Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge tag 'usercopy-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardened usercopy updates from Kees Cook:
 "A couple hardened usercopy changes:

   - drop now unneeded is_vmalloc_or_module() check (Laura Abbott)

   - use enum instead of literals for stack frame API (Sahara)"

* tag 'usercopy-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  mm/usercopy: Drop extra is_vmalloc_or_module() check
  usercopy: Move enum for arch_within_stack_frames()
Linus Torvalds 8 years ago
parent
2575be8ad3 517e1fbeb6
commit
5958cc49ed
3 changed files with 20 additions and 24 deletions
Split View Show Diff Stats
  1. 7 6
      arch/x86/include/asm/thread_info.h
  2. 12 0
      include/linux/thread_info.h
  3. 1 18
      mm/usercopy.c

+ 7 - 6
arch/x86/include/asm/thread_info.h
View File 

@@ -170,9 +170,9 @@ static inline unsigned long current_stack_pointer(void)
 
  * entirely contained by a single stack frame.
 
  *
 
  * Returns:
 
- *		 1 if within a frame
 
- *		-1 if placed across a frame boundary (or outside stack)
 
- *		 0 unable to determine (no frame pointers, etc)
 
+ *	GOOD_FRAME	if within a frame
 
+ *	BAD_STACK	if placed across a frame boundary (or outside stack)
 
+ *	NOT_STACK	unable to determine (no frame pointers, etc)
 
  */
 
 static inline int arch_within_stack_frames(const void * const stack,
 
 					   const void * const stackend,
 
@@ -199,13 +199,14 @@ static inline int arch_within_stack_frames(const void * const stack,
 
 		 * the copy as invalid.
 
 		 */
 
 		if (obj + len <= frame)
 
-			return obj >= oldframe + 2 * sizeof(void *) ? 1 : -1;
 
+			return obj >= oldframe + 2 * sizeof(void *) ?
 
+				GOOD_FRAME : BAD_STACK;
 
 		oldframe = frame;
 
 		frame = *(const void * const *)frame;
 
 	}
 
-	return -1;
 
+	return BAD_STACK;
 
 #else
 
-	return 0;
 
+	return NOT_STACK;
 
 #endif
 
 }

+ 12 - 0
include/linux/thread_info.h
View File 

@@ -22,6 +22,18 @@
 
 #endif
 
 
 #include <linux/bitops.h>
 
+
 
+/*
 
+ * For per-arch arch_within_stack_frames() implementations, defined in
 
+ * asm/thread_info.h.
 
+ */
 
+enum {
 
+	BAD_STACK = -1,
 
+	NOT_STACK = 0,
 
+	GOOD_FRAME,
 
+	GOOD_STACK,
 
+};
 
+
 
 #include <asm/thread_info.h>
 
 
 #ifdef __KERNEL__

+ 1 - 18
mm/usercopy.c
View File 

@@ -19,15 +19,9 @@
 
 #include <linux/sched.h>
 
 #include <linux/sched/task.h>
 
 #include <linux/sched/task_stack.h>
 
+#include <linux/thread_info.h>
 
 #include <asm/sections.h>
 
 
-enum {
 
-	BAD_STACK = -1,
 
-	NOT_STACK = 0,
 
-	GOOD_FRAME,
 
-	GOOD_STACK,
 
-};
 
-
 
 /*
 
  * Checks if a given pointer and length is contained by the current
 
  * stack frame (if possible).
 
@@ -206,17 +200,6 @@ static inline const char *check_heap_object(const void *ptr, unsigned long n,
 
 {
 
 	struct page *page;
 
 
-	/*
 
-	 * Some architectures (arm64) return true for virt_addr_valid() on
 
-	 * vmalloced addresses. Work around this by checking for vmalloc
 
-	 * first.
 
-	 *
 
-	 * We also need to check for module addresses explicitly since we
 
-	 * may copy static data from modules to userspace
 
-	 */
 
-	if (is_vmalloc_or_module_addr(ptr))
 
-		return NULL;
 
-
 
 	if (!virt_addr_valid(ptr))
 
 		return NULL;