| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241219012311.649442084@goodmis.org>
Date: Wed, 18 Dec 2024 20:23:11 -0500
From: Steven Rostedt <rostedt@...dmis.org>
To: linux-kernel@...r.kernel.org
Cc: Masami Hiramatsu <mhiramat@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: [for-linus][PATCH 0/2] ring-buffer: Fixes for v6.13
ring-buffer fixes for v6.13:
- Fix possible overflow of mmapped ring buffer with bad offset
If the mmap() to the ring buffer passes in a start address that
is passed the end of the mmapped file, it is not caught and
a slab-out-of-bounds is triggered.
Add a check to make sure the start address is within the bounds
- Do not use TP_printk() to boot mapped ring buffers
As a boot mapped ring buffer's data may have pointers that map to
the previous boot's memory map, it is unsafe to allow the TP_printk()
to be used to read the boot mapped buffer's events. If a TP_printk()
points to a static string from within the kernel it will not match
the current kernel mapping if KASLR is active, and it can fault.
Have it simply print out the raw fields.
git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git
ring-buffer/fixes
Head SHA1: 8cd63406d08110c8098e1efda8aef7ddab4db348
Edward Adam Davis (1):
ring-buffer: Fix overflow in __rb_map_vma
Steven Rostedt (1):
trace/ring-buffer: Do not use TP_printk() formatting for boot mapped buffers
----
kernel/trace/ring_buffer.c | 6 +++++-
kernel/trace/trace.c | 9 +++++++++
2 files changed, 14 insertions(+), 1 deletion(-)
Powered by blists - more mailing lists