to sys_cacheflush()
From: Liam Howlett <liam.howlett@...cle.com>
[ Upstream commit f829b4b212a315b912cb23fd10aaf30534bb5ce9 ]
When the superuser flushes the entire cache, the mmap_read_lock() is not
taken, but mmap_read_unlock() is called. Add the missing
mmap_read_lock() call.
Cc: stable@...nel.org # <= 5.7.y
Fixes: cd2567b6850b1648 ("m68k: call find_vma with the mmap_sem held in sys_cacheflush()")
Signed-off-by: Liam Howlett <liam.howlett@...cle.com>
Reviewed-by: Matthew Wilcox (Oracle) <willy@...radead.org>
Link: https://lore.kernel.org/r/20210407200032.764445-1-Liam.Howlett@Oracle.com
Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org>
Signed-off-by: Finn Thain <fthain@...ux-m68k.org>
---
The original commit was backported as far as 5.10.y but never made it into
4.19.y or 5.4.y.
mmap_read_lock() was unavailable prior to v5.8, being introduced in commit
d8ed45c5dcd4 ("mmap locking API: use coccinelle to convert mmap_sem rwsem
call sites"), so this backport uses down_read() instead.
---
arch/m68k/kernel/sys_m68k.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/m68k/kernel/sys_m68k.c b/arch/m68k/kernel/sys_m68k.c
index 6363ec83a290..38dcc1a2097d 100644
--- a/arch/m68k/kernel/sys_m68k.c
+++ b/arch/m68k/kernel/sys_m68k.c
@@ -388,6 +388,8 @@ sys_cacheflush (unsigned long addr, int scope, int cache, unsigned long len)
ret = -EPERM;
if (!capable(CAP_SYS_ADMIN))
goto out;
+
+ down_read(¤t->mm->mmap_sem);
} else {
struct vm_area_struct *vma;
--
2.39.5
Powered by blists - more mailing lists