iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/arch
History
James Hogan e8a8a6972c metag/uaccess: Check access_ok in strncpy_from_user 
commit 3a158a62da0673db918b53ac1440845a5b64fd90 upstream.

The metag implementation of strncpy_from_user() doesn't validate the src
pointer, which could allow reading of arbitrary kernel memory. Add a
short access_ok() check to prevent that.

Its still possible for it to read across the user/kernel boundary, but
it will invariably reach a NUL character after only 9 bytes, leaking
only a static kernel address being loaded into D0Re0 at the beginning of
__start, which is acceptable for the immediate fix.

Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: linux-metag@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-05-25 15:44:46 +02:00
..
alpha
ptrace: Don't allow accessing an undumpable mm
2017-01-06 10:40:13 +01:00
arc
ARCv2: save r30 on kernel entry as gcc uses it for code-gen
2017-05-03 08:36:39 -07:00
arm
ARM: dts: imx6sx-sdb: Remove OPP override
2017-05-25 15:44:44 +02:00
arm64
arm64: uaccess: ensure extension of access_ok() addr
2017-05-25 15:44:45 +02:00
avr32
Merge branch 'akpm' (patches from Andrew)
2016-10-07 21:38:00 -07:00
blackfin
ptrace: Don't allow accessing an undumpable mm
2017-01-06 10:40:13 +01:00
c6x
c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
2017-03-31 10:31:46 +02:00
cris
cris: Only build flash rescue image if CONFIG_ETRAX_AXISFLASHMAP is selected
2017-01-12 11:39:24 +01:00
frv
Merge branch 'work.uaccess2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-11 23:38:39 -07:00
h8300
h8300/ptrace: Fix incorrect register transfer count
2017-03-31 10:31:46 +02:00
hexagon
nmi_backtrace: generate one-line reports for idle cpus
2016-10-07 18:46:30 -07:00
ia64
ptrace: Don't allow accessing an undumpable mm
2017-01-06 10:40:13 +01:00
m32r
mm: replace access_process_vm() write parameter with gup_flags
2016-10-19 08:31:25 -07:00
m68k
m68k: Fix ndelay() macro
2016-10-30 10:13:55 +01:00
metag
metag/uaccess: Check access_ok in strncpy_from_user
2017-05-25 15:44:46 +02:00
microblaze
Merge branch 'work.uaccess2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-11 23:38:39 -07:00
mips
MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
2017-05-14 14:00:20 +02:00
mn10300
Merge branch 'work.uaccess2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-10-11 23:38:39 -07:00
nios2
nios2: reserve boot memory for device tree
2017-04-12 12:41:14 +02:00
openrisc
openrisc: Define __ro_after_init to avoid crash
2016-11-06 08:01:12 -08:00
parisc
parisc: Fix get_user() for 64-bit value on 32-bit kernel
2017-04-21 09:31:23 +02:00
powerpc
powerpc/tm: Fix FP and VMX register corruption
2017-05-25 15:44:43 +02:00
s390
s390/cputime: fix incorrect system time
2017-05-25 15:44:35 +02:00
score
Merge branch 'gup_flag-cleanups'
2016-10-19 08:39:47 -07:00
sh
Minor changes to improve J2 support and match Kconfig expectations of
2016-10-19 11:21:06 -07:00
sparc
sparc64: fix fault handling in NGbzero.S and GENbzero.S
2017-05-14 14:00:20 +02:00
tile
tile/ptrace: Preserve previous registers for short regset write
2017-02-01 08:33:02 +01:00
um
nmi_backtrace: generate one-line reports for idle cpus
2016-10-07 18:46:30 -07:00
unicore32
unicore32: use simpler API for random address requests
2016-10-11 15:06:32 -07:00
x86
x86: fix 32-bit case of __get_user_asm_u64()
2017-05-25 15:44:34 +02:00
xtensa
xtensa: make __pa work with uncached KSEG addresses
2017-04-12 12:41:14 +02:00
.gitignore
Kconfig
This adds a new gcc plugin named "latent_entropy". It is designed to
2016-10-15 10:03:15 -07:00