[Lucid][CVE-2013-6282][PATCH 0/1] ARM: 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_DOMAINS
Luis Henriques
luis.henriques at canonical.com
Tue Feb 11 13:42:50 UTC 2014
Following this email, I'm sending the backport of CVE-2013-6282 fix
for Lucid. And it looks scary!
I believe this patch could be simplified by removing some #ifdefs
from it, as CPU_HAS_DOMAINS doesn't exist in Lucid -- it has been
added in 2.6.38 with commit 247055a ("ARM: 6384/1: Remove the domain
switching on ARMv6k/v7 CPUs").
Other than that, its just ARM assembly. What could possibly go wrong?
Note that I've only build-tested it (for armel), as I don't have the
HW to boot it (I would say that a bad backport would break a simple
boot test).
Russell King (1):
ARM: 7527/1: uaccess: explicitly check __user pointer when
!CPU_USE_DOMAINS
arch/arm/include/asm/assembler.h | 8 ++++++++
arch/arm/include/asm/uaccess.h | 40 +++++++++++++++++++++++++++-------------
arch/arm/lib/getuser.S | 23 +++++++++++++++--------
arch/arm/lib/putuser.S | 6 ++++++
4 files changed, 56 insertions(+), 21 deletions(-)
--
1.8.3.2
More information about the kernel-team
mailing list