linux

History

Kees Cook 5905429ad8 fork: Provide usercopy whitelisting for task_struct While the blocked and saved_sigmask fields of task_struct are copied to userspace (via sigmask_to_save() and setup_rt_frame()), it is always copied with a static length (i.e. sizeof(sigset_t)). The only portion of task_struct that is potentially dynamically sized and may be copied to userspace is in the architecture-specific thread_struct at the end of task_struct. cache object allocation: kernel/fork.c: alloc_task_struct_node(...): return kmem_cache_alloc_node(task_struct_cachep, ...); dup_task_struct(...): ... tsk = alloc_task_struct_node(node); copy_process(...): ... dup_task_struct(...) _do_fork(...): ... copy_process(...) example usage trace: arch/x86/kernel/fpu/signal.c: __fpu__restore_sig(...): ... struct task_struct tsk = current; struct fpu fpu = &tsk->thread.fpu; ... __copy_from_user(&fpu->state.xsave, ..., state_size); fpu__restore_sig(...): ... return __fpu__restore_sig(...); arch/x86/kernel/signal.c: restore_sigcontext(...): ... fpu__restore_sig(...) This introduces arch_thread_struct_whitelist() to let an architecture declare specifically where the whitelist should be within thread_struct. If undefined, the entire thread_struct field is left whitelisted. Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Nicholas Piggin <npiggin@gmail.com> Cc: Laura Abbott <labbott@redhat.com> Cc: "Mickaël Salaün" <mic@digikod.net> Cc: Ingo Molnar <mingo@kernel.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Andy Lutomirski <luto@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Rik van Riel <riel@redhat.com>		2018-01-15 12:08:04 -08:00
..
alpha	treewide: setup_timer() -> timer_setup()	2017-11-21 15:57:07 -08:00
arc	ARC updates for 4.15-rc1	2017-11-25 08:21:54 -10:00
arm	Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm	2017-12-03 10:51:08 -05:00
arm64	arm64 fixes:	2017-12-01 19:37:03 -05:00
blackfin	treewide: setup_timer() -> timer_setup()	2017-11-21 15:57:07 -08:00
c6x	Kbuild updates for v4.15	2017-11-17 17:45:29 -08:00
cris	pci-v4.15-changes	2017-11-15 15:01:28 -08:00
frv	Kbuild updates for v4.15	2017-11-17 17:45:29 -08:00
h8300	mm, arch: remove empty_bad_page*	2017-11-15 18:21:03 -08:00
hexagon	Kbuild updates for v4.15	2017-11-17 17:45:29 -08:00
ia64	arch/ia64/include/asm/topology.h: remove unused parent_node() macro	2017-11-17 16:10:04 -08:00
m32r	m32r: fix endianness constraints	2017-11-15 18:21:00 -08:00
m68k	m68k/macboing: Fix missed timer callback assignment	2017-11-24 16:19:40 +01:00
metag	DeviceTree for 4.15:	2017-11-14 18:25:40 -08:00
microblaze	Microblaze patch for 4.15-rc2	2017-11-29 14:19:22 -08:00
mips	* x86 bugfixes: APIC, nested virtualization, IOAPIC	2017-11-30 08:15:19 -08:00
mn10300	bug: define the "cut here" string in a single place	2017-11-17 16:10:01 -08:00
nios2	DeviceTree for 4.15:	2017-11-14 18:25:40 -08:00
openrisc	kmemcheck: remove annotations	2017-11-15 18:21:04 -08:00
parisc	treewide: Switch DEFINE_TIMER callbacks to struct timer_list *	2017-11-21 15:57:05 -08:00
powerpc	powerpc fixes for 4.15 #3	2017-12-01 08:40:17 -05:00
riscv	RISC-V: Fixes for clean allmodconfig build	2017-12-01 13:31:31 -08:00
s390	* x86 bugfixes: APIC, nested virtualization, IOAPIC	2017-11-30 08:15:19 -08:00
score	License cleanup: add SPDX license identifier to uapi header files with no license	2017-11-02 11:19:54 +01:00
sh	treewide: setup_timer() -> timer_setup()	2017-11-21 15:57:07 -08:00
sparc	Merge branch 'akpm' (patches from Andrew)	2017-11-29 19:12:44 -08:00
tile	mm: switch to 'define pmd_write' instead of __HAVE_ARCH_PMD_WRITE	2017-11-29 18:40:42 -08:00
um	This pull request contains the following core changes:	2017-11-22 20:46:06 -10:00
unicore32	kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK	2017-11-15 18:21:04 -08:00
x86	* x86 bugfixes: APIC, nested virtualization, IOAPIC	2017-11-30 08:15:19 -08:00
xtensa	libnvdimm for 4.15	2017-11-17 09:51:57 -08:00
.gitignore	…
Kconfig	fork: Provide usercopy whitelisting for task_struct	2018-01-15 12:08:04 -08:00