This is a note to let you know that I've just added the patch titled ARM: 7913/1: fix framepointer check in unwind_frame to the 3.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: arm-7913-1-fix-framepointer-check-in-unwind_frame.patch and it can be found in the queue-3.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 3abb6671a9c04479c4bd026798a05f857393b7e2 Mon Sep 17 00:00:00 2001 From: Konstantin Khlebnikov <k.khlebnikov@xxxxxxxxxxx> Date: Thu, 5 Dec 2013 14:23:48 +0100 Subject: ARM: 7913/1: fix framepointer check in unwind_frame From: Konstantin Khlebnikov <k.khlebnikov@xxxxxxxxxxx> commit 3abb6671a9c04479c4bd026798a05f857393b7e2 upstream. This patch fixes corner case when (fp + 4) overflows unsigned long, for example: fp = 0xFFFFFFFF -> fp + 4 == 3. Signed-off-by: Konstantin Khlebnikov <k.khlebnikov@xxxxxxxxxxx> Signed-off-by: Russell King <rmk+kernel@xxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- arch/arm/kernel/stacktrace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/arm/kernel/stacktrace.c +++ b/arch/arm/kernel/stacktrace.c @@ -31,7 +31,7 @@ int notrace unwind_frame(struct stackfra high = ALIGN(low, THREAD_SIZE); /* check current frame pointer is within bounds */ - if (fp < (low + 12) || fp + 4 >= high) + if (fp < low + 12 || fp > high - 4) return -EINVAL; /* restore the registers from the stack frame */ Patches currently in stable-queue which might be from k.khlebnikov@xxxxxxxxxxx are queue-3.4/arm-7913-1-fix-framepointer-check-in-unwind_frame.patch queue-3.4/arm-7912-1-check-stack-pointer-in-get_wchan.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html