Date:2010-04-28 23:42:32 (12 years 5 months ago)
Author:Wufei
Commit:56151e753468e34aeb322af4b0309ab727c97d2e
Message:kgdb: don't needlessly skip PAGE_USER test for Fsl booke

The bypassing of this test is a leftover from 2.4 vintage
kernels, and is no longer appropriate, or even used by KGDB.
Currently KGDB uses probe_kernel_write() for all access to
memory via the KGDB core, so it can simply be deleted.

This fixes CVE-2010-1446.

CC: Benjamin Herrenschmidt <benh@kernel.crashing.org>
CC: Paul Mackerras <paulus@samba.org>
CC: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Wufei <fei.wu@windriver.com>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Files: arch/powerpc/mm/fsl_booke_mmu.c (1 diff)

Change Details

arch/powerpc/mm/fsl_booke_mmu.c
155155    if (cur_cpu_spec->cpu_features & MMU_FTR_BIG_PHYS)
156156        TLBCAM[index].MAS7 = (u64)phys >> 32;
157157
158#ifndef CONFIG_KGDB /* want user access for breakpoints */
159158    if (flags & _PAGE_USER) {
160159       TLBCAM[index].MAS3 |= MAS3_UX | MAS3_UR;
161160       TLBCAM[index].MAS3 |= ((flags & _PAGE_RW) ? MAS3_UW : 0);
162161    }
163#else
164    TLBCAM[index].MAS3 |= MAS3_UX | MAS3_UR;
165    TLBCAM[index].MAS3 |= ((flags & _PAGE_RW) ? MAS3_UW : 0);
166#endif
167162
168163    tlbcam_addrs[index].start = virt;
169164    tlbcam_addrs[index].limit = virt + size - 1;

Archive Download the corresponding diff file



interactive