This is a note to let you know that I've just added the patch titled
ARM: 7411/1: audit: fix treatment of saved ip register during syscall
tracing
to the 3.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
arm-7411-1-audit-fix-treatment-of-saved-ip-register-during-syscall-tracing.patch
and it can be found in the queue-3.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 6a68b6f574c8ad2c1d90f0db8fd95b8abe8a0a73 Mon Sep 17 00:00:00 2001
From: Will Deacon <[email protected]>
Date: Fri, 4 May 2012 17:52:02 +0100
Subject: ARM: 7411/1: audit: fix treatment of saved ip register during syscall
tracing
From: Will Deacon <[email protected]>
commit 6a68b6f574c8ad2c1d90f0db8fd95b8abe8a0a73 upstream.
The ARM audit code incorrectly uses the saved application ip register
value to infer syscall entry or exit. Additionally, the saved value will
be clobbered if the current task is not being traced, which can lead to
libc corruption if ip is live (apparently glibc uses it for the TLS
pointer).
This patch fixes the syscall tracing code so that the why parameter is
used to infer the syscall direction and the saved ip is only updated if
we know that we will be signalling a ptrace trap.
Reported-and-Tested-by: Jon Masters <[email protected]>
Cc: Eric Paris <[email protected]>
Signed-off-by: Will Deacon <[email protected]>
Signed-off-by: Russell King <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/arm/kernel/ptrace.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
--- a/arch/arm/kernel/ptrace.c
+++ b/arch/arm/kernel/ptrace.c
@@ -915,14 +915,7 @@ asmlinkage int syscall_trace(int why, st
{
unsigned long ip;
- /*
- * Save IP. IP is used to denote syscall entry/exit:
- * IP = 0 -> entry, = 1 -> exit
- */
- ip = regs->ARM_ip;
- regs->ARM_ip = why;
-
- if (!ip)
+ if (why)
audit_syscall_exit(regs);
else
audit_syscall_entry(AUDIT_ARCH_NR, scno, regs->ARM_r0,
@@ -935,6 +928,13 @@ asmlinkage int syscall_trace(int why, st
current_thread_info()->syscall = scno;
+ /*
+ * IP is used to denote syscall entry/exit:
+ * IP = 0 -> entry, =1 -> exit
+ */
+ ip = regs->ARM_ip;
+ regs->ARM_ip = why;
+
/* the 0x80 provides a way for the tracing parent to distinguish
between a syscall stop and SIGTRAP delivery */
ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
Patches currently in stable-queue which might be from [email protected] are
queue-3.3/arm-7412-1-audit-use-only-audit_arch_arm-regardless-of-endianness.patch
queue-3.3/arm-7411-1-audit-fix-treatment-of-saved-ip-register-during-syscall-tracing.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
