commit 0cdd192cf40fb6dbf03ec3af1c670068de3fd26c · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

kprobes/x86: Don't try to resolve kprobe faults from userspace

This commit:

commit 6f6343f53d133bae516caf3d254bce37d8774625
Author: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Date: Thu Apr 17 17:17:33 2014 +0900

kprobes/x86: Call exception handlers directly from do_int3/do_debug

appears to have inadvertently dropped a check that the int3 came
from kernel mode. Trying to dereference addr when addr is
user-controlled is completely bogus.

Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Acked-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Link: http://lkml.kernel.org/r/c4e339882c121aa76254f2adde3fcbdf502faec2.1405099506.git.luto@amacapital.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>

authored by Andy Lutomirski and committed by Ingo Molnar 11 years ago 0cdd192c 44851541

options

unified split

Changed files

arch

x86

kernel

kprobes

core.c

arch/x86/kernel/kprobes/core.c

··· 574 574 struct kprobe *p; 575 575 struct kprobe_ctlblk *kcb; 576 576 577 + if (user_mode_vm(regs)) 578 + return 0; 579 + 577 580 addr = (kprobe_opcode_t *)(regs->ip - sizeof(kprobe_opcode_t)); 578 581 /* 579 582 * We don't want to be preempted for the entire