Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-09 14:43:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-stable/fs
History
Kees Cook 5883f57ca0 proc: protect mm start_code/end_code in /proc/pid/stat 
While mm->start_stack was protected from cross-uid viewing (commit
f83ce3e6b02d5 ("proc: avoid information leaks to non-privileged
processes")), the start_code and end_code values were not.  This would
allow the text location of a PIE binary to leak, defeating ASLR.

Note that the value "1" is used instead of "0" for a protected value since
"ps", "killall", and likely other readers of /proc/pid/stat, take
start_code of "0" to mean a kernel thread and will misbehave.  Thanks to
Brad Spengler for pointing this out.

Addresses CVE-2011-0726

Signed-off-by: Kees Cook <kees.cook@canonical.com>
Cc: <stable@kernel.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Eugene Teo <eugeneteo@kernel.sg>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-23 19:46:37 -07:00
..
9p
9p: use the updated offset given by generic_write_checks
2011-03-22 16:32:49 -05:00
adfs
fs/adfs/adfs.h: fix unsigned comparison
2011-03-23 19:46:09 -07:00
affs
fs: change to new flag variable
2011-03-17 14:02:57 +01:00
afs
afs: Fix oops in afs_unlink_writeback
2011-02-25 11:12:37 -08:00
autofs4
lose 'mounting_here' argument in ->d_manage()
2011-03-18 10:01:59 -04:00
befs
befs: don't pass huge structs by value
2011-01-13 08:03:15 -08:00
bfs
bfs: fix bitmap size argument to find_first_zero_bit()
2011-03-21 08:35:12 -04:00
btrfs
zlib: slim down zlib_deflate() workspace when possible
2011-03-22 17:44:17 -07:00
cachefiles
CacheFiles: Add calls to path-based security hooks
2011-01-24 10:49:45 +11:00
ceph
ceph: rename dentry_release -> d_release, fix comment
2011-03-21 12:24:26 -07:00
cifs
[CIFS] update cifs version
2011-02-21 22:31:47 +00:00
coda
codafs: fix compile warning when CONFIG_SYSCTL=n
2011-03-22 17:44:16 -07:00
configfs
configfs: change depends -> select SYSFS
2011-01-16 21:22:29 +00:00
cramfs
cramfs: generate unique inode number for better inode cache usage
2011-01-13 08:03:23 -08:00
debugfs
debugfs: Fix filesystem reference counting on debugfs_remove() failure
2011-02-18 08:07:18 -08:00
devpts
fs/devpts/inode.c: correctly check d_alloc_name() return code in devpts_pty_new()
2011-03-22 17:44:17 -07:00
dlm
dlm: use alloc_workqueue function
2011-03-10 13:22:34 -06:00
ecryptfs
eCryptfs: Copy up lower inode attrs in getattr
2011-02-21 14:46:36 -06:00
efs
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
exofs
exofs: i_nlink races in rename()
2011-03-03 01:28:17 -05:00
exportfs
vfs: Add open by file handle support
2011-03-15 02:21:44 -04:00
ext2
bitops: remove ext2 non-atomic bitops from asm/bitops.h
2011-03-23 19:46:21 -07:00
ext3
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs-2.6
2011-03-17 17:41:19 -07:00
ext4
ext4: use little-endian bitops
2011-03-23 19:46:17 -07:00
fat
exportfs: Return the minimum required handle size
2011-03-14 09:15:28 -04:00
freevxfs
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
fscache
FS-Cache: Fix operation handling
2011-01-14 09:23:36 -08:00
fuse
mm: add replace_page_cache_page() function
2011-03-22 17:44:02 -07:00
gfs2
Merge branch 'trivial' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild-2.6
2011-03-20 18:14:55 -07:00
hfs
hfs: fix rename() over non-empty directory
2011-03-03 01:28:40 -05:00
hfsplus
hfsplus: fix up a comparism in hfsplus_file_extend
2011-02-03 16:34:18 -07:00
hostfs
switch hostfs
2011-01-12 20:03:42 -05:00
hpfs
hpfs: remove the BKL
2011-03-02 22:27:36 +01:00
hppfs
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
hugetlbfs
mm: hugetlbfs: change remove_from_page_cache
2011-03-22 17:44:02 -07:00
isofs
exportfs: Return the minimum required handle size
2011-03-14 09:15:28 -04:00
jbd
jbd: Remove one to many n's in a word.
2011-02-28 21:55:58 +01:00
jbd2
jbd: Remove one to many n's in a word.
2011-02-28 21:55:58 +01:00
jffs2
zlib: slim down zlib_deflate() workspace when possible
2011-03-22 17:44:17 -07:00
jfs
Merge branch 'trivial' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild-2.6
2011-03-20 18:14:55 -07:00
lockd
NLM: Fix "kernel BUG at fs/lockd/host.c:417!" or ".../host.c:283!"
2011-01-25 15:24:47 -05:00
logfs
zlib: slim down zlib_deflate() workspace when possible
2011-03-22 17:44:17 -07:00
minix
bitops: remove minix bitops from asm/bitops.h
2011-03-23 19:46:22 -07:00
ncpfs
fs: change to new flag variable
2011-03-17 14:02:57 +01:00
nfs
nfs: lock() vs unlock() typo
2011-03-21 00:45:50 -04:00
nfs_common
NFS: Prevent memory allocation failure in nfsacl_encode()
2011-01-25 15:24:47 -05:00
nfsd
don't pass 'mounting_here' flag to follow_down()
2011-03-18 09:04:20 -04:00
nilfs2
nilfs2: use little-endian bitops
2011-03-23 19:46:18 -07:00
nls
notify
Remove one to many n's in a word
2011-03-01 15:47:58 +01:00
ntfs
fs: change to new flag variable
2011-03-17 14:02:57 +01:00
ocfs2
ocfs2: use little-endian bitops
2011-03-23 19:46:17 -07:00
omfs
omfs: make readdir stop when filldir says so
2011-03-05 16:24:12 -05:00
openpromfs
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
partitions
Increase OSF partition limit from 8 to 18
2011-03-16 08:04:07 -07:00
proc
proc: protect mm start_code/end_code in /proc/pid/stat
2011-03-23 19:46:37 -07:00
pstore
pstore: use mount option instead sysfs to tweak kmsg_bytes
2011-03-21 13:50:05 -07:00
qnx4
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
quota
quota: return -ENOMEM when memory allocation fails
2011-02-24 11:42:44 +01:00
ramfs
convert get_sb_nodev() users
2010-10-29 04:16:31 -04:00
reiserfs
Merge branch 'trivial' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild-2.6
2011-03-20 18:14:55 -07:00
romfs
fs: icache RCU free inodes
2011-01-07 17:50:26 +11:00
squashfs
squashfs: fix use of uninitialised variable in zlib & xz decompressors
2011-01-26 10:50:05 +10:00
sysfs
kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT
2011-01-20 17:02:05 -08:00
sysv
sysv: i_nlink races in rename()
2011-03-03 01:28:16 -05:00
ubifs
Merge branch 'linux-next' of git://git.infradead.org/ubifs-2.6
2011-03-18 10:50:27 -07:00
udf
udf: use little-endian bitops
2011-03-23 19:46:19 -07:00
ufs
ufs: use little-endian bitops
2011-03-23 19:46:19 -07:00
xfs
Merge branch 'for-linus' of git://oss.sgi.com/xfs/xfs
2011-03-21 14:24:56 -07:00
aio.c
aio: wake all waiters when destroying ctx
2011-03-22 17:44:17 -07:00
anon_inodes.c
sanitize vfsmount refcounting changes
2011-01-16 13:47:07 -05:00
attr.c
check ATTR_SIZE contraints in inode_change_ok
2010-08-09 16:47:39 -04:00
bad_inode.c
fs: provide rcu-walk aware permission i_ops
2011-01-07 17:50:29 +11:00
binfmt_aout.c
Don't dump task struct in a.out core-dumps
2010-10-14 10:57:40 -07:00
binfmt_elf_fdpic.c
binfmt_elf_fdpic: Fix clear_user() error handling
2010-06-01 08:11:06 -07:00
binfmt_elf.c
binfmt_elf: quiet GCC-4.6 'set but not used' warning in load_elf_binary()
2011-03-22 17:44:15 -07:00
binfmt_em86.c
binfmt_flat.c
flat: tweak default stack alignment
2010-06-29 15:29:31 -07:00
binfmt_misc.c
convert get_sb_single() users
2010-10-29 04:16:28 -04:00
binfmt_script.c
Make do_execve() take a const filename pointer
2010-08-17 18:07:43 -07:00
binfmt_som.c
bio-integrity.c
bio-integrity: mark kintegrityd_wq highpri and CPU intensive
2011-01-03 15:01:48 +01:00
bio.c
fs: use appropriate printk priority levels
2011-03-22 17:44:10 -07:00
block_dev.c
fs/block_dev.c: fix new kernel-doc warning
2011-02-28 18:08:31 -08:00
buffer.c
fs: Use this_cpu_inc_return in buffer.c
2010-12-17 15:18:05 +01:00
char_dev.c
Merge branch 'for-2.6.38/core' of git://git.kernel.dk/linux-2.6-block
2011-01-13 10:45:01 -08:00
compat_binfmt_elf.c
compat_ioctl.c
Merge branch 'tty-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6
2011-01-07 14:39:20 -08:00
compat.c
select: remove unused MAX_SELECT_SECONDS
2011-03-21 00:16:08 -04:00
dcache.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
2011-03-18 10:51:11 -07:00
dcookies.c
direct-io.c
Merge branch 'master' into for-next
2011-02-15 10:24:31 +01:00
drop_caches.c
simplify checks for I_CLEAR/I_FREEING
2010-08-09 16:47:44 -04:00
eventfd.c
Docbook: add fs/eventfd.c and fix typos in it
2011-02-21 15:07:04 -08:00
eventpoll.c
epoll: fix compiler warning and optimize the non-blocking path
2011-03-22 17:44:15 -07:00
exec.c
Small typo fix...
2011-03-21 00:16:09 -04:00
fcntl.c
New kind of open files - "location only".
2011-03-15 02:21:45 -04:00
fhandle.c
vfs: Add open by file handle support
2011-03-15 02:21:44 -04:00
fifo.c
Filesystem: fifo: Fixed coding style issue.
2011-03-21 00:16:09 -04:00
file_table.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
2011-03-16 13:26:17 -07:00
file.c
vfs: use kmalloc() to allocate fdmem if possible
2010-08-11 08:59:02 -07:00
filesystems.c
fs: rcu-walk for path lookup
2011-01-07 17:50:27 +11:00
fs_struct.c
sanitize vfsmount refcounting changes
2011-01-16 13:47:07 -05:00
fs-writeback.c
fs/fs-writeback.c: fix sync_inodes_sb() return value kernel-doc
2011-01-13 17:32:48 -08:00
generic_acl.c
fs: provide simple rcu-walk generic_check_acl implementation
2011-01-07 17:50:29 +11:00
inode.c
fs/inode: Fix kernel-doc format for inode_init_owner
2011-03-21 00:16:08 -04:00
internal.h
FS: lookup_mnt() is only used in the core fs routines now
2011-03-21 12:13:10 -04:00
ioctl.c
vfs: cleanup do_vfs_ioctl()
2011-03-21 00:16:08 -04:00
ioprio.c
ioprio: grab rcu_read_lock in sys_ioprio_{set,get}()
2010-11-15 10:23:31 +01:00
Kconfig
Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6
2011-03-16 19:01:29 -07:00
Kconfig.binfmt
coredump: default CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y
2010-10-27 18:03:12 -07:00
libfs.c
pass default dentry_operations to mount_pseudo()
2011-01-12 20:03:43 -05:00
locks.c
fs/locks.c: Remove stale FIXME left over from BKL conversion
2011-03-05 10:55:59 +01:00
Makefile
Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6
2011-03-16 19:01:29 -07:00
mbcache.c
ext2: Resolve 'dereferencing pointer to incomplete type' when enabling EXT2_XATTR_DEBUG
2011-01-10 19:04:08 +01:00
mpage.c
fs/mpage.c: consolidate code
2011-01-13 17:32:32 -08:00
namei.c
lose 'mounting_here' argument in ->d_manage()
2011-03-18 10:01:59 -04:00
namespace.c
fs: use appropriate printk priority levels
2011-03-22 17:44:10 -07:00
nfsctl.c
open-style analog of vfs_path_lookup()
2011-03-14 09:15:28 -04:00
no-block.c
llseek: automatically add .llseek fop
2010-10-15 15:53:27 +02:00
open.c
fs: Use BUG_ON(!mnt) at dentry_open().
2011-03-21 01:10:41 -04:00
pipe.c
Fix broken "pipe: use event aware wakeups" optimization
2011-01-20 16:21:59 -08:00
pnode.c
fs: scale mntget/mntput
2011-01-07 17:50:33 +11:00
pnode.h
posix_acl.c
NFS: Prevent memory allocation failure in nfsacl_encode()
2011-01-25 15:24:47 -05:00
read_write.c
fix signedness mess in rw_verify_area() on 64bit architectures
2011-01-12 20:06:58 -05:00
read_write.h
readdir.c
vfs: fix warning: 'dirent' is used uninitialized in this function
2010-08-09 20:45:05 -07:00
select.c
select: remove unused MAX_SELECT_SECONDS
2011-03-21 00:16:08 -04:00
seq_file.c
fs: take dcache_lock inside __d_path
2010-10-25 21:26:12 -04:00
signalfd.c
Merge branch 'hwpoison' of git://git.kernel.org/pub/scm/linux/kernel/git/ak/linux-mce-2.6
2010-10-26 10:13:10 -07:00
splice.c
Merge branch 'for-2.6.38/core' of git://git.kernel.dk/linux-2.6-block
2011-01-13 10:45:01 -08:00
stack.c
stat.c
readlinkat(), fchownat() and fstatat() with empty relative pathnames
2011-03-15 02:21:45 -04:00
statfs.c
clean statfs-like syscalls up
2011-03-14 09:15:28 -04:00
super.c
vfs: split off vfsmount-related parts of vfs_kern_mount()
2011-03-17 22:10:41 -04:00
sync.c
introduce sys_syncfs to sync a single file system
2011-03-21 00:40:29 -04:00
timerfd.c
llseek: automatically add .llseek fop
2010-10-15 15:53:27 +02:00
utimes.c
Mark arguments to certain syscalls as being const
2010-08-13 16:53:13 -07:00
xattr_acl.c
xattr.c
fs: xattr_handler table should be const
2010-05-21 18:31:18 -04:00