UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/arch/s390/kernel
History
Brian Foster 13cccafe0e s390: fix double free of GS and RI CBs on fork() failure 
The pointers for guarded storage and runtime instrumentation control
blocks are stored in the thread_struct of the associated task. These
pointers are initially copied on fork() via arch_dup_task_struct()
and then cleared via copy_thread() before fork() returns. If fork()
happens to fail after the initial task dup and before copy_thread(),
the newly allocated task and associated thread_struct memory are
freed via free_task() -> arch_release_task_struct(). This results in
a double free of the guarded storage and runtime info structs
because the fields in the failed task still refer to memory
associated with the source task.

This problem can manifest as a BUG_ON() in set_freepointer() (with
CONFIG_SLAB_FREELIST_HARDENED enabled) or KASAN splat (if enabled)
when running trinity syscall fuzz tests on s390x. To avoid this
problem, clear the associated pointer fields in
arch_dup_task_struct() immediately after the new task is copied.
Note that the RI flag is still cleared in copy_thread() because it
resides in thread stack memory and that is where stack info is
copied.

Signed-off-by: Brian Foster <bfoster@redhat.com>
Fixes: 8d9047f8b9 ("s390/runtime instrumentation: simplify task exit handling")
Fixes: 7b83c6297d ("s390/guarded storage: simplify task exit handling")
Cc: <stable@vger.kernel.org> # 4.15
Reviewed-by: Gerald Schaefer <gerald.schaefer@linux.ibm.com>
Reviewed-by: Heiko Carstens <hca@linux.ibm.com>
Link: https://lore.kernel.org/r/20220816155407.537372-1-bfoster@redhat.com
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
 		2022-08-25 15:12:32 +02:00
..
syscalls arch: syscalls: simplify uapi/kapi directory creation 2022-03-31 12:03:46 +09:00
vdso32 s390/vdso: remove -nostdlib compiler flag 2021-11-16 12:29:19 +01:00
vdso64 s390/vdso: filter out -mstack-guard and -mstack-size 2021-11-16 12:29:19 +01:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
Makefile Revert "s390/smp: rework absolute lowcore access" 2022-08-06 09:24:07 +02:00
alternative.c s390/alternatives: remove padding generation code 2022-05-17 15:16:28 +02:00
asm-offsets.c s390/stack: add union to reflect kvm stack slot usages 2022-06-01 12:03:17 +02:00
audit.c audit: add support for the openat2 syscall 2021-10-01 16:52:48 -04:00
audit.h
cache.c s390: raise minimum supported machine generation to z10 2022-03-10 15:58:17 +01:00
compat_audit.c audit: add support for the openat2 syscall 2021-10-01 16:52:48 -04:00
compat_linux.c s390: use generic UID16 implementation 2019-01-18 09:33:18 +01:00
compat_linux.h s390/compat: cleanup compat_linux.h header file 2022-05-06 20:45:16 +02:00
compat_ptrace.h
compat_signal.c s390/signal: fix typo in comments 2022-03-08 00:33:01 +01:00
cpcmd.c s390/cpcmd: use physical address for command and response 2021-10-26 15:21:28 +02:00
cpufeature.c s390/uvdevice: autoload module based on CPU facility 2022-07-19 16:18:49 +02:00
crash_dump.c s390/crash: support multi-segment iterators 2022-07-20 17:21:41 +02:00
debug.c s390/sclp: add tracing of SCLP interactions 2021-08-25 11:03:35 +02:00
diag.c s390/extable: move EX_TABLE define to asm-extable.h 2022-03-08 00:33:00 +01:00
dis.c s390/disassembler: update opcode table 2021-12-16 19:58:07 +01:00
dumpstack.c exit: Add and use make_task_dead. 2021-12-13 12:04:45 -06:00
early.c s390: simplify early program check handler 2022-05-25 11:46:02 +02:00
early_printk.c s390/sclp: remove unused sclp_early_printk_forced 2020-09-21 08:08:44 +02:00
earlypgm.S s390: generate register offsets into pt_regs automatically 2022-05-25 11:46:02 +02:00
ebcdic.c s390: ebcdic: convert comments to UTF-8 2018-08-23 18:48:43 -07:00
entry.S s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag 2022-06-01 12:03:16 +02:00
entry.h s390: simplify early program check handler 2022-05-25 11:46:02 +02:00
fpu.c s390: convert to generic entry 2021-01-19 12:29:26 +01:00
ftrace.c ftrace: Remove return value of ftrace_arch_modify_*() 2022-05-26 21:13:00 -04:00
ftrace.h s390: raise minimum supported machine generation to z10 2022-03-10 15:58:17 +01:00
guarded_storage.c
head64.S s390: remove invalid email address of Heiko Carstens 2022-02-06 23:31:29 +01:00
idle.c s390/time,idle: get rid of unsigned long long 2021-03-08 10:46:27 +01:00
ima_arch.c s390/kexec_file: Disable kexec_load when IPLed secure 2019-04-29 10:44:03 +02:00
ipl.c Revert "s390/smp: rework absolute lowcore access" 2022-08-06 09:24:07 +02:00
ipl_vmparm.c s390/cio: remove unused include linux/spinlock.h from cio.h 2021-07-27 09:39:13 +02:00
irq.c s390/irq: utilize RCU instead of irq_lock_sparse() in show_msi_interrupt() 2022-04-27 12:53:34 +02:00
jump_label.c jump_label: make initial NOP patching the special case 2022-06-24 09:48:55 +02:00
kdebugfs.c s390: no need to check return value of debugfs_create functions 2019-01-28 15:58:55 +01:00
kexec_elf.c kexec: Fix file verification on S390 2019-09-10 13:27:51 +01:00
kexec_image.c kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE 2019-08-19 21:54:15 -07:00
kprobes.c s390/kprobes: enable kretprobes framepointer verification 2022-03-27 22:18:39 +02:00
kprobes_insn_page.S s390/kprobes: move insn_page to text segment 2020-10-09 23:45:30 +02:00
lgr.c s390/lgr: use simple assignment instead of memcpy 2022-02-06 23:31:29 +01:00
machine_kexec.c Revert "s390/smp: rework absolute lowcore access" 2022-08-06 09:24:07 +02:00
machine_kexec_file.c kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification 2022-07-15 12:21:16 -04:00
machine_kexec_reloc.c s390/kaslr: add support for R_390_JMP_SLOT relocation type 2020-05-20 10:13:27 +02:00
mcount.S s390/kprobes: Avoid additional kprobe in kretprobe handling 2022-03-10 15:58:17 +01:00
module.c jump_label: mips: move module NOP patching into arch code 2022-06-24 09:48:55 +02:00
nmi.c s390/nmi: use irqentry_nmi_enter()/irqentry_nmi_exit() 2022-07-28 18:05:24 +02:00
nospec-branch.c s390: raise minimum supported machine generation to z10 2022-03-10 15:58:17 +01:00
nospec-sysfs.c s390: introduce nospec_uses_trampoline() 2021-10-26 15:21:29 +02:00
numa.c drivers/base/node: consolidate node device subsystem initialization in node_dev_init() 2022-03-22 15:57:10 -07:00
os_info.c Revert "s390/smp: rework absolute lowcore access" 2022-08-06 09:24:07 +02:00
perf_cpum_cf.c s390/cpumf: Handle events cycles and instructions identical 2022-06-23 17:23:59 +02:00
perf_cpum_cf_common.c s390/cpumf: Support for CPU Measurement Facility CSVN 7 2022-01-17 14:13:08 +01:00
perf_cpum_cf_events.c s390/cpumf: add new extended counter set for IBM z16 2022-05-16 10:58:33 +02:00
perf_cpum_sf.c s390/cpumf: Support for CPU Measurement Sampling Facility LS bit 2022-01-17 14:13:08 +01:00
perf_event.c s390/stack: add union to reflect kvm stack slot usages 2022-06-01 12:03:17 +02:00
perf_pai_crypto.c s390/pai: Fix multiple concurrent event installation 2022-06-23 17:24:00 +02:00
perf_regs.c perf/arch: Remove perf_sample_data::regs_user_copy 2020-11-09 18:12:34 +01:00
process.c s390: fix double free of GS and RI CBs on fork() failure 2022-08-25 15:12:32 +02:00
processor.c s390/cpufeature: rework to allow more than only hwcap bits 2022-07-19 16:18:49 +02:00
ptrace.c ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
reipl.S s390: add missing ENDPROC statements to assembler functions 2019-05-02 13:54:11 +02:00
relocate_kernel.S s390/kexec: set end-of-ipl flag in last diag308 call 2022-04-25 13:54:12 +02:00
runtime_instr.c s390/runtime_instrumentation: fix storage key handling 2020-08-17 13:17:10 +02:00
setup.c s390 updates for 5.20 merge window 2022-08-06 17:05:21 -07:00
signal.c ptrace: Cleanups for v5.18 2022-03-28 17:29:53 -07:00
smp.c Revert "s390/smp: rework absolute lowcore access" 2022-08-06 09:24:07 +02:00
stacktrace.c s390: remove invalid email address of Heiko Carstens 2022-02-06 23:31:29 +01:00
sthyi.c s390/sthyi: use register pair instead of register asm 2021-06-18 16:41:22 +02:00
syscall.c s390: add support for BEAR enhancement facility 2021-10-26 15:21:29 +02:00
sysinfo.c s390/extable: move EX_TABLE define to asm-extable.h 2022-03-08 00:33:00 +01:00
text_amode31.S s390/extable: move EX_TABLE define to asm-extable.h 2022-03-08 00:33:00 +01:00
time.c s390/stp: clock_delta should be signed 2022-05-11 14:40:57 +02:00
topology.c s390: remove invalid email address of Heiko Carstens 2022-02-06 23:31:29 +01:00
trace.c s390/ftrace: fix potential crashes when switching tracers 2020-04-22 16:20:55 +02:00
traps.c s390/traps: improve panic message for translation-specification exception 2022-03-27 22:18:38 +02:00
unwind_bc.c s390/unwind: avoid duplicated unwinding entries for kretprobes 2022-03-27 22:18:39 +02:00
uprobes.c s390: raise minimum supported machine generation to z10 2022-03-10 15:58:17 +01:00
uv.c KVM: s390: pv: add export before import 2022-07-13 14:42:11 +00:00
vdso.c s390/vdso: add vdso randomization 2022-04-25 13:54:15 +02:00
vmlinux.lds.S s390: remove .fixup section 2022-03-08 00:33:01 +01:00
vtime.c s390: assume stckf is always present 2022-03-10 15:58:17 +01:00