evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/arch
History
Jann Horn 5c16a16fcf sys: don't hold uts_sem while accessing userspace memory 
commit 42a0cc3478584d4d63f68f2f5af021ddbea771fa upstream.

Holding uts_sem as a writer while accessing userspace memory allows a
namespace admin to stall all processes that attempt to take uts_sem.
Instead, move data through stack buffers and don't access userspace memory
while uts_sem is held.

Cc: stable@vger.kernel.org
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-09-09 20:04:35 +02:00
..
alpha sys: don't hold uts_sem while accessing userspace memory 2018-09-09 20:04:35 +02:00
arc arc: fix type warnings in arc/mm/cache.c 2018-09-05 09:18:36 +02:00
arm ARM: tegra: Fix Tegra30 Cardhu PCA954x reset 2018-09-09 20:04:34 +02:00
arm64 arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() 2018-09-05 09:18:38 +02:00
avr32
blackfin
c6x
cris
frv futex: Remove duplicated code and fix undefined behaviour 2018-05-26 08:48:50 +02:00
h8300
hexagon futex: Remove duplicated code and fix undefined behaviour 2018-05-26 08:48:50 +02:00
ia64 futex: Remove duplicated code and fix undefined behaviour 2018-05-26 08:48:50 +02:00
m32r
m68k m68k: fix "bad page state" oops on ColdFire boot 2018-08-24 13:26:57 +02:00
metag
microblaze microblaze: Fix simpleImage format generation 2018-08-06 16:24:39 +02:00
mips MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 2018-09-05 09:18:40 +02:00
mn10300 mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy 2018-02-16 20:09:47 +01:00
nios2
openrisc signal/openrisc: Fix do_unaligned_access to send the proper signal 2018-02-16 20:09:46 +01:00
parisc parisc: Remove unnecessary barriers from spinlock.h 2018-08-24 13:27:01 +02:00
powerpc powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. 2018-09-09 20:04:32 +02:00
s390 s390/pci: fix out of bounds access during irq setup 2018-09-05 09:18:40 +02:00
score
sh sh: New gcc support 2018-06-06 16:46:20 +02:00
sparc sys: don't hold uts_sem while accessing userspace memory 2018-09-09 20:04:35 +02:00
tile futex: Remove duplicated code and fix undefined behaviour 2018-05-26 08:48:50 +02:00
um um: Use POSIX ucontext_t instead of struct ucontext 2018-04-24 09:32:08 +02:00
unicore32
x86 x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call 2018-09-09 20:04:33 +02:00
xtensa signal/xtensa: Consistenly use SIGBUS in do_unaligned_user 2018-07-03 11:21:26 +02:00
.gitignore
Kconfig