From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, David Howells <dhowells@redhat.com>,
Masakazu Urade <urade.masakazu@jp.panasonic.com>,
Koichi Yasutake <yasutake.koichi@jp.panasonic.com>,
"Eric W. Biederman" <ebiederm@xmission.com>
Subject: [PATCH 3.18 45/45] mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
Date: Thu, 15 Feb 2018 16:17:36 +0100 [thread overview]
Message-ID: <20180215144125.485663072@linuxfoundation.org> (raw)
In-Reply-To: <20180215144115.863307741@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Eric W. Biederman <ebiederm@xmission.com>
commit 6ac1dc736b323011a55ecd1fc5897c24c4f77cbd upstream.
Setting si_code to 0 is the same a setting si_code to SI_USER which is definitely
not correct. With si_code set to SI_USER si_pid and si_uid will be copied to
userspace instead of si_addr. Which is very wrong.
So fix this by using a sensible si_code (SEGV_MAPERR) for this failure.
Fixes: b920de1b77b7 ("mn10300: add the MN10300/AM33 architecture to the kernel")
Cc: David Howells <dhowells@redhat.com>
Cc: Masakazu Urade <urade.masakazu@jp.panasonic.com>
Cc: Koichi Yasutake <yasutake.koichi@jp.panasonic.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/mn10300/mm/misalignment.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/mn10300/mm/misalignment.c
+++ b/arch/mn10300/mm/misalignment.c
@@ -437,7 +437,7 @@ transfer_failed:
info.si_signo = SIGSEGV;
info.si_errno = 0;
- info.si_code = 0;
+ info.si_code = SEGV_MAPERR;
info.si_addr = (void *) regs->pc;
force_sig_info(SIGSEGV, &info, current);
return;
next prev parent reply other threads:[~2018-02-15 15:20 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-15 15:16 [PATCH 3.18 00/45] 3.18.95-stable review Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 01/45] vhost_net: stop device during reset owner Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 02/45] ip6mr: fix stale iterator Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 03/45] net: igmp: add a missing rcu locking section Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 04/45] qlcnic: fix deadlock bug Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 05/45] r8169: fix RTL8168EP take too long to complete driver initialization Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 06/45] tcp: release sk_frag.page in tcp_disconnect Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 07/45] ARM: exynos_defconfig: Enable options to mount a rootfs via NFS Greg Kroah-Hartman
2018-02-15 15:16 ` [PATCH 3.18 08/45] ARM: exynos_defconfig: Enable NFSv4 client Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 09/45] KEYS: encrypted: fix buffer overread in valid_master_desc() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 10/45] ipv4: Map neigh lookup keys in __ipv4_neigh_lookup_noref() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 11/45] cifs: Fix missing put_xid in cifs_file_strict_mmap Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 12/45] cifs: Fix autonegotiate security settings mismatch Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 13/45] CIFS: zero sensitive data when freeing Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 14/45] posix-timer: Properly check sigevent->sigev_notify Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 15/45] usbip: fix stub_rx: get_pipe() to validate endpoint number Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 16/45] usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 17/45] usbip: prevent vhci_hcd driver from leaking a socket pointer address Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 18/45] usbip: Fix potential format overflow in userspace tools Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 19/45] usb: usbip: Fix possible deadlocks reported by lockdep Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 20/45] usbip: vhci-hcd: Add USB3 SuperSpeed support Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 21/45] usbip: prevent leaking socket pointer address in messages Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 22/45] usbip: stub: stop printing kernel pointer addresses " Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 23/45] usbip: vhci: " Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 24/45] dccp: CVE-2017-8824: use-after-free in DCCP code Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 25/45] media: dvb-usb-v2: lmedm04: Improve logic checking of warm start Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 26/45] media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 27/45] mtd: nand: Fix nand_do_read_oob() return value Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 28/45] NFS: Add a cond_resched() to nfs_commit_release_pages() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 29/45] NFS: commit direct writes even if they fail partially Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 30/45] kernfs: fix regression in kernfs_fop_write caused by wrong type Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 31/45] crypto: hash - introduce crypto_hash_alg_has_setkey() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 32/45] crypto: cryptd - pass through absence of ->setkey() Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 34/45] arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 35/45] media: cxusb, dib0700: ignore XC2028_I2C_FLUSH Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 36/45] kernel/async.c: revert "async: simplify lowest_in_progress()" Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 37/45] signal/openrisc: Fix do_unaligned_access to send the proper signal Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 38/45] signal/sh: Ensure si_signo is initialized in do_divide_error Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 39/45] alpha: fix crash if pthread_create races with signal delivery Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 40/45] alpha: fix reboot on Avanti platform Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 41/45] xtensa: fix futex_atomic_cmpxchg_inatomic Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 43/45] pktcdvd: Fix pkt_setup_dev() error path Greg Kroah-Hartman
2018-02-15 15:17 ` [PATCH 3.18 44/45] ACPI: sbshc: remove raw pointer from printk() message Greg Kroah-Hartman
2018-02-15 15:17 ` Greg Kroah-Hartman [this message]
[not found] ` <CALpmF+EMZAaKEB0jwgfz8-aCp2_QQ2d2A-wcjJf3bKEaJh7cqg@mail.gmail.com>
2018-02-15 16:44 ` [PATCH 3.18 00/45] 3.18.95-stable review Greg Kroah-Hartman
2018-02-15 22:01 ` Shuah Khan
2018-02-16 14:11 ` Guenter Roeck
2018-02-16 19:13 ` Greg Kroah-Hartman
[not found] ` <5a85dcaa.42e61c0a.bc4d0.dd5f@mx.google.com>
[not found] ` <7hsha03dh7.fsf@baylibre.com>
2018-02-16 20:12 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180215144125.485663072@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=urade.masakazu@jp.panasonic.com \
--cc=yasutake.koichi@jp.panasonic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).