diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2020-11-17 23:23:34 +0300 | 
|---|---|---|
| committer | Borislav Petkov <bp@suse.de> | 2020-11-18 14:56:29 +0300 | 
| commit | 860aaabac8235cfde10fe556aa82abbbe3117888 (patch) | |
| tree | 1550e9572d7e46d9e527512cf005891a1f50dcf9 /lib/string_helpers.c | |
| parent | 1a371e67dc77125736cc56d3a0893f06b75855b6 (diff) | |
| download | linux-860aaabac8235cfde10fe556aa82abbbe3117888.tar.xz | |
x86/dumpstack: Do not try to access user space code of other tasks
sysrq-t ends up invoking show_opcodes() for each task which tries to access
the user space code of other processes, which is obviously bogus.
It either manages to dump where the foreign task's regs->ip points to in a
valid mapping of the current task or triggers a pagefault and prints "Code:
Bad RIP value.". Both is just wrong.
Add a safeguard in copy_code() and check whether the @regs pointer matches
currents pt_regs. If not, do not even try to access it.
While at it, add commentary why using copy_from_user_nmi() is safe in
copy_code() even if the function name suggests otherwise.
Reported-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Borislav Petkov <bp@suse.de>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Tested-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20201117202753.667274723@linutronix.de
Diffstat (limited to 'lib/string_helpers.c')
0 files changed, 0 insertions, 0 deletions
