The below patch (hand crafted, not tested) may prevent a security
problem that arises when __PAGE_OFFSET is changed from its default value
of 0xc0000000 on i386. This is done when someone needs to use >1Gb RAM.
The problem is that a user may be able to a hardware breakpoint in the
kernel address range; who knows what affect that may have. This may
crash the kernel or simply leak information; either thing is not good.
This doesn't have any effect unless you have to change __PAGE_OFFSET.
-- Jamie
--- linux/arch/i386/kernel/ptrace.c
+++ linux/arch/i386/kernel/ptrace.c
@@ -477,7 +477,7 @@
if(addr == (long) &dummy->u_debugreg[4]) return -EIO;
if(addr == (long) &dummy->u_debugreg[5]) return -EIO;
if(addr < (long) &dummy->u_debugreg[4] &&
- ((unsigned long) data) >= 0xbffffffd) return -EIO;
+ ((unsigned long) data) >= TASK_SIZE-3) return -EIO;
ret = -EIO;
if(addr == (long) &dummy->u_debugreg[7]) {
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/