From: Yang Yang <[email protected]> Userspace may use syscall with invalid syscall number by calling syscall(syscall_num,..). For example we found openSSH may use syscall with syscall number is -1 in some case. When that happens we better do a quick handle no need to gohead.
Signed-off-by: Yang Yang <[email protected]> Reported-by: Zeal Robot <[email protected]> --- v2: - fix compile error of arch/alpha, I have no alpha compile environment, so this fix - is done by code review. --- arch/alpha/include/uapi/asm/unistd.h | 1 + kernel/auditsc.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/alpha/include/uapi/asm/unistd.h b/arch/alpha/include/uapi/asm/unistd.h index 71fd5db06866..8115062216e4 100644 --- a/arch/alpha/include/uapi/asm/unistd.h +++ b/arch/alpha/include/uapi/asm/unistd.h @@ -13,5 +13,6 @@ #define __NR_getgid __NR_getxgid #include <asm/unistd_32.h> +#include <asm-generic/unistd.h> #endif /* _UAPI_ALPHA_UNISTD_H */ diff --git a/kernel/auditsc.c b/kernel/auditsc.c index ea2ee1181921..ea4915999e01 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2077,7 +2077,8 @@ void __audit_syscall_exit(int success, long return_code) struct audit_context *context = audit_context(); if (!context || context->dummy || - context->context != AUDIT_CTX_SYSCALL) + context->context != AUDIT_CTX_SYSCALL || + unlikely(context->major < 0 || context->major >= NR_syscalls)) goto out; /* this may generate CONFIG_CHANGE records */ -- 2.25.1 -- Linux-audit mailing list [email protected] https://listman.redhat.com/mailman/listinfo/linux-audit
