On Fri, 21 Nov 2008 23:00:06 +0100 Helge Deller <deller@xxxxxx> wrote: > Andrew Morton wrote: > > On Fri, 21 Nov 2008 15:16:50 +0100 > > Helge Deller <deller@xxxxxx> wrote: > > > >> Any user on existing parisc 32- and 64bit-kernels can easily crash > >> the kernel and as such enforce a DSO. > >> A simple testcase is available here: > >> http://gsyprf10.external.hp.com/~deller/crash.tgz > >> > >> The problem is introduced by the fact, that the handle_interruption() > >> crash handler calls the show_regs() function, which in turn tries > >> to unwind the stack by calling parisc_show_stack(). > >> Since the stack contains userspace addresses, a try to unwind > >> the stack is dangerous and useless and leads to the crash. > >> > >> The fix is trivial: For userspace processes > >> a) avoid to unwind the stack, and > >> b) avoid to resolve userspace addresses to kernel symbol names. > >> > >> While touching this code, I converted print_symbol() to %pS > >> printk formats and made parisc_show_stack() static. > >> > >> An initial patch for this was written by Kyle McMartin back in August: > >> http://marc.info/?l=linux-parisc&m=121805168830283&w=2 > >> > >> Compile and run-tested with a 64bit parisc kernel. > > > > Why has a fix for such a severe bug been floating around unmerged for > > such a long time? > > I've tried to push it upstream a few times... OK, well I'll merge it next week unless someone stops me. > >> Patches for -stable series will follow shortly. > > > > That shouldn't be needed - I'll cc stable on my copy and the stable > > maintainers should see that and pick it up. The patch applies cleanly > > all the way back to 2.6.25. > > Although it may apply to the older stable kernels, I'm currently not > sure if this will work then. > We added the fixes for PA for the '%pS' vsprintf format pretty late. > This is probably then a patch which needs backporting to stable as well > (if it didn't happened yet): > commit deac93df26b20cf8438339b5935b5f5643bc30c9 > Author: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > Date: Wed Sep 3 20:43:36 2008 -0500 > lib: Correct printk %pF to work on all architectures Oh, OK. I'll update the stable tag in the patch appropriately. > Alternatively, I could write a little more simple patch, which is what I > intended initially. I'd suggest that you send that patch to stable@xxxxxxxxxx in reply to this one when you see it get dropped from -mm. Unless someone stops me ;) -- To unsubscribe from this list: send the line "unsubscribe linux-parisc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
