From e06173bde0ec9830a296720f8cd7cb2f17b76fa4 Mon Sep 17 00:00:00 2001 From: Jeff Dike Date: Mon, 4 Feb 2008 22:31:12 -0800 Subject: [PATCH] uml: don't allow processes to call into stub Kill a process that tries to branch into a stub and execute a system call. There are no security implications here - a system call in a stub is treated the same as a system call anywhere else. But if a process is trying to branch into a stub, either it is trying something nasty or it has gone haywire, so it's a good idea to get rid of it in either case. Signed-off-by: Jeff Dike Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- arch/um/os-Linux/skas/process.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/um/os-Linux/skas/process.c b/arch/um/os-Linux/skas/process.c index 862fea0290ec..8ab2f5c577a3 100644 --- a/arch/um/os-Linux/skas/process.c +++ b/arch/um/os-Linux/skas/process.c @@ -146,6 +146,9 @@ static void handle_trap(int pid, struct uml_pt_regs *regs, { int err, status; + if ((UPT_IP(regs) >= STUB_START) && (UPT_IP(regs) < STUB_END)) + fatal_sigsegv(); + /* Mark this as a syscall */ UPT_SYSCALL_NR(regs) = PT_SYSCALL_NR(regs->gp);