From mboxrd@z Thu Jan 1 00:00:00 1970 From: gregkh@linuxfoundation.org (Greg KH) Date: Thu, 2 Nov 2017 17:47:06 +0100 Subject: [PATCH] arm: ensure dump_instr() checks addr_limit In-Reply-To: <20171102163452.7652-1-mark.rutland@arm.com> References: <20171102163452.7652-1-mark.rutland@arm.com> Message-ID: <20171102164706.GC5061@kroah.com> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org On Thu, Nov 02, 2017 at 04:34:52PM +0000, Mark Rutland wrote: > Signed-off-by: Mark Rutland Huh? What's that doing up here? > When CONFIG_DEBUG_USER is enabled, it's possible for a user to > deliberately trigger dump_instr() with a chosen kernel address. > > Let's avoid problems resulting from this by using get_user() rather than > __get_user(), ensuring that we don't erroneously access kernel memory. > > So that we can use the same code to dump user instructions and kernel > instructions, the common dumping code is factored out to __dump_instr(), > with the fs manipulated appropriately in dump_instr() around calls to > this. > > Signed-off-by: Mark Rutland > Cc: Russell King > Cc: stable at vger.kernel.org It's right here... confused. greg k-h From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:33322 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751587AbdKBQqz (ORCPT ); Thu, 2 Nov 2017 12:46:55 -0400 Date: Thu, 2 Nov 2017 17:47:06 +0100 From: Greg KH To: Mark Rutland Cc: linux-arm-kernel@lists.infradead.org, Russell King , stable@vger.kernel.org Subject: Re: [PATCH] arm: ensure dump_instr() checks addr_limit Message-ID: <20171102164706.GC5061@kroah.com> References: <20171102163452.7652-1-mark.rutland@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20171102163452.7652-1-mark.rutland@arm.com> Sender: stable-owner@vger.kernel.org List-ID: On Thu, Nov 02, 2017 at 04:34:52PM +0000, Mark Rutland wrote: > Signed-off-by: Mark Rutland Huh? What's that doing up here? > When CONFIG_DEBUG_USER is enabled, it's possible for a user to > deliberately trigger dump_instr() with a chosen kernel address. > > Let's avoid problems resulting from this by using get_user() rather than > __get_user(), ensuring that we don't erroneously access kernel memory. > > So that we can use the same code to dump user instructions and kernel > instructions, the common dumping code is factored out to __dump_instr(), > with the fs manipulated appropriately in dump_instr() around calls to > this. > > Signed-off-by: Mark Rutland > Cc: Russell King > Cc: stable@vger.kernel.org It's right here... confused. greg k-h