Commit 0d0138eb authored by Dan Rosenberg's avatar Dan Rosenberg Committed by Linus Torvalds
Browse files

xtensa: prevent arbitrary read in ptrace 



Prevent an arbitrary kernel read.  Check the user pointer with access_ok()
before copying data in.

[akpm@linux-foundation.org: s/EIO/EFAULT/]
Signed-off-by: default avatarDan Rosenberg <drosenberg@vsecurity.com>
Cc: Christian Zankel <chris@zankel.net>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: <stable@kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 67db392d

arch/xtensa/kernel/ptrace.c

+3 −0
Original line number Diff line number Diff line
@@ -147,6 +147,9 @@ int ptrace_setxregs(struct task_struct *child, void __user *uregs) 
	elf_xtregs_t *xtregs = uregs;

	int ret = 0;



	if (!access_ok(VERIFY_READ, uregs, sizeof(elf_xtregs_t)))

		return -EFAULT;



#if XTENSA_HAVE_COPROCESSORS

	/* Flush all coprocessors before we overwrite them. */

	coprocessor_flush_all(ti);

CRA Git | Maintained and supported by SUSTech CRA and CCSE