From: azu <azu@sysgo.de>
To: user-mode-linux-devel@lists.sourceforge.net
Subject: [uml-devel] Patch for arch/um/kernel/trap_kern.c to fix bad panic
Date: Mon, 28 Jun 2004 13:39:25 +0200 [thread overview]
Message-ID: <40E0036D.2070108@sysgo.de> (raw)
Hi,
I triggered the following panic from userspace in skas mode
by mapping pages above 0xa0000000 ...
The check is useless in skas-mode (kernel faults get filtered
in segv() before handle_page_fault() is called),
so I added an ifdef for tt mode.
-Alex
--- orig/arch/um/kernel/trap_kern.c 2004-06-28 13:08:41.000000000 +0200
+++ u4/arch/um/kernel/trap_kern.c 2004-06-28 13:08:52.000000000 +0200
@@ -52,8 +52,10 @@
if(is_write && !(vma->vm_flags & VM_WRITE))
goto out;
page = address & PAGE_MASK;
+#ifdef CONFIG_MODE_TT
if(page == (unsigned long) current + PAGE_SIZE)
panic("Kernel stack overflow");
+#endif
pgd = pgd_offset(mm, page);
pmd = pmd_offset(pgd, page);
do {
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
next reply other threads:[~2004-06-28 11:34 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-28 11:39 azu [this message]
2004-06-29 18:34 ` [uml-devel] Patch for arch/um/kernel/trap_kern.c to fix bad panic BlaisorBlade
2004-06-30 10:04 ` [uml-devel] bad panic "Kernel stack overflow" - demo exploit azu
2004-07-01 12:01 ` BlaisorBlade
2004-07-01 13:34 ` BlaisorBlade
2004-07-01 17:57 ` Alex Züpke
2004-07-01 19:33 ` BlaisorBlade
2004-07-03 18:25 ` BlaisorBlade
2004-08-17 15:40 ` BlaisorBlade
2004-08-20 15:09 ` Jeff Dike
2004-09-05 16:41 ` BlaisorBlade
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40E0036D.2070108@sysgo.de \
--to=azu@sysgo.de \
--cc=user-mode-linux-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.