Re: [Security] [PATCH] xtensa: prevent arbitrary read in ptrace
From: Andrew Morton
Date: Fri Jul 08 2011 - 14:27:19 EST
On Thu, 07 Jul 2011 20:03:54 -0400
Dan Rosenberg <drosenberg@xxxxxxxxxxxxx> wrote:
> Prevent an arbitrary kernel read. Check the user pointer with
> access_ok() before copying data in.
>
> Signed-off-by: Dan Rosenberg <drosenberg@xxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxx
> ---
> arch/xtensa/kernel/ptrace.c | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/arch/xtensa/kernel/ptrace.c b/arch/xtensa/kernel/ptrace.c
> index c72c947..ddce75e 100644
> --- a/arch/xtensa/kernel/ptrace.c
> +++ b/arch/xtensa/kernel/ptrace.c
> @@ -147,6 +147,9 @@ int ptrace_setxregs(struct task_struct *child, void __user *uregs)
> elf_xtregs_t *xtregs = uregs;
> int ret = 0;
>
> + if (!access_ok(VERIFY_READ, uregs, sizeof(elf_xtregs_t)))
> + return -EIO;
This should be -EFAULT, methinks?
> +
> #if XTENSA_HAVE_COPROCESSORS
> /* Flush all coprocessors before we overwrite them. */
> coprocessor_flush_all(ti);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/