FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-28 12:25:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8b4daad52f
linux/fs
History
Andy Lutomirski f56141e3e2 all arches, signal: move restart_block to struct task_struct 
If an attacker can cause a controlled kernel stack overflow, overwriting
the restart block is a very juicy exploit target.  This is because the
restart_block is held in the same memory allocation as the kernel stack.

Moving the restart block to struct task_struct prevents this exploit by
making the restart_block harder to locate.

Note that there are other fields in thread_info that are also easy
targets, at least on some architectures.

It's also a decent simplification, since the restart code is more or less
identical on all architectures.

[james.hogan@imgtec.com: metag: align thread_info::supervisor_stack]
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Richard Weinberger <richard@nod.at>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Steven Miao <realmz6@gmail.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 18:54:12 -08:00
..
9p mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub 2015-02-10 14:30:30 -08:00
adfs
affs
afs rxrpc: make the users of rxrpc_kernel_send_data() set kvec-backed msg_iter properly 2015-02-04 01:34:14 -05:00
autofs4
befs
bfs
btrfs page_writeback: put account_page_redirty() after set_page_dirty() 2015-02-11 17:06:04 -08:00
cachefiles
ceph Merge branch 'akpm' (patches from Andrew) 2015-02-10 16:45:56 -08:00
cifs Merge branch 'akpm' (patches from Andrew) 2015-02-10 16:45:56 -08:00
coda
configfs
cramfs
debugfs
devpts
dlm netlink: make nlmsg_end() and genlmsg_end() void 2015-01-18 01:03:45 -05:00
ecryptfs
efivarfs * Move efivarfs from the misc filesystem section to pseudo filesystem, 2015-01-29 19:16:40 +01:00
efs
exofs
exportfs
ext2
ext3 ext3: destroy sbi mutexes in put_super 2015-01-05 11:13:55 +01:00
ext4 Merge branch 'akpm' (patches from Andrew) 2015-02-10 16:45:56 -08:00
f2fs mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub 2015-02-10 14:30:30 -08:00
fat
freevxfs
fscache
fuse mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub 2015-02-10 14:30:30 -08:00
gfs2 list_lru: add helpers to isolate items 2015-02-12 18:54:10 -08:00
hfs
hfsplus
hostfs
hpfs
hppfs
hugetlbfs
isofs isofs: Fix bug in the way to check if the year is a leap year 2015-01-07 09:51:49 +01:00
jbd
jbd2
jffs2
jfs jfs: Deletion of an unnecessary check before the function call "unload_nls" 2015-02-02 15:02:34 -06:00
kernfs kernfs: Fix kernfs_name_compare 2015-01-09 15:51:08 -08:00
lockd Merge branch 'for-3.20' of git://linux-nfs.org/~bfields/linux 2015-02-12 10:39:41 -08:00
logfs
minix
ncpfs
nfs NFS client updates for Linux 3.20 2015-02-11 17:14:54 -08:00
nfs_common
nfsd nfsd: default NFSv4.2 to on 2015-02-09 14:58:50 -05:00
nilfs2 mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub 2015-02-10 14:30:30 -08:00
nls
notify fanotify: don't set FAN_ONDIR implicitly on a marks ignored mask 2015-02-10 14:30:28 -08:00
ntfs
ocfs2 Merge branch 'akpm' (patches from Andrew) 2015-02-10 16:45:56 -08:00
omfs
openpromfs
overlayfs
proc fs/proc/array.c: convert to use string_escape_str() 2015-02-12 18:54:12 -08:00
pstore pstore: Fix sprintf format specifier in pstore_dump() 2015-01-16 16:01:29 -08:00
qnx4
qnx6
quota Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs 2015-02-10 15:52:38 -08:00
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
ubifs mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub 2015-02-10 14:30:30 -08:00
udf udf: remove bool assignment to 0/1 2015-02-05 16:34:25 +01:00
ufs
xfs list_lru: add helpers to isolate items 2015-02-12 18:54:10 -08:00
aio.c aio: annotate aio_read_event_ring for sleep patterns 2015-02-03 19:29:05 -05:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c
binfmt_elf.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
binfmt_som.c
block_dev.c
buffer.c
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c
compat.c
coredump.c
dcache.c list_lru: add helpers to isolate items 2015-02-12 18:54:10 -08:00
dcookies.c
direct-io.c
drop_caches.c vmscan: per memory cgroup slab shrinkers 2015-02-12 18:54:09 -08:00
eventfd.c
eventpoll.c
exec.c
fcntl.c vfs: renumber FMODE_NONOTIFY and add to uniqueness check 2015-01-08 15:10:52 -08:00
fhandle.c
file_table.c
file.c
filesystems.c
fs_pin.c
fs_struct.c
fs-writeback.c
inode.c list_lru: add helpers to isolate items 2015-02-12 18:54:10 -08:00
internal.h list_lru: introduce list_lru_shrink_{count,walk} 2015-02-12 18:54:08 -08:00
ioctl.c fsioctl.c: make generic_block_fiemap() signal-tolerant 2015-02-10 14:30:30 -08:00
Kconfig fs: Make efivarfs a pseudo filesystem, built by default with EFI 2015-01-05 14:15:58 +00:00
Kconfig.binfmt
libfs.c
locks.c fs: add FL_LAYOUT lease type 2015-02-02 18:09:38 +01:00
Makefile
mbcache.c
mount.h
mpage.c
namei.c
namespace.c
no-block.c
nsfs.c
open.c
pipe.c
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c locks: convert posix locks to file_lock_context 2015-01-16 16:08:16 -05:00
readdir.c
select.c all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
seq_file.c
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c fs: shrinker: always scan at least one object of each type 2015-02-12 18:54:09 -08:00
sync.c
timerfd.c
utimes.c
xattr.c