summaryrefslogtreecommitdiffstats
path: root/arch/um/sys-x86_64
diff options
context:
space:
mode:
authorBodo Stroesser <bstroesser@fujitsu-siemens.com>2006-03-27 01:14:34 -0800
committerLinus Torvalds <torvalds@g5.osdl.org>2006-03-27 08:44:38 -0800
commit81efcd3300754462537ffac60336158b2f773b4e (patch)
treef957ccb8cacabcecf5cfd67c1feda5b1908cac0c /arch/um/sys-x86_64
parentf206aabb035318ac4bafbf0b87798335de3634df (diff)
downloadop-kernel-dev-81efcd3300754462537ffac60336158b2f773b4e.zip
op-kernel-dev-81efcd3300754462537ffac60336158b2f773b4e.tar.gz
[PATCH] uml: more carefully test whether we are in a system call
For security reasons, UML in is_syscall() needs to have access to code in vsyscall-page. The current implementation grants this access by explicitly allowing access to vsyscall in access_ok_skas(). With this change, copy_from_user() may be used to read the code. Ptrace access to vsyscall-page for debugging already was implemented in get_user_pages() by mainline. In i386, copy_from_user can't access vsyscall-page, but returns EFAULT. To make UML behave as i386 does, I changed is_syscall to use access_process_vm(current) to read the code from vsyscall-page. This doesn't hurt security, but simplifies the code and prepares implementation of stub-vmas. Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com> Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'arch/um/sys-x86_64')
-rw-r--r--arch/um/sys-x86_64/ptrace.c22
1 files changed, 21 insertions, 1 deletions
diff --git a/arch/um/sys-x86_64/ptrace.c b/arch/um/sys-x86_64/ptrace.c
index 74eee5c..147bbf0 100644
--- a/arch/um/sys-x86_64/ptrace.c
+++ b/arch/um/sys-x86_64/ptrace.c
@@ -8,6 +8,7 @@
#include <asm/ptrace.h>
#include <linux/sched.h>
#include <linux/errno.h>
+#include <linux/mm.h>
#include <asm/uaccess.h>
#include <asm/elf.h>
@@ -136,9 +137,28 @@ void arch_switch(void)
*/
}
+/* XXX Mostly copied from sys-i386 */
int is_syscall(unsigned long addr)
{
- panic("is_syscall");
+ unsigned short instr;
+ int n;
+
+ n = copy_from_user(&instr, (void __user *) addr, sizeof(instr));
+ if(n){
+ /* access_process_vm() grants access to vsyscall and stub,
+ * while copy_from_user doesn't. Maybe access_process_vm is
+ * slow, but that doesn't matter, since it will be called only
+ * in case of singlestepping, if copy_from_user failed.
+ */
+ n = access_process_vm(current, addr, &instr, sizeof(instr), 0);
+ if(n != sizeof(instr)) {
+ printk("is_syscall : failed to read instruction from "
+ "0x%lx\n", addr);
+ return(1);
+ }
+ }
+ /* sysenter */
+ return(instr == 0x050f);
}
int dump_fpu(struct pt_regs *regs, elf_fpregset_t *fpu )
OpenPOWER on IntegriCloud