Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-27 22:51:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
3d6e48f433
linux/arch
History
Jarod Wilson 3d6e48f433 [S390] CVE-2008-1514: prevent ptrace padding area read/write in 31-bit mode 
When running a 31-bit ptrace, on either an s390 or s390x kernel,
reads and writes into a padding area in struct user_regs_struct32
will result in a kernel panic.

This is also known as CVE-2008-1514.

Test case available here:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/~checkout~/tests/ptrace-tests/tests/user-area-padding.c?cvsroot=systemtap

Steps to reproduce:
1) wget the above
2) gcc -o user-area-padding-31bit user-area-padding.c -Wall -ggdb2 -D_GNU_SOURCE -m31
3) ./user-area-padding-31bit
<panic>

Test status
-----------
Without patch, both s390 and s390x kernels panic. With patch, the test case,
as well as the gdb testsuite, pass without incident, padding area reads
returning zero, writes ignored.

Nb: original version returned -EINVAL on write attempts, which broke the
gdb test and made the test case slightly unhappy, Jan Kratochvil suggested
the change to return 0 on write attempts.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Tested-by: Jan Kratochvil <jan.kratochvil@redhat.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2008-09-09 12:39:06 +02:00
..
alpha [PATCH] fix osf_getdirents() 2008-08-25 01:18:06 -04:00
arm Merge master.kernel.org:/home/rmk/linux-2.6-arm 2008-09-08 15:50:19 -07:00
avr32 avr32: pm_standby low-power ram bug fix 2008-09-01 13:04:09 +02:00
blackfin Blackfin arch: Fix PM building on BF52x: No ROTWE on BF52x, add USBWE 2008-08-28 17:32:01 +08:00
cris removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
frv FRV: Wire up new system calls 2008-08-01 13:03:49 -07:00
h8300 [h8300] move include/asm-h8300 to arch/h8300/include/asm 2008-08-13 14:26:32 -07:00
ia64 [IA64] Fix __{in,out}s{w,l} to handle unaligned data 2008-08-25 11:23:13 -07:00
m32r m32r: use generic show_mem() 2008-07-26 12:00:11 -07:00
m68k m68k: atari_keyb_init operator precedence fix 2008-09-02 10:57:52 -07:00
m68knommu m68k{,nommu}: Wire up new system calls 2008-08-11 10:37:34 -07:00
mips [MIPS] Probe initrd header only if explicitly specified 2008-09-05 21:24:12 +01:00
mn10300 removed unused #include <linux/version.h>'s 2008-08-23 12:14:12 -07:00
parisc fix typo in arch/parisc/hpux/fs.c 2008-09-02 10:57:29 -07:00
powerpc powerpc: Fix rare boot build breakage 2008-09-08 15:55:35 +10:00
s390 [S390] CVE-2008-1514: prevent ptrace padding area read/write in 31-bit mode 2008-09-09 12:39:06 +02:00
sh sh64: resume_kernel fix for kernel oops built with CONFIG_BKL_PREEMPT=y. 2008-09-05 14:51:28 +09:00
sparc sparc: Fix resource flags for PCI children in OF device tree. 2008-08-28 22:59:10 -07:00
sparc64 sparc64: Prevent sparc64 from invoking irq handlers on offline CPUs 2008-09-03 02:15:30 -07:00
um uml: fix tty-related build error 2008-07-30 09:41:45 -07:00
x86 Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2008-09-06 19:36:23 -07:00
xtensa remove unneeded #include <linux/ide.h>'s 2008-08-05 18:17:00 +02:00
.gitignore
Kconfig tracehook: CONFIG_HAVE_ARCH_TRACEHOOK 2008-07-26 12:00:09 -07:00