projects / platform / kernel / linux-starfive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9123e3a)
ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info()
authorPeilin Ye <yepeilin.cs@gmail.com>
Sat, 1 Aug 2020 15:20:44 +0000 (11:20 -0400)
committerChristian Brauner <christian.brauner@ubuntu.com>
Tue, 18 Aug 2020 11:39:23 +0000 (13:39 +0200)
ptrace_get_syscall_info() is potentially copying uninitialized stack
memory to userspace, since the compiler may leave a 3-byte hole near the
beginning of `info`. Fix it by adding a padding field to `struct
ptrace_syscall_info`.

Fixes: 201766a20e30 ("ptrace: add PTRACE_GET_SYSCALL_INFO request")
Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com>
Reviewed-by: Dmitry V. Levin <ldv@altlinux.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20200801152044.230416-1-yepeilin.cs@gmail.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
include/uapi/linux/ptrace.h patch | blob | history

diff --git a/include/uapi/linux/ptrace.h b/include/uapi/linux/ptrace.h
index a71b6e3..83ee45f 100644 (file)
--- a/include/uapi/linux/ptrace.h
+++ b/include/uapi/linux/ptrace.h
@@ -81,7 +81,8 @@ struct seccomp_metadata {
 
 struct ptrace_syscall_info {
        __u8 op;        /* PTRACE_SYSCALL_INFO_* */
-       __u32 arch __attribute__((__aligned__(sizeof(__u32))));
+       __u8 pad[3];
+       __u32 arch;
        __u64 instruction_pointer;
        __u64 stack_pointer;
        union {
Domain: System / Kernel;